Data poisoning represents a significant and growing threat in the field of artificial intelligence (AI), compromising the reliability and integrity of machine learning (ML) models. This paper presents a comprehensive analysis of data poisoning attacks and their countermeasures, with three main contributions: (1) a systematic framework for understanding the theoretical foundations of data poisoning attacks, (2) a mathematical formulation of attack vectors and their impact on learning outcomes, and (3) a novel defensive approach based on the concept of "Dataset Core" that preserves information value while mitigating poisoning effects. By examining both attack mechanisms and defense strategies through a unified mathematical lens, we bridge the gap between theoretical understanding and practical defense implementation. Our proposed Dataset Core approach demonstrates promising potential for creating resilient ML systems that maintain performance integrity in adversarial environments, contributing to the secure deployment of AI in critical real-world applications
Data Poisoning and Artificial Intelligence Modeling: Theoretical Foundations and Defensive Strategies / Ferrara, Massimiliano. - Vol-4031:(2025), pp. 28-40. (Intervento presentato al convegno BDAI 2025 "New frontiers in Big Data and Artificial Intelligence 2025" tenutosi a Aosta (Italia) nel 29-30 maggio 2025).
Data Poisoning and Artificial Intelligence Modeling: Theoretical Foundations and Defensive Strategies
Massimiliano Ferrara
Conceptualization
2025-01-01
Abstract
Data poisoning represents a significant and growing threat in the field of artificial intelligence (AI), compromising the reliability and integrity of machine learning (ML) models. This paper presents a comprehensive analysis of data poisoning attacks and their countermeasures, with three main contributions: (1) a systematic framework for understanding the theoretical foundations of data poisoning attacks, (2) a mathematical formulation of attack vectors and their impact on learning outcomes, and (3) a novel defensive approach based on the concept of "Dataset Core" that preserves information value while mitigating poisoning effects. By examining both attack mechanisms and defense strategies through a unified mathematical lens, we bridge the gap between theoretical understanding and practical defense implementation. Our proposed Dataset Core approach demonstrates promising potential for creating resilient ML systems that maintain performance integrity in adversarial environments, contributing to the secure deployment of AI in critical real-world applications| File | Dimensione | Formato | |
|---|---|---|---|
|
Ferrara_2025_BDAI_Data Poisoning_editor.pdf
accesso aperto
Tipologia:
Versione Editoriale (PDF)
Licenza:
Creative commons
Dimensione
968.79 kB
Formato
Adobe PDF
|
968.79 kB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
