poster

Poster: StreamToxWatch – Data Poisoning Detector in Distributed, Event-based Environments

Author:
Edmon Begoli

Oak Ridge National Laboratory (ORNL), Oak Ridge, Tennessee, United States of America

Oak Ridge National Laboratory (ORNL), Oak Ridge, Tennessee, United States of America

https://orcid.org/0000-0002-2173-3663
View Profile

DEBS '23: Proceedings of the 17th ACM International Conference on Distributed and Event-based SystemsJune 2023Pages 182–184https://doi.org/10.1145/3583678.3603282

Published:27 June 2023Publication History

DEBS '23: Proceedings of the 17th ACM International Conference on Distributed and Event-based Systems

Pages 182–184

ABSTRACT

StreamToxWatch, or ToxWatch for short, is an early-stage ensemble architecture for data poisoning detection and monitoring in online learning systems over streams. Detecting data poisoning is difficult, especially in distributed streaming systems where statistical baselines change on the fly and across the system. For that reason, ToxWatch employs a combination of input, (adversarial) conceptual drift, and model performance monitors intended to observe anomalous behaviors and phenomena across the system and to offer targeted detection signals to downstream applications.

References

Subutai Ahmad, Alexander Lavin, Scott Purdy, and Zuha Agha. 2017. Unsupervised real-time anomaly detection for streaming data. Neurocomputing 262 (2017), 134--147.Google ScholarCross Ref
Tao Bai, Jinqi Luo, Jun Zhao, Bihan Wen, and Qian Wang. 2021. Recent advances in adversarial training for adversarial robustness. arXiv preprint arXiv:2102.01356 (2021).Google Scholar
Indradumna Banerjee, Dinesh Ghanta, Girish Nautiyal, Pradeep Sanchana, Prateek Katageri, and Atin Modi. 2023. MLOps with enhanced performance control and observability. arXiv preprint arXiv:2302.01061 (2023).Google Scholar
Edmon Begoli. 2023. StreamToxWatch. Google ScholarCross Ref
Andrey Besedin, Pierre Blanchart, Michel Crucianu, and Marin Ferecatu. 2017. Evolutive deep models for online learning on data streams with no storage. In ECML/PKDD 2017 Workshop on Large-scale Learning from Data Streams in Evolving Environments.Google Scholar
Nicholas Carlini and David Wagner. 2017. Adversarial examples are not easily detected: Bypassing ten detection methods. In Proceedings of the 10th ACM workshop on artificial intelligence and security. 3--14.Google ScholarDigital Library
Jiaxin Fan, Qi Yan, Mohan Li, Guanqun Qu, and Yang Xiao. 2022. A Survey on Data Poisoning Attacks and Defenses. In 2022 7th IEEE International Conference on Data Science in Cyberspace (DSC). IEEE, 48--55.Google ScholarCross Ref
Ranwa Al Mallah, David Lopez, Godwin Badu Marfo, and Bilal Farooq. 2021. Untargeted poisoning attack detection in federated learning via behavior attestation. arXiv preprint arXiv:2101.10904 (2021).Google Scholar
Sanjay Seetharaman, Shubham Malaviya, Rosni Vasu, Manish Shukla, and Sachin Lodha. 2022. Influence based defense against data poisoning attacks in online learning. In 2022 14th International Conference on COMmunication Systems & NETworkS (COMSNETS). IEEE, 1--6.Google ScholarCross Ref
Tegjyot Singh Sethi and Mehmed Kantardzic. 2018. Handling adversarial concept drift in streaming data. Expert systems with applications 97 (2018), 18--40.Google Scholar
Jacob Steinhardt, Pang Wei W Koh, and Percy S Liang. 2017. Certified defenses for data poisoning attacks. Advances in neural information processing systems 30 (2017).Google Scholar
Ioannis Tzanettis, Christina-Maria Androna, Anastasios Zafeiropoulos, Eleni Fotopoulou, and Symeon Papavassiliou. 2022. Data Fusion of Observability Signals for Assisting Orchestration of Distributed Applications. Sensors 22, 5 (2022), 2061.Google ScholarCross Ref
Shenghui Wang, Stefan Schlobach, and Michel Klein. 2011. Concept drift and how to identify it. Journal of Web Semantics 9, 3 (2011), 247--265.Google ScholarDigital Library
Zicheng Wang. 2021. Can "micro VM" become the next generation computing platform?: Performance comparison between light weight Virtual Machine, container, and traditional Virtual Machine. In 2021 IEEE International Conference on Computer Science, Artificial Intelligence and Electronic Engineering (CSAIEE). IEEE, 29--34.Google ScholarCross Ref

Index Terms

Poster: StreamToxWatch – Data Poisoning Detector in Distributed, Event-based Environments
1. Security and privacy
  1. Systems security
    1. Distributed systems security

Recommendations

Defending Against Adversarial Denial-of-Service Data Poisoning Attacks
DYNAMICS '20: Proceedings of the 2020 Workshop on DYnamic and Novel Advances in Machine Learning and Intelligent Cyber Security

Data poisoning is one of the most relevant security threats against machine learning and data-driven technologies. Since many applications rely on untrusted training data, an attacker can easily craft malicious samples and inject them into the training ...
Read More
Classification Auto-Encoder Based Detector Against Diverse Data Poisoning Attacks
Data and Applications Security and Privacy XXXVII
Abstract
Poisoning attacks are a category of adversarial machine learning threats in which an adversary attempts to subvert the outcome of the machine learning systems by injecting crafted data into training data set, thus increasing the resulting model’s ...
Read More
Stronger data poisoning attacks break data sanitization defenses
Abstract
Machine learning models trained on data from the outside world can be corrupted by data poisoning attacks that inject malicious points into the models’ training sets. A common defense against these attacks is data sanitization: first filter out ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
DEBS '23: Proceedings of the 17th ACM International Conference on Distributed and Event-based Systems
June 2023
221 pages
ISBN:9798400701221
DOI:10.1145/3583678
General Chair:
Valerio Schiavoni
University of Neuchâtel, Switzerland
,
Proceedings Chair:
Marcelo Pasin
HES-SO University, Switzerland
,
Program Co-chairs:
Bettina Kemme
McGill University, Canada
,
Etienne Riviere
UCLouvain, Belgium
Copyright © 2023 Owner/Author(s)
Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the owner/author(s).
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 27 June 2023
Check for updates
Author Tags
data poisoning
event processing
stream processing
concept drift
Qualifiers
- poster
Conference

Acceptance Rates
Overall Acceptance Rate130of553submissions,24%
Upcoming Conference
DEBS '24

Sponsor:

sigmod

sigmod

The 18th ACM International Conference on Distributed and Event-based Systems

June 24 - 28, 2024

Villeurbanne , France
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 0
  Total Citations
  View Citations
- 26
  Total Downloads
- Downloads (Last 12 months)26
- Downloads (Last 6 weeks)5
Other Metrics
View Author Metrics
Cited By
This publication has not been cited yet

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Poster: StreamToxWatch – Data Poisoning Detector in Distributed, Event-based Environments

DEBS '23: Proceedings of the 17th ACM International Conference on Distributed and Event-based Systems

ABSTRACT

References

Cited By

Index Terms

Recommendations

Defending Against Adversarial Denial-of-Service Data Poisoning Attacks

Classification Auto-Encoder Based Detector Against Diverse Data Poisoning Attacks

Stronger data poisoning attacks break data sanitization defenses