Abstract:
Recently, one of the popular areas that uses machine learning is the dynamic spam detection. They use it to upgrade their detection models with newly collected data again...Show MoreMetadata
Abstract:
Recently, one of the popular areas that uses machine learning is the dynamic spam detection. They use it to upgrade their detection models with newly collected data against various attacks. On the other hand, many methods have been developed to reduce the success rate of the security layer of target systems that use machine learning algorithms for detection. Specifically, attackers insert poisoned data samples that contain trigger words or a sentence into the training dataset of a target system, which reduces the learning rate of the machine learning model. In this case, the number of false-positives increases when a spam sentence contains this trigger, which is called a backdoor in machine learning. In this research, we have focused on the clean-label backdoor attack, which has correctly labeled poisoned data samples. We propose an approach where these samples lead the machine learning model to learn the trigger words when the triggers occur. We empirically analyze the proposed approach with an SMS spam dataset. Our experimental results show that with a correct setting and specially crafted clean-label poisoning data samples, predictions of an LSTM model can be successfully deceived.
Date of Conference: 15-17 December 2021
Date Added to IEEE Xplore: 10 February 2022
ISBN Information: