US 12,105,810 B2
Data poisoning method and data poisoning apparatus
Shan-Hung Wu, Hsinchu (TW); and Chia-Hung Yuan, Hsinchu (TW)
Assigned to National Tsing Hua University, Hsinchu (TW)
Filed by National Tsing Hua University, Hsinchu (TW)
Filed on Mar. 28, 2022, as Appl. No. 17/705,411.
Claims priority of application No. 111101893 (TW), filed on Jan. 17, 2022.
Prior Publication US 2023/0229789 A1, Jul. 20, 2023
Int. Cl. G06F 21/60 (2013.01); G06F 18/214 (2023.01); G06N 20/10 (2019.01)
CPC G06F 21/60 (2013.01) [G06F 18/2148 (2023.01); G06N 20/10 (2019.01)] 12 Claims
OG exemplary drawing
 
1. A data poisoning method for an electronic apparatus having a processor, the method comprising following steps:
retrieving a training dataset and a validation dataset;
randomly initializing a perturbation and adding the perturbation to data in the training dataset to generate poisoned training data;
computing values of multiple kernel functions of the poisoning training data and the validation dataset by using kernel functions in a Gaussian process and using thereof to compute a mean of the Gaussian process on the validation dataset;
computing a loss between the mean and the data in the validation dataset by using a loss function in the Gaussian process and using thereof to generate an objective function that maximizes the loss; and
solving the objective function to compute the perturbation that maximizes the loss.