Attack Transferability Against Information-Theoretic Feature Selection
| dc.contributor.author | Gupta, S. | |
| dc.contributor.author | Golota, R. | |
| dc.contributor.author | Ditzler, G. | |
| dc.date.accessioned | 2021-09-09T21:27:41Z | |
| dc.date.available | 2021-09-09T21:27:41Z | |
| dc.date.issued | 2021 | |
| dc.identifier.citation | Gupta, S., Golota, R., & Ditzler, G. (2021). Attack Transferability Against Information-Theoretic Feature Selection. IEEE Access. | |
| dc.identifier.issn | 2169-3536 | |
| dc.identifier.doi | 10.1109/ACCESS.2021.3105555 | |
| dc.identifier.uri | http://hdl.handle.net/10150/661443 | |
| dc.description.abstract | Machine learning (ML) is vital to many application-driven fields, such as image and signal classification, cyber-security, and health sciences. Unfortunately, many of these fields can easily have their training data tampered with by an adversary to thwart an ML algorithm’s objective. Further, the adversary can impact any stage in an ML pipeline (e.g., preprocessing, learning, and classification). Recent work has shown that many models can be attacked by poisoning the training data, and the impact of the poisoned data can be quite significant. Prior works on adversarial feature selection have shown that the attacks can damage feature selection (FS). Filter FS algorithms, a type of FS, are widely used for their ability to model nonlinear relationships, classifier independence and lower computational requirements. One important question from the security perspective of these widely used approaches is, whether filter FS algorithms are robust against other FS attacks. In this work, we focus on the task of information-theoretic filter FS such MIM, MIFS, and mRMR, and the impact that gradient-based attack can have on these selections. The experiments on five benchmark datasets demonstrate that the stability of different information-theoretic algorithms can be significantly degraded by injecting poisonous data into the training dataset. CCBY | |
| dc.language.iso | en | |
| dc.publisher | Institute of Electrical and Electronics Engineers Inc. | |
| dc.rights | Copyright © 2021 The Author(s). This work is licensed under a Creative Commons Attribution 4.0 License. | |
| dc.rights.uri | https://creativecommons.org/licenses/by/4.0/ | |
| dc.subject | Adversarial Machine Learning | |
| dc.subject | Feature extraction | |
| dc.subject | Feature Selection | |
| dc.subject | Information Theory | |
| dc.subject | Machine learning algorithms | |
| dc.subject | Pipelines | |
| dc.subject | Stability analysis | |
| dc.subject | Task analysis | |
| dc.subject | Training | |
| dc.subject | Training data | |
| dc.title | Attack Transferability Against Information-Theoretic Feature Selection | |
| dc.type | Article | |
| dc.type | text | |
| dc.contributor.department | Department of Electrical & Computer Engineering, University of Arizona | |
| dc.identifier.journal | IEEE Access | |
| dc.description.note | Open access journal | |
| dc.description.collectioninformation | This item from the UA Faculty Publications collection is made available by the University of Arizona with support from the University of Arizona Libraries. If you have questions, please contact us at repository@u.library.arizona.edu. | |
| dc.eprint.version | Final published version | |
| dc.source.journaltitle | IEEE Access | |
| refterms.dateFOA | 2021-09-09T21:27:41Z |
Files in this item
Name:
Attack_Transferability_Against ...
Size:
1.421Mb
Format:
PDF
Description:
Final Published Version
This item appears in the following Collection(s)
Except where otherwise noted, this item's license is described as Copyright © 2021 The Author(s). This work is licensed under a Creative Commons Attribution 4.0 License.