Machine learning (ML) models have become pivotal in various sectors, making their security and reliability increasingly important. Data poisoning attacks corrupt training data and pose significant threats to model int...
详细信息
ISBN:
(纸本)9798350386424;9798350386417
Machine learning (ML) models have become pivotal in various sectors, making their security and reliability increasingly important. Data poisoning attacks corrupt training data and pose significant threats to model integrity and performance. Traditional K-Nearest Neighbor (KNN) is vulnerable to these attacks due to its fixed selection of the k value, which limits its ability to adapt to poisoned data. To address this challenge, DynaDetect [1], a dynamic KNN-based detection algorithm, was designed by adjusting k values dynamically. To further improve the detection accuracy of DynaDetect, in this work, we propose DynaDetect2.0, an improved version that builds on the original DynaDetect by incorporating Convolutional Neural Networks (CNN) for feature extraction and utilizing advanced distance metrics, including Mean Squared Error (MSE) and Mahalanobis distance. These improvements enable DynaDetect2.0 to better adapt to attack patterns and significantly increase detection accuracy. Through extensive experimentation, its results indicate that DynaDetect2.0 outperforms both DynaDetect and traditional KNN on diverse datasets such as CIFAR-10, ImageNet, and GTSRB. Specifically, DynaDetect2.0 shows a 34.3% improvement over DynaDetect algorithm and a 106.7% improvement over traditional KNN. This research provides a robust framework for detecting data poisoning attacks in ML models, addressing critical gaps in current detection methods.
Cruise missiles over land and sea cluttered background are serious threats to search and track systems. In general, these threats are stealth in both the infrared and radio frequency bands. That is, their thermal infr...
详细信息
ISBN:
(纸本)0819432954
Cruise missiles over land and sea cluttered background are serious threats to search and track systems. In general, these threats are stealth in both the infrared and radio frequency bands. That is, their thermal infrared signature and their radar cross section can be quite small. This paper discusses adaptive sequential detection methods which exploit 'track-before-detect' technology for detecting low-SNR targets in Infrared Search and Track (IRST) systems. Despite the fact that we focus on an IRST against cruise missiles over land and sea cluttered backgrounds, the results are applicable to other sensors and other kinds of targets. The developed algorithms allow us to detect a priori unknown number of targets that appear and disappear at unknown points in time. In contrast to the traditional Wald's method the problem of detection of a target with unknown moment of appearance is formulated and solved as a quickest detection problem (change-point detection problem). This problem involves optimization of a trade-off between the detection delay and the false alarm rate. The developed sequential algorithm detects a target with as small average delay as possible (after it appears) under the constraint on the frequency of false alarms. In addition, the algorithm detects target disappearance - also with the smallest delay, which makes it possible to almost immediately interrupt tracking when target disappears. The decision statistics use the results of 'track-before-detect' - the estimates of target's spatial location based on the optimal spatial-temporal nonlinear filtering. Simulation results using real (starring) IRST data are presented. These results show that performance is high even for very low SNR targets.
暂无评论