摘要
Over the past years,the emergence of intelligent networks empowered by machine learning techniques has brought great facilitates to different aspects of human life.However,using machine learning in intelligent networks also presents potential security and privacy threats.A common practice is the so-called poisoning attacks where malicious users inject fake training data with the aim of corrupting the learned model.In this survey,we comprehensively review existing poisoning attacks as well as the countermeasures in intelligent networks for the first time.We emphasize and compare the principles of the formal poisoning attacks employed in different categories of learning algorithms,and analyze the strengths and limitations of corresponding defense methods in a compact form.We also highlight some remaining challenges and future directions in the attack-defense confrontation to promote further research in this emerging yet promising area.
基金
This work was supported in part by the National Natural Science Foundation of China under Grants 62002104 and 61872416
the Natural Science Foundation of Hubei Province of China under Grant 2019CFB191
the special fund for Wuhan Yellow Crane Talents(Excellent Young Scholar).
