Day 4 : Data Poisoning

BlackCat

Hello Peeps👋
I am back with Day-4 AI Security, this blog I have kept small intentionally. I hope you will get some insights.

Imagine teacher has instructed their student to learn from a particular textbook where some pages are wrong.
The students trusts the book, learns the wrong information and confidently gives incorrect answers.
That’s data poisoning in Artificial Intelligence.

What is Data Poisoning?

Data Poisoning is an attack where an adversary intentionally manipulates the training data so that an AI model learns incorrect or malicious behavior.

AI systems trust their data more than anything..
Just like dogs trust their master than outer world.

Why it is Dangerous?
Unlike traditional hacking, In Data Poisoning NO SERVER is breached, NO MALWARE is installed or NO FIREWALL is bypassed.
The attacker simply feeds wrong data and the AI system breaks itself.

Types of Data Poisoning Attacks

1. Label Flipping Attacks
In label flipping, the attacker changes the correct labels in the training dataset.
Example :
A cat image is labeled as “dog”
A spam email is labeled as “not spam”

2. Backdoor Attacks
Compared to label flipping, this is dangerous.
A backdoor attack inserts a hidden trigger into the data which causes the AI to behave maliciously only when the trigger appears.
Example :
An attacker adds a small sticker to some images.
Anyone wearing that sticker is identifies as Admin, means unauthorized access is granted.

Why Backdoor attacks are harder to detect?

Normal accuracy looks fine
No obvious errors during testing
The attack activates only until specific conditions.

This is very dangerous particularly in Surveillance systems, Military AI, Autonomous vehicles etc.

Security Defenses Against Data Poisoning

Now the important part, as our main objective is to learn about defense mechanisms.

1. Data Validation
Checking training data before it is used.
Techniques:

Remove duplicates
Check label consistency
Detect outliers
Manual review of critical samples
Example : If a “cat” image looks similar to dogs means remove it.

2.Dataset Versioning
Just like Git for code, dataset versioning includes :

Tracks changes
Records who modified data
Allows rollback to safe versions

Tools which are used for dataset versioning:

Data Version Control (DVC)
Git-LFS
MLFlow

See you soon
Giphy - Mental Health GIF by The Paper Bunny