Explaining Vulnerabilities to Adversarial Machine Learning through Visual Analytics

Yuxin Ma, Tiankai Xie, Jundong Li, Ross Maciejewski

Research output: Contribution to journalArticle

1 Scopus citations

Abstract

Machine learning models are currently being deployed in a variety of real-world applications where model predictions are used to make decisions about healthcare, bank loans, and numerous other critical tasks. As the deployment of artificial intelligence technologies becomes ubiquitous, it is unsurprising that adversaries have begun developing methods to manipulate machine learning models to their advantage. While the visual analytics community has developed methods for opening the black box of machine learning models, little work has focused on helping the user understand their model vulnerabilities in the context of adversarial attacks. In this paper, we present a visual analytics framework for explaining and exploring model vulnerabilities to adversarial attacks. Our framework employs a multi-faceted visualization scheme designed to support the analysis of data poisoning attacks from the perspective of models, data instances, features, and local structures. We demonstrate our framework through two case studies on binary classifiers and illustrate model vulnerabilities with respect to varying attack strategies.

Original languageEnglish (US)
Article number8812988
Pages (from-to)1075-1085
Number of pages11
JournalIEEE Transactions on Visualization and Computer Graphics
Volume26
Issue number1
DOIs
StatePublished - Jan 2020

Keywords

  • Adversarial machine learning
  • data poisoning
  • visual analytics

ASJC Scopus subject areas

  • Software
  • Signal Processing
  • Computer Vision and Pattern Recognition
  • Computer Graphics and Computer-Aided Design

Fingerprint Dive into the research topics of 'Explaining Vulnerabilities to Adversarial Machine Learning through Visual Analytics'. Together they form a unique fingerprint.

  • Cite this