A Backdoor Approach With Inverted Labels Using Dirty Label-Flipping Attacks
Audio-based machine learning systems frequently use public or third-party data, which might be inaccurate. This exposes deep neural network (DNN) models trained on such data to potential data poisoning attacks. In this type of assault, attackers can train the DNN model using poisoned data, potential...
Saved in:
| Main Author: | |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2025-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/10483076/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849317686323970048 |
|---|---|
| author | Orson Mengara |
| author_facet | Orson Mengara |
| author_sort | Orson Mengara |
| collection | DOAJ |
| description | Audio-based machine learning systems frequently use public or third-party data, which might be inaccurate. This exposes deep neural network (DNN) models trained on such data to potential data poisoning attacks. In this type of assault, attackers can train the DNN model using poisoned data, potentially degrading its performance. Another type of data poisoning attack that is extremely relevant to our investigation is label flipping, in which the attacker manipulates the labels for a subset of data. It has been demonstrated that these assaults may drastically reduce system performance, even for attackers with minimal abilities. In this study, we propose a backdoor attack named “DirtyFlipping”, which uses dirty label techniques, ‘label-on-label‘, to input triggers (clapping) in the selected data patterns associated with the target class, thereby enabling a stealthy backdoor. |
| format | Article |
| id | doaj-art-c370d42a212945c68356c1f9e586c195 |
| institution | Kabale University |
| issn | 2169-3536 |
| language | English |
| publishDate | 2025-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj-art-c370d42a212945c68356c1f9e586c1952025-08-20T03:51:08ZengIEEEIEEE Access2169-35362025-01-011312422512423310.1109/ACCESS.2024.338283910483076A Backdoor Approach With Inverted Labels Using Dirty Label-Flipping AttacksOrson Mengara0https://orcid.org/0009-0009-4022-3499INRS-EMT, University of Quebec, Montreal, QC, CanadaAudio-based machine learning systems frequently use public or third-party data, which might be inaccurate. This exposes deep neural network (DNN) models trained on such data to potential data poisoning attacks. In this type of assault, attackers can train the DNN model using poisoned data, potentially degrading its performance. Another type of data poisoning attack that is extremely relevant to our investigation is label flipping, in which the attacker manipulates the labels for a subset of data. It has been demonstrated that these assaults may drastically reduce system performance, even for attackers with minimal abilities. In this study, we propose a backdoor attack named “DirtyFlipping”, which uses dirty label techniques, ‘label-on-label‘, to input triggers (clapping) in the selected data patterns associated with the target class, thereby enabling a stealthy backdoor.https://ieeexplore.ieee.org/document/10483076/Poisoning attacksbackdoor attacksadversarial machine learning |
| spellingShingle | Orson Mengara A Backdoor Approach With Inverted Labels Using Dirty Label-Flipping Attacks IEEE Access Poisoning attacks backdoor attacks adversarial machine learning |
| title | A Backdoor Approach With Inverted Labels Using Dirty Label-Flipping Attacks |
| title_full | A Backdoor Approach With Inverted Labels Using Dirty Label-Flipping Attacks |
| title_fullStr | A Backdoor Approach With Inverted Labels Using Dirty Label-Flipping Attacks |
| title_full_unstemmed | A Backdoor Approach With Inverted Labels Using Dirty Label-Flipping Attacks |
| title_short | A Backdoor Approach With Inverted Labels Using Dirty Label-Flipping Attacks |
| title_sort | backdoor approach with inverted labels using dirty label flipping attacks |
| topic | Poisoning attacks backdoor attacks adversarial machine learning |
| url | https://ieeexplore.ieee.org/document/10483076/ |
| work_keys_str_mv | AT orsonmengara abackdoorapproachwithinvertedlabelsusingdirtylabelflippingattacks AT orsonmengara backdoorapproachwithinvertedlabelsusingdirtylabelflippingattacks |