Mixed Strategy Game Model Against Data Poisoning Attacks
This addresses security for machine learning systems against adversarial data manipulation, but it is incremental as it builds on existing game theory approaches.
The paper tackles the problem of data poisoning attacks by modeling them as a game, proving no pure strategy Nash Equilibrium exists, and proposing a mixed strategy algorithm for defenders that shows effectiveness in experiments.
In this paper we use game theory to model poisoning attack scenarios. We prove the non-existence of pure strategy Nash Equilibrium in the attacker and defender game. We then propose a mixed extension of our game model and an algorithm to approximate the Nash Equilibrium strategy for the defender. We then demonstrate the effectiveness of the mixed defence strategy generated by the algorithm, in an experiment.