PDF Editor
PDF Converter
Image Converter
Video Converter
Audio Converter
File Compressor
universal multi party poisoning attacks

Universal Multi-Party Poisoning Attacks Saeed Mahloujifar Mohammad - PowerPoint PPT Presentation

Feb 01, 2023 β€’334 likes β€’540 views

Universal Multi-Party Poisoning Attacks Saeed Mahloujifar Mohammad Mahmoody Ameer Mohammed Multi-Party Learning Distributions Data Providers 1 1 Model Multi-Party Learning (Round j) Distributions

  1. Universal Multi-Party Poisoning Attacks Saeed Mahloujifar Mohammad Mahmoody Ameer Mohammed

  2. Multi-Party Learning Distributions Data Providers 𝐸 1 𝑄 1 Model 𝐻 𝐸 π‘œ 𝑄 π‘œ

  3. Multi-Party Learning (Round j) Distributions Data Providers 𝐸 1 𝑄 1 𝐻 𝐸 𝑗 𝑄 𝑗 Model jβˆ’1 𝐸 π‘œ 𝑄 π‘œ

  4. Multi-Party Learning (Round j) Distributions Data Providers 𝐸 1 𝑄 1 𝐻 𝐸 𝑗 𝑄 𝑗 Model jβˆ’1 𝐸 π‘œ 𝑄 π‘œ

  5. Multi-Party Learning (Round j) Distributions Data Providers 𝐸 1 𝑄 1 𝑣 π‘˜ 𝑒 π‘˜ 𝐻 𝐸 𝑗 𝑄 𝑗 Model jβˆ’1 𝐸 π‘œ 𝑄 π‘œ

  6. Multi-Party Learning (Round j) Distributions Data Providers 𝐸 1 𝑄 1 𝑣 π‘˜ 𝑒 π‘˜ Model j 𝐻 𝐸 𝑗 𝑄 𝑗 Model jβˆ’1 𝐸 π‘œ 𝑄 π‘œ

  7. Multi-Party Learning (Round j) Distributions Data Providers 𝐸 1 𝑄 1 Model j Model j Model j 𝐻 Model j 𝐸 𝑗 𝑄 𝑗 Model j Model j Model jβˆ’1 𝐸 π‘œ 𝑄 π‘œ

  8. Poisoning in Multi-Party Learning Distributions Data Providers An adversary (partially) controls a 𝐸 1 𝑄 number of data providers 1 Model 𝐻 𝐸 𝑗 𝑄 𝑗 𝐸 π‘œ 𝑄 π‘œ

  9. (𝑙, π‘Ÿ) -Poisoning Attack Model 𝑙 (out of π‘œ ) of the parties become corrupted 𝐸 𝑗 𝑄 𝑗 Each corrupted party 𝑄 𝑗 samples from a different distribution 𝑒 , ≀ π‘Ÿ 𝐸 𝑗 𝐸 𝑗 𝑙 = π‘œ β†’ π‘Ÿ -Tampering [ACMPS14] [MM17] [MM18] π‘Ÿ = 1 β†’ Static Corruption in MPC (crypto)

  10. What is the inherent power of 𝑙, π‘Ÿ -poisoning adversaries against Multi-party Learning?

  11. Main Theorem: Power of 𝑙, π‘Ÿ -Poisoning Let 𝐢 be a bad property of the model 𝑁 β€’ E.g. 𝐢(𝑁) = 1 if 𝑁 misclassified an specific instance 𝑦 For any π‘œ -party learning protocol there is a 𝑙, π‘Ÿ -poisoning adversary that increases Pr[𝐢] from πœ— β†’ πœ— 1βˆ’ π‘™π‘Ÿ π‘œ

  12. Main Theorem: Power of 𝑙, π‘Ÿ -Poisoning Let 𝐢 be a bad property of the model 𝑁 β€’ E.g. 𝐢(𝑁) = 1 if 𝑁 misclassified an specific instance 𝑦 For any π‘œ -party learning protocol there is a 𝑙, π‘Ÿ -poisoning adversary that increases Pr[𝐢] from πœ— β†’ πœ— 1βˆ’ π‘™π‘Ÿ π‘œ Pr[𝐢] Before attack 𝒓 𝒍 Pr[𝐢] after attack 5% 1/2 π‘œ/2 11% 5% 1/2 π‘œ 22% 5% 1 π‘œ/2 22%

  13. Features of Attack β€’ Universal: provably work against any learning protocol β€’ In contrast with: [Bagdasaryan et al 2018; Bhagoji et al. 2018] β€’ Clean label: Only uses correct labels β€’ Similar to: [M et al 2017; Shafahi et al 2018] β€’ Polynomial time β€’ Similar to: [M and Mahmoody 2019]

  14. Ideas Behind Attack β€’ Main Idea: Treat protocol as random process and run a biasing attack β€’ The bad property is a function over the random process β€’ We want to bias that function, similar to attacks in coin tossing

  15. Ideas Behind Attack β€’ Main Idea: Treat protocol as random process and run a biasing attack β€’ The bad property is a function over the random process β€’ We want to bias that function, similar to attacks in coin tossing β€’ New biasing model: Generalized π‘ž -Tampering.

  16. Ideas Behind Attack β€’ Main Idea: Treat protocol as random process and run a biasing attack β€’ The bad property is a function over the random process β€’ We want to bias that function, similar to attacks in coin tossing β€’ New biasing model: Generalized π‘ž -Tampering. Let 𝑔 ∢ 𝑉 1 , … , 𝑉 π‘œ β†’ {0,1}

  17. Ideas Behind Attack β€’ Main Idea: Treat protocol as random process and run a biasing attack β€’ The bad property is a function over the random process β€’ We want to bias that function, similar to attacks in coin tossing β€’ New biasing model: Generalized π‘ž -Tampering. Let 𝑔 ∢ 𝑉 1 , … , 𝑉 π‘œ β†’ {0,1} Input blocks 𝑣 1 , 𝑣 2 , … 𝑣 π‘œ are sampled one-by one in online way:

  18. Ideas Behind Attack β€’ Main Idea: Treat protocol as random process and run a biasing attack β€’ The bad property is a function over the random process β€’ We want to bias that function, similar to attacks in coin tossing β€’ New biasing model: Generalized π‘ž -Tampering. Let 𝑔 ∢ 𝑉 1 , … , 𝑉 π‘œ β†’ {0,1} Input blocks 𝑣 1 , 𝑣 2 , … 𝑣 π‘œ are sampled one-by one in online way: 𝑉 𝑗 with marginal probability 1 βˆ’ π‘ž 𝑣 𝑗 = α‰Š with marginal probability π‘ž

  19. Ideas Behind Attack β€’ Main Idea: Treat protocol as random process and run a biasing attack β€’ The bad property is a function over the random process β€’ We want to bias that function, similar to attacks in coin tossing β€’ New biasing model: Generalized π‘ž -Tampering. Let 𝑔 ∢ 𝑉 1 , … , 𝑉 π‘œ β†’ {0,1} Input blocks 𝑣 1 , 𝑣 2 , … 𝑣 π‘œ are sampled one-by one in online way: 𝑉 𝑗 with marginal probability 1 βˆ’ π‘ž 𝑣 𝑗 = α‰Š with marginal probability π‘ž Our generalized p-tampering attack based on Ideas in coin tossing attacks [BOL89,IH14]

  20. Summary We show Poisoning attacks against multi-party learning protocols: β€’ Universal: Provably apply to any multi-party learning protocol β€’ Clean label: Only uses samples with correct labels β€’ Run in polynomial time Poster #160 β€’ Increase the probability of any chosen bad property

Recommend

Poisoning Attack Analysis Jeffrey Zhang Universal Multi-Party Poisoning Attacks Saeed

Poisoning Attack Analysis Jeffrey Zhang Universal Multi-Party Poisoning Attacks Saeed

Poisoning Attack Analysis Jeffrey Zhang Universal Multi-Party Poisoning Attacks Saeed Mahloujifar Mohammad Mahmoody Ameer Mohammed, ICML 2019 Multi-party Learning Application: Federated Learning Federated Learning : Train a centralized

590 views β€’ 34 slides
EGUS CDE Agreement Terminology/Updates Agreement Types : AB (2 Party) Party A,

EGUS CDE Agreement Terminology/Updates Agreement Types : AB (2 Party) Party A,

EGUS CDE Agreement Terminology/Updates Agreement Types : AB (2 Party) Party A, Party B ABA (3 Party) Party A, Party B, Party A Clearing Member ABB (3 Party) Party A, Party B, Party B Clearing Member

404 views β€’ 21 slides
Supreme Leader Pulkit Party!!!!!! Party!!!!!! Just us Party!!!!!! What we have done

Supreme Leader Pulkit Party!!!!!! Party!!!!!! Just us Party!!!!!! What we have done

Supreme Leader Pulkit Party!!!!!! Party!!!!!! Just us Party!!!!!! What we have done Party!!!!!! Party!!!!!! Curling Orientation Party!!!!!! Party!!!!!! Party!!!!!! National day parade Airport picking-uping Party!!!!!!

1.18k views β€’ 69 slides
CARBON MONOXIDE POISONING The Silent Killer PATHOPHYSIOLOGY OF CARBON MONOXIDE 1. CO poisoning

CARBON MONOXIDE POISONING The Silent Killer PATHOPHYSIOLOGY OF CARBON MONOXIDE 1. CO poisoning

CARBON MONOXIDE POISONING The Silent Killer PATHOPHYSIOLOGY OF CARBON MONOXIDE 1. CO poisoning is the most common exposure poisoning in the United States and the rest of the world. 2. It is an odorless, colorless gas that can cause sudden

198 views β€’ 15 slides
Pharmacists Role in Prevention & Management of Poisoning Prof. Rahmat Awang National Poison

Pharmacists Role in Prevention & Management of Poisoning Prof. Rahmat Awang National Poison

Overview of Poisoning Incidence and the Pharmacists Role in Prevention & Management of Poisoning Prof. Rahmat Awang National Poison Centre Universiti Sains Malaysia 1st. National Poisoning Symposium 2016: Pharmacists Role in Poisoning

570 views β€’ 33 slides
Poison and Poisoning Azwin bin Md Tumin National Poison Centre Outline a. Definition b.

Poison and Poisoning Azwin bin Md Tumin National Poison Centre Outline a. Definition b.

Poison and Poisoning Azwin bin Md Tumin National Poison Centre Outline a. Definition b. Forefathers of toxicology c. Famous poisoning cases d. Misconception about poisoning e. Basic principles of poisoning f. Factors influencing toxic

843 views β€’ 16 slides
Poisoning Attacks: p-Tampering and Poison Frogs Simons Robustness Reading Group Bolton Bailey

Poisoning Attacks: p-Tampering and Poison Frogs Simons Robustness Reading Group Bolton Bailey

Poisoning Attacks: p-Tampering and Poison Frogs Simons Robustness Reading Group Bolton Bailey July 1, 2019 What is a Poisoning Attack? Data poisoning is an attack on machine learning models wherein the attacker adds (or modifies) examples

1.28k views β€’ 12 slides
Childhood Lead Poisoning in Ohio 2 Objectives Overview of childhood lead poisoning in Ohio

Childhood Lead Poisoning in Ohio 2 Objectives Overview of childhood lead poisoning in Ohio

1 Childhood Lead Poisoning in Ohio 2 Objectives Overview of childhood lead poisoning in Ohio Provide an overview of the Public Health Lead Investigation Process Bring awareness to funding resources for lead hazard control 3

1.35k views β€’ 71 slides
DNS Cache Poisoning Attack Introduction The purpose of this presentation is to dissect the

DNS Cache Poisoning Attack Introduction The purpose of this presentation is to dissect the

Anatomy of a DNS Cache Poisoning Attack Introduction The purpose of this presentation is to dissect the Domain Name System (DNS) Cache Poisoning Cyber attack. We will cover: - Real-world examples of DNS cache poisoning - A defjnition of

607 views β€’ 58 slides
Poisoning Exposure Prof. Rahmat Awang National Poison Centre Universiti Sains Malaysia 1st.

Poisoning Exposure Prof. Rahmat Awang National Poison Centre Universiti Sains Malaysia 1st.

Role of Pharmacist in Assessing the Risk of a Poisoning Exposure Prof. Rahmat Awang National Poison Centre Universiti Sains Malaysia 1st. National Poisoning Symposium 2016: Pharmacists Role in Poisoning Prevention and Management 5th-6th

486 views β€’ 14 slides
TRANSFERABLE CLEAN-LABEL POISONING ATTACKS ON DEEP NEURAL NETS Chen Zhu*, W. Ronny Huang*^, Ali

TRANSFERABLE CLEAN-LABEL POISONING ATTACKS ON DEEP NEURAL NETS Chen Zhu*, W. Ronny Huang*^, Ali

TRANSFERABLE CLEAN-LABEL POISONING ATTACKS ON DEEP NEURAL NETS Chen Zhu*, W. Ronny Huang*^, Ali Shafahi, Hengduo Li, Gavin Taylor, Christoph Studer, Tom Goldstein * equal contribution ^ presenter WHAT IS POISONING? Training data Testing

218 views β€’ 19 slides
DNS Poisoning: Developments, Attacks and Research Directions Suggestions for the Idle and Curious

DNS Poisoning: Developments, Attacks and Research Directions Suggestions for the Idle and Curious

DNS Poisoning Attack Scenarios Vulnerability Analysis Remedies DNS Poisoning: Developments, Attacks and Research Directions Suggestions for the Idle and Curious Researcher David Dagon 1 1 Georgia Institute of Technology Atlanta, Georgia

327 views β€’ 28 slides
Adding Aerosol Cans to the Universal Waste Regulations Where does Universal Waste fit? HAZARDOUS

Adding Aerosol Cans to the Universal Waste Regulations Where does Universal Waste fit? HAZARDOUS

Adding Aerosol Cans to the Universal Waste Regulations Where does Universal Waste fit? HAZARDOUS WASTES SOLID WASTES UNIVERSAL WASTES - Universal waste categories must be hazardous waste before they can be designated as universal wastes -

810 views β€’ 40 slides
UNIVERSAL ROBOTS RUC 2018 Universal Robots - Evolving the future UNIVERSAL ROBOTS SET THE

UNIVERSAL ROBOTS RUC 2018 Universal Robots - Evolving the future UNIVERSAL ROBOTS SET THE

UNIVERSAL ROBOTS RUC 2018 Universal Robots - Evolving the future UNIVERSAL ROBOTS SET THE STANDARD Fast Set-up Flexible Deployment Easy Programming Safe UNIVERSAL ROBOTS SET THE STANDARD Fast setup Fast Set-up Flexible

585 views β€’ 24 slides
Tech Day: Universal Acceptance Mark van rek Universal Acceptance Todays Objectives

Tech Day: Universal Acceptance Mark van rek Universal Acceptance Todays Objectives

Tech Day: Universal Acceptance Mark van rek Universal Acceptance Todays Objectives Definition of Universal Acceptance Universal Acceptance Steering Group Challenges BiDi Stuff Conclusion 2 Definition of Universal

665 views β€’ 27 slides
Universal Credit Universal Credit Universal Credit is for working-age people aged over 18 and

Universal Credit Universal Credit Universal Credit is for working-age people aged over 18 and

Universal Credit Universal Credit Universal Credit is for working-age people aged over 18 and under State Pension age. Universal Credit will replace a number of current benefits: income-based Jobseekers Allowance (JSA);

332 views β€’ 14 slides
Brokered Agreements in Multi-Party Machine Learning 10th ACM SIGOPS Asia-Pacific Workshop on

Brokered Agreements in Multi-Party Machine Learning 10th ACM SIGOPS Asia-Pacific Workshop on

Brokered Agreements in Multi-Party Machine Learning 10th ACM SIGOPS Asia-Pacific Workshop on Systems (APSys 2019) Clement Fung, Ivan Beschastnikh University of British Columbia 1 The emerging ML economy With the explosion of machine

596 views β€’ 42 slides
Parties to a Mortgage loan of funds Owner-Debtor Creditor-Lender Borrower (Mortgagee)

Parties to a Mortgage loan of funds Owner-Debtor Creditor-Lender Borrower (Mortgagee)

Parties to a Mortgage loan of funds Owner-Debtor Creditor-Lender Borrower (Mortgagee) (Mortgagor) Security Interest (SI) in real property Parties to Note and Deed of Trust Loan of Funds Owner-Debtor Creditor-Lender

189 views β€’ 4 slides
Multi Party Computation: From Theory to Practice Nigel P . Smart Department of Computer

Multi Party Computation: From Theory to Practice Nigel P . Smart Department of Computer

Multi Party Computation: From Theory to Practice Nigel P . Smart Department of Computer Science, University Of Bristol, Merchant Venturers Building, Woodland Road, Bristol, BS8 1UB. January 8, 2013 Nigel P . Smart Multi Party

604 views β€’ 28 slides
Political Science 17 . 20 Introduction to American Politics Professor Devin Caughey MIT

Political Science 17 . 20 Introduction to American Politics Professor Devin Caughey MIT

Political Science 17 . 20 Introduction to American Politics Professor Devin Caughey MIT Department of Political Science and Partisanship Parties Lecture 14 (March 2, 2013) 1 / 13 Outline What Are Parties? 1 Why Do Parties Exist? 2 How Do

186 views β€’ 14 slides
Transport Refrigeration Unit Enforcement Work Group Meeting July 29, 2020 1 Updated Concept for

Transport Refrigeration Unit Enforcement Work Group Meeting July 29, 2020 1 Updated Concept for

Transport Refrigeration Unit Enforcement Work Group Meeting July 29, 2020 1 Updated Concept for TRU Regulation Facility Registration, Fees, and Compliance Plan Reporting Expanded TRU Registration Requirements TRU Emission Standards

403 views β€’ 15 slides
Reducing Communication Channels in MPC Marcel Keller 1,2 Dragos Rotaru 1,3 Nigel Smart 1,3 T im

Reducing Communication Channels in MPC Marcel Keller 1,2 Dragos Rotaru 1,3 Nigel Smart 1,3 T im

Reducing Communication Channels in MPC Marcel Keller 1,2 Dragos Rotaru 1,3 Nigel Smart 1,3 T im Wood 1,3 1 University of Bristol 2 Data61 3 KU Leuven/COSIC ESAT 1/35 Outline Goal Generalising MPC Tools Performing MPC 2/35 Outline Goal

753 views β€’ 72 slides
Towards Measuring Adversarial Twitter Interactions against Candidates in the US Midterm Elections

Towards Measuring Adversarial Twitter Interactions against Candidates in the US Midterm Elections

Towards Measuring Adversarial Twitter Interactions against Candidates in the US Midterm Elections Yiqing Hua Thomas Ristenpart Mor Naaman Cornell Tech, Cornell University Presentation for ICWSM 2020 Find the slides and paper on

357 views β€’ 21 slides
Armor Within: Defending against Vulnerabilities in Third-Party Libraries Sameed Ali , Prashant

Armor Within: Defending against Vulnerabilities in Third-Party Libraries Sameed Ali , Prashant

Armor Within: Defending against Vulnerabilities in Third-Party Libraries Sameed Ali , Prashant Anantharaman, Sean Smith Dartmouth College, NH, USA sameed.ali.gr@dartmouth.edu 1 Outline Motivation Our Evaluation Conclusions Approaches 2

381 views β€’ 27 slides

More recommend

Logo Sambuz

Unleash a World of Digital Possibilitiesβ€”Browse, Share, and Explore Content Without Boundaries

Useful Links

About Us Privacy Services FAQ's Blogs Contact

Newsletter

Stay Informed & Inspiredβ€”Subscribe for the Latest Updates, Tips, and Exclusive Content Directly to Your Inbox.

Mail Us

mail@sambuz.com

2025 SAMBUZ, All right reserved.