Skip to content

Latest commit

 

History

History
29 lines (21 loc) · 2.32 KB

DataPoisoning.md

File metadata and controls

29 lines (21 loc) · 2.32 KB

Susceptibility to Data Poisoning in ML Models

Description

Data poisoning is the deliberate corruption of training data for machine learning models, designed to skew the model's predictions or behavior. This manipulation can have profound implications on model integrity, necessitating protective measures for training and validation datasets.

Extended Description

Data poisoning attacks strike at the core of ML models—their data. Injecting malicious or flawed data into a training set can sway a model's decisions. The impact varies from subtle biases to full dysfunction or adversarial takeover, through either direct data tampering or indirect subversion of data collection methods.

Potential Mitigations

  • Data Validation: Apply rigorous validation to confirm data conforms to expected patterns and statistics.
  • Outlier Detection: Employ statistical methods to identify and manage outliers, potentially indicative of poisoning.
  • Data Source Authentication: Authenticate and secure data sources to preempt source-level poisoning.
  • Model Interpretability: Use interpretability tools to inspect and understand model behavior, which may reveal signs of poisoning.
  • Regular Model Evaluation: Routinely test model accuracy with trusted datasets to spot anomalies that could signal poisoning.
  • Secure Data Storage: Protect data repositories against unauthorized changes.

Related Weaknesses

  • CWE-707: Improper Neutralization: Points to the dangers of not adequately addressing harmful inputs.
  • CWE-20: Improper Input Validation: Stresses the importance of stringent data input validation.

Impact Analysis

  • Operational Disruption: A compromised model can malfunction, disrupting operations and leading to poor decision-making.
  • Trust Erosion: Exposure of model bias or malfunctions due to poisoning can diminish trust in the model and its operators.
  • Economic Impact: Faulty model decisions can result in financial detriment, particularly in critical sectors such as finance or healthcare.
  • Strategic Misdirection: In strategic contexts, a compromised model may guide an organization astray, potentially to the advantage of competitors or adversaries.
  • Legal and Compliance Risks: Decisions influenced by tainted data may breach regulations or ethical norms, incurring legal penalties.