New Paper Accepted: On the Robustness of Random Forest Against Untargeted Data Poisoning: An Ensemble-Based Approach
Our paper entitled On the Robustness of Random Forest Against Untargeted Data Poisoning: An Ensemble-Based Approach has been accepted for publication at the journal IEEE Transactions on Sustainable Computing (IEEE TSUSC).
In this paper, we evaluate the robustness of random forest and ensemble of random forests against different types of untargeted data poisoning attacks. Data poisoning consists in the injection of maliciously-crafted data points in the training set, in order to alter the predictions of the model.
We focus on less-investigated topics in the field of data poisoning: tabular datasets (instead of images), random forests (instead of neural networks), untargeted poisoning (no specific goal and strategy), simple but effective defense strategy.
In short, we show that ensemble of random forests, with each random forest trained on a disjoint partition of the training set, can provide good robustness against untargeted label flipping.
This work is a collaboration between our group at SESAR Lab, Università degli Studi di Milano and C2PS (Centre for Cyber-Physical Systems), Khalifa University, Abu Dhabi, UAE.
The authors of the paper are: Marco Anisetti, Claudio A. Ardagna, Alessandro Balestrucci, Nicola Bena (me), Ernesto Damiani, and Chan Yeob Yeun.
For additional details, please check out this post.