{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,4]],"date-time":"2026-03-04T17:21:17Z","timestamp":1772644877931,"version":"3.50.1"},"publisher-location":"Cham","reference-count":26,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031226762","type":"print"},{"value":"9783031226779","type":"electronic"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-3-031-22677-9_26","type":"book-chapter","created":{"date-parts":[[2023,1,10]],"date-time":"2023-01-10T09:04:32Z","timestamp":1673341472000},"page":"490-506","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":11,"title":["A Label Flipping Attack on Machine Learning Model and Its Defense Mechanism"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-2532-045X","authenticated-orcid":false,"given":"Qingru","family":"Li","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3677-5559","authenticated-orcid":false,"given":"Xinru","family":"Wang","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3888-8167","authenticated-orcid":false,"given":"Fangwei","family":"Wang","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2054-9215","authenticated-orcid":false,"given":"Changguang","family":"Wang","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,1,11]]},"reference":[{"key":"26_CR1","unstructured":"Springborg, A. A., Andersen, M. K., Hattel, K. H., et al.: Towards a secure API client generator for IoT devices (2022)"},{"key":"26_CR2","unstructured":"Naumov, M., Mudigere, D., Shi, H. J. M., Huang, J., Sundaraman, N., et al.: Deep learning recommendation model for personalization and recommendation systems. (2019)"},{"key":"26_CR3","doi-asserted-by":"crossref","unstructured":"Baracaldo, N., Chen, B., Ludwig, H., Safavi, A., Zhang, R.: Detecting poisoning attacks on machine learning in IoT environments. In: 2018 IEEE International Congress on Internet of Things (ICIOT), pp. 57\u201364 (2018)","DOI":"10.1109\/ICIOT.2018.00015"},{"key":"26_CR4","unstructured":"Schwarzschild, A., Goldblum, M., Gupta, A., Dickerson, J. P., Goldstein, T.: Just how toxic is data poisoning? a unified benchmark for backdoor and data poisoning attacks. In: International Conference on Machine Learning (PMLR), pp. 9389\u20139398 (2021)"},{"issue":"04","key":"26_CR5","first-page":"14","volume":"5","author":"JY Chen","year":"2020","unstructured":"Chen, J.Y., Zou, J.F., Su, M.M., Zhang, L.Y.: A review of deep learning model for poison attack and defense. J. Cyber Sec. 5(04), 14\u201329 (2020)","journal-title":"J. Cyber Sec."},{"key":"26_CR6","doi-asserted-by":"publisher","first-page":"101698","DOI":"10.1016\/j.cose.2019.101698","volume":"90","author":"Y Ren","year":"2020","unstructured":"Ren, Y., Zhou, Q., Wang, Z., Wu, T., Wu, G., Choo, K.K.R.: Query-efficient label-only attacks against black-box machine learning models. Comput. Sec. 90, 101698\u2013101707 (2020)","journal-title":"Comput. Sec."},{"key":"26_CR7","first-page":"61","volume":"192","author":"J Bootkrajang","year":"2016","unstructured":"Bootkrajang, J.: A generalised label noise model for classification in the presence of annotation errors. Neuro Comput. 192, 61\u201371 (2016)","journal-title":"Neuro Comput."},{"issue":"6","key":"26_CR8","doi-asserted-by":"publisher","first-page":"4117","DOI":"10.1007\/s11063-021-10584-w","volume":"53","author":"H Liu","year":"2021","unstructured":"Liu, H., Li, D., Li, Y.: Poisonous label attack: black-box data poisoning attack with enhanced conditional DCGAN. Neural Process. Lett. 53(6), 4117\u20134142 (2021)","journal-title":"Neural Process. Lett."},{"key":"26_CR9","doi-asserted-by":"crossref","unstructured":"Paudice, A., Munoz-Gonzalez, L., Lupu, EC.: Label sanitization against label flipping poisoning attacks. In: Joint European Conference on Machine Learning and Knowledge Discovery in Databases. Springer, pp. 5\u201315 (2018)","DOI":"10.1007\/978-3-030-13453-2_1"},{"issue":"18","key":"26_CR10","doi-asserted-by":"publisher","first-page":"14781","DOI":"10.1007\/s00521-020-04831-9","volume":"32","author":"R Taheri","year":"2020","unstructured":"Taheri, R., Javidan, R., Shojafar, M., Pooranian, Z., Miri, A., Conti, M.: On defending against label flipping attacks on malware detection systems. Neural Comput. Appl. 32(18), 14781\u201314800 (2020). https:\/\/doi.org\/10.1007\/s00521-020-04831-9","journal-title":"Neural Comput. Appl."},{"key":"26_CR11","unstructured":"Wu, R., Saxena, N., Jain, R.: Poisoning the search space in neural architecture search\u00a0(2021)"},{"key":"26_CR12","unstructured":"Vasu, R. K., Seetharaman, S., Malaviya, S., Shukla, M., & Lodha, S.: Gradient-based data subversion attack against binary classifiers. (2021)"},{"key":"26_CR13","doi-asserted-by":"crossref","unstructured":"Ma, K., Xu, Q., Zeng, J., Cao, X., Huang, Q.: Poisoning attack against estimating from pairwise comparisons.\u00a0IEEE Trans. Pattern Anal. Mach. Intell. (2021)","DOI":"10.1109\/TPAMI.2021.3087514"},{"key":"26_CR14","unstructured":"Tianyu, P., Xiao, Y., Yinpeng, D., Hang, S., Jun, Z.: Accumulative poisoning attacks on real-time data. Adv. Neu. Inf. Process. Syst. 34 (2021)"},{"issue":"1","key":"26_CR15","doi-asserted-by":"publisher","first-page":"103","DOI":"10.1007\/s13042-020-01159-7","volume":"12","author":"PPK Chan","year":"2020","unstructured":"Chan, P.P.K., He, Z., Hu, X., Tsang, E.C.C., Yeung, D.S., Ng, W.W.Y.: Causative label flip attack detection with data complexity measures. Int. J. Mach. Learn. Cybern. 12(1), 103\u2013116 (2020). https:\/\/doi.org\/10.1007\/s13042-020-01159-7","journal-title":"Int. J. Mach. Learn. Cybern."},{"key":"26_CR16","doi-asserted-by":"crossref","unstructured":"Ishaq, N., Howard, T. J., Daniels, N. M.: Clustered hierarchical anomaly and outlier detection algorithms. In: 2021 IEEE International Conference on Big Data (Big Data), pp. 5163\u20135174, IEEE (2021)","DOI":"10.1109\/BigData52589.2021.9671566"},{"key":"26_CR17","doi-asserted-by":"publisher","first-page":"450","DOI":"10.1016\/j.ins.2020.10.016","volume":"548","author":"A Ppkc","year":"2021","unstructured":"Ppkc, A., Fl, A., Zca, B., Ying, S.A., Dsy, C.: Transfer learning based countermeasure against label flipping poisoning attack. Inform. Sci. 548, 450\u2013460 (2021)","journal-title":"Inform. Sci."},{"key":"26_CR18","unstructured":"Rosenfeld, E., Winston, E., Ravikumar, P., Kolter, Z.: Certified robustness to label-flipping attacks via randomized smoothing. In: International Conference on Machine Learning, pp. 8230\u20138241. PMLR (2020)"},{"key":"26_CR19","doi-asserted-by":"crossref","unstructured":"Tavallali, P., Behzadan, V., Tavallali, P., Singhal, M.: Adversarial poisoning attacks and defense for general multi-class models based on synthetic reduced nearest neighbors (2021)","DOI":"10.1109\/ICIP46576.2022.9897807"},{"issue":"23","key":"26_CR20","doi-asserted-by":"publisher","first-page":"14573","DOI":"10.1007\/s00500-021-06384-y","volume":"25","author":"N Cheng","year":"2021","unstructured":"Cheng, N., Zhang, H., Li, Z.: Data sanitization against label flipping attacks using AdaBoost-based semi-supervised learning technology. Soft. Comput. 25(23), 14573\u201314581 (2021). https:\/\/doi.org\/10.1007\/s00500-021-06384-y","journal-title":"Soft. Comput."},{"issue":"2","key":"26_CR21","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3487893","volume":"55","author":"Y Xie","year":"2022","unstructured":"Xie, Y., Shekhar, S., Li, Y.: Statistically-robust clustering techniques for mapping spatial hotspots: a survey. ACM Comput. Surv. 55(2), 1\u201338 (2022)","journal-title":"ACM Comput. Surv."},{"key":"26_CR22","doi-asserted-by":"publisher","first-page":"53","DOI":"10.1016\/0377-0427(87)90125-7","volume":"20","author":"PJ Rousseeuw","year":"1987","unstructured":"Rousseeuw, P.J.: Silhouettes: a graphical aid to the interpretation and validation of cluster analysis. J. Comput. Appl. Math. 20, 53\u201365 (1987)","journal-title":"J. Comput. Appl. Math."},{"key":"26_CR23","doi-asserted-by":"crossref","unstructured":"Antunes, J., Bernardino, A., Smailagic, A., et al.: Weighted multisource TrAdaBoost. In: Iberian Conference on Pattern Recognition and Image Analysis, pp. 194\u2013205. Springer, Cham (2019)","DOI":"10.1007\/978-3-030-31332-6_17"},{"key":"26_CR24","doi-asserted-by":"crossref","unstructured":"Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K., Siemens, C. E. R. T.: Drebin: effective and explainable detection of android malware in your pocket. In: Proceedings of the 21st Annual Network and Distributed System Security Symposium (NDSS), Vol. 14, pp. 23\u201326 (2014)","DOI":"10.14722\/ndss.2014.23247"},{"key":"26_CR25","doi-asserted-by":"crossref","unstructured":"Zhou, Y., Jiang, X.: Dissecting android malware: characterization and evolution. In: 2012 IEEE Symposium on Security and Privacy, pp. 95\u2013109. IEEE (2012)","DOI":"10.1109\/SP.2012.16"},{"key":"26_CR26","doi-asserted-by":"publisher","first-page":"4503","DOI":"10.1007\/s10489-020-02086-4","volume":"2","author":"H Zhang","year":"2021","unstructured":"Zhang, H., Cheng, N., Zhang, Y., Li, Z.: Label flipping attacks against naive Bayes on spam filtering systems. Appl. Intell. 2, 4503\u20134514 (2021)","journal-title":"Appl. Intell."}],"container-title":["Lecture Notes in Computer Science","Algorithms and Architectures for Parallel Processing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-22677-9_26","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,1,10]],"date-time":"2023-01-10T09:11:10Z","timestamp":1673341870000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-22677-9_26"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9783031226762","9783031226779"],"references-count":26,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-22677-9_26","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"11 January 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICA3PP","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Algorithms and Architectures for Parallel Processing","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Copenhagen","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Denmark","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10 October 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 October 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"ica3pp2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"91","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"33","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"10","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"36% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"5","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}