Un-Fair Trojan: Targeted Backdoor Attacks Against Model Fairness

Nicholas Furth, Abdallah Khreishah, Guanxiong Liu, Nhat Hai Phan, Yasser Jararweh

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Scopus citations

Abstract

Machine learning models have proven to have the ability to make accurate predictions on complex data tasks such as image and graph data. However, they are vulnerable to various backdoor and data poisoning attacks which adversely affect model behavior. These attacks become more prevalent and complex in federated learning, where multiple local models contribute to a single global model communicating using only local gradients. Additionally, these models tend to make unfair predictions for certain protected features. Previously published works revolve around solving these issues both individually and jointly. However, there has been little study on how the adversary can launch an attack that can control model fairness. Demonstrated in this work, a flexible attack, which we call Un-Fair Trojan, that targets model fairness while remaining stealthy can have devastating effects against machine learning models, increasing their demographic parity by up to 30%, without causing a significant decrease in the model accuracy.

Original languageEnglish (US)
Title of host publication2022 9th International Conference on Software Defined Systems, SDS 2022
EditorsLarbi Boubshir, Boubaker Daachi, Abdellah Mokrane, Yaser Jararweh, Benkhelifa Elhadj
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9798350346718
DOIs
StatePublished - 2022
Event9th International Conference on Software Defined Systems, SDS 2022 - Paris, France
Duration: Dec 12 2022Dec 15 2022

Publication series

Name2022 9th International Conference on Software Defined Systems, SDS 2022

Conference

Conference9th International Conference on Software Defined Systems, SDS 2022
Country/TerritoryFrance
CityParis
Period12/12/2212/15/22

All Science Journal Classification (ASJC) codes

  • Artificial Intelligence
  • Computer Networks and Communications
  • Information Systems
  • Software
  • Information Systems and Management
  • Safety, Risk, Reliability and Quality

Keywords

  • Back-door Attacks
  • Fair Machine Learning
  • Federated Learning
  • Machine Learning

Fingerprint

Dive into the research topics of 'Un-Fair Trojan: Targeted Backdoor Attacks Against Model Fairness'. Together they form a unique fingerprint.

Cite this