{"id":"https://openalex.org/W4416962382","doi":"https://doi.org/10.1109/pst65910.2025.11268872","title":"A Per-Bag Suspicion-Based Bagging Strategy for Fighting Poisoning Attacks in Classification","display_name":"A Per-Bag Suspicion-Based Bagging Strategy for Fighting Poisoning Attacks in Classification","publication_year":2025,"publication_date":"2025-08-26","ids":{"openalex":"https://openalex.org/W4416962382","doi":"https://doi.org/10.1109/pst65910.2025.11268872"},"language":null,"primary_location":{"id":"doi:10.1109/pst65910.2025.11268872","is_oa":false,"landing_page_url":"https://doi.org/10.1109/pst65910.2025.11268872","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 22nd Annual International Conference on Privacy, Security, and Trust (PST)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5120582329","display_name":"Aghoghomena Akasukpe","orcid":null},"institutions":[{"id":"https://openalex.org/I39470171","display_name":"Ontario Tech University","ror":"https://ror.org/016zre027","country_code":"CA","type":"education","lineage":["https://openalex.org/I39470171"]}],"countries":["CA"],"is_corresponding":true,"raw_author_name":"Aghoghomena Akasukpe","raw_affiliation_strings":["Ontario Tech University,Oshawa,Canada"],"affiliations":[{"raw_affiliation_string":"Ontario Tech University,Oshawa,Canada","institution_ids":["https://openalex.org/I39470171"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Tomi Adeyemi","orcid":null},"institutions":[{"id":"https://openalex.org/I39470171","display_name":"Ontario Tech University","ror":"https://ror.org/016zre027","country_code":"CA","type":"education","lineage":["https://openalex.org/I39470171"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Tomi Adeyemi","raw_affiliation_strings":["Ontario Tech University,Oshawa,Canada"],"affiliations":[{"raw_affiliation_string":"Ontario Tech University,Oshawa,Canada","institution_ids":["https://openalex.org/I39470171"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5088000739","display_name":"Pooria Madani","orcid":"https://orcid.org/0000-0002-4474-8817"},"institutions":[{"id":"https://openalex.org/I39470171","display_name":"Ontario Tech University","ror":"https://ror.org/016zre027","country_code":"CA","type":"education","lineage":["https://openalex.org/I39470171"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Pooria Madani","raw_affiliation_strings":["Ontario Tech University,Oshawa,Canada"],"affiliations":[{"raw_affiliation_string":"Ontario Tech University,Oshawa,Canada","institution_ids":["https://openalex.org/I39470171"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5008822438","display_name":"Li Yang","orcid":"https://orcid.org/0000-0001-9383-1097"},"institutions":[{"id":"https://openalex.org/I39470171","display_name":"Ontario Tech University","ror":"https://ror.org/016zre027","country_code":"CA","type":"education","lineage":["https://openalex.org/I39470171"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Li Yang","raw_affiliation_strings":["Ontario Tech University,Oshawa,Canada"],"affiliations":[{"raw_affiliation_string":"Ontario Tech University,Oshawa,Canada","institution_ids":["https://openalex.org/I39470171"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5016781361","display_name":"Miguel Vargas Mart\u00edn","orcid":"https://orcid.org/0000-0001-8169-6836"},"institutions":[{"id":"https://openalex.org/I39470171","display_name":"Ontario Tech University","ror":"https://ror.org/016zre027","country_code":"CA","type":"education","lineage":["https://openalex.org/I39470171"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Miguel Vargas Martin","raw_affiliation_strings":["Ontario Tech University,Oshawa,Canada"],"affiliations":[{"raw_affiliation_string":"Ontario Tech University,Oshawa,Canada","institution_ids":["https://openalex.org/I39470171"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5120582329"],"corresponding_institution_ids":["https://openalex.org/I39470171"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.19769245,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"10"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9886999726295471,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9886999726295471,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.003700000001117587,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12026","display_name":"Explainable Artificial Intelligence (XAI)","score":0.00139999995008111,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness (evolution)","score":0.661300003528595},{"id":"https://openalex.org/keywords/resampling","display_name":"Resampling","score":0.5541999936103821},{"id":"https://openalex.org/keywords/outlier","display_name":"Outlier","score":0.5109000205993652},{"id":"https://openalex.org/keywords/ensemble-learning","display_name":"Ensemble learning","score":0.4934000074863434},{"id":"https://openalex.org/keywords/weighting","display_name":"Weighting","score":0.4661000072956085},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.454800009727478},{"id":"https://openalex.org/keywords/boosting","display_name":"Boosting (machine learning)","score":0.44699999690055847},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.44339999556541443},{"id":"https://openalex.org/keywords/mnist-database","display_name":"MNIST database","score":0.42010000348091125}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6836000084877014},{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.661300003528595},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.654699981212616},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.6456000208854675},{"id":"https://openalex.org/C150921843","wikidata":"https://www.wikidata.org/wiki/Q1170431","display_name":"Resampling","level":2,"score":0.5541999936103821},{"id":"https://openalex.org/C79337645","wikidata":"https://www.wikidata.org/wiki/Q779824","display_name":"Outlier","level":2,"score":0.5109000205993652},{"id":"https://openalex.org/C45942800","wikidata":"https://www.wikidata.org/wiki/Q245652","display_name":"Ensemble learning","level":2,"score":0.4934000074863434},{"id":"https://openalex.org/C183115368","wikidata":"https://www.wikidata.org/wiki/Q856577","display_name":"Weighting","level":2,"score":0.4661000072956085},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.454800009727478},{"id":"https://openalex.org/C46686674","wikidata":"https://www.wikidata.org/wiki/Q466303","display_name":"Boosting (machine learning)","level":2,"score":0.44699999690055847},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.44339999556541443},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.42410001158714294},{"id":"https://openalex.org/C190502265","wikidata":"https://www.wikidata.org/wiki/Q17069496","display_name":"MNIST database","level":3,"score":0.42010000348091125},{"id":"https://openalex.org/C192209626","wikidata":"https://www.wikidata.org/wiki/Q190909","display_name":"Focus (optics)","level":2,"score":0.4138000011444092},{"id":"https://openalex.org/C2776214188","wikidata":"https://www.wikidata.org/wiki/Q408386","display_name":"Inference","level":2,"score":0.3522000014781952},{"id":"https://openalex.org/C81363708","wikidata":"https://www.wikidata.org/wiki/Q17084460","display_name":"Convolutional neural network","level":2,"score":0.33379998803138733},{"id":"https://openalex.org/C12267149","wikidata":"https://www.wikidata.org/wiki/Q282453","display_name":"Support vector machine","level":2,"score":0.3319000005722046},{"id":"https://openalex.org/C136536468","wikidata":"https://www.wikidata.org/wiki/Q1225894","display_name":"Undersampling","level":2,"score":0.32429999113082886},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.3111000061035156},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.2994999885559082},{"id":"https://openalex.org/C153180895","wikidata":"https://www.wikidata.org/wiki/Q7148389","display_name":"Pattern recognition (psychology)","level":2,"score":0.29750001430511475},{"id":"https://openalex.org/C22019652","wikidata":"https://www.wikidata.org/wiki/Q331309","display_name":"Overfitting","level":3,"score":0.2973000109195709},{"id":"https://openalex.org/C41065033","wikidata":"https://www.wikidata.org/wiki/Q2825412","display_name":"Adversary","level":2,"score":0.2903999984264374},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.28780001401901245},{"id":"https://openalex.org/C81790035","wikidata":"https://www.wikidata.org/wiki/Q847158","display_name":"Jackknife resampling","level":3,"score":0.28459998965263367},{"id":"https://openalex.org/C77618280","wikidata":"https://www.wikidata.org/wiki/Q1155772","display_name":"Scheme (mathematics)","level":2,"score":0.2825999855995178},{"id":"https://openalex.org/C55166926","wikidata":"https://www.wikidata.org/wiki/Q2892946","display_name":"Oracle","level":2,"score":0.28139999508857727},{"id":"https://openalex.org/C2778403875","wikidata":"https://www.wikidata.org/wiki/Q20312394","display_name":"Adversarial machine learning","level":3,"score":0.2574999928474426},{"id":"https://openalex.org/C2984842247","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep neural networks","level":3,"score":0.2540000081062317},{"id":"https://openalex.org/C89611455","wikidata":"https://www.wikidata.org/wiki/Q6804646","display_name":"Mechanism (biology)","level":2,"score":0.25290000438690186}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/pst65910.2025.11268872","is_oa":false,"landing_page_url":"https://doi.org/10.1109/pst65910.2025.11268872","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 22nd Annual International Conference on Privacy, Security, and Trust (PST)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":23,"referenced_works":["https://openalex.org/W1551848773","https://openalex.org/W2122234234","https://openalex.org/W2124415900","https://openalex.org/W2177066871","https://openalex.org/W2512971201","https://openalex.org/W2773459750","https://openalex.org/W2798248638","https://openalex.org/W2898017895","https://openalex.org/W2962763344","https://openalex.org/W3004155269","https://openalex.org/W3006682208","https://openalex.org/W3035311645","https://openalex.org/W3048759177","https://openalex.org/W3163222347","https://openalex.org/W3203072121","https://openalex.org/W3215171287","https://openalex.org/W4205093476","https://openalex.org/W4285404754","https://openalex.org/W4285554319","https://openalex.org/W4288758078","https://openalex.org/W4312590949","https://openalex.org/W4383503685","https://openalex.org/W4390490763"],"related_works":[],"abstract_inverted_index":{"The":[0],"wide":[1],"adoption":[2],"of":[3,42,57,110,158,174,189,218],"machine":[4,248],"learning-powered":[5],"systems":[6],"in":[7,246],"sensitive":[8],"applications,":[9],"such":[10],"as":[11,179],"banking":[12],"for":[13,241],"fraud":[14],"detection,":[15],"has":[16,78,86],"attracted":[17],"malicious":[18],"actors":[19],"who":[20],"seek":[21],"to":[22,53,69,90,95,103,133,137,160,220,231],"break":[23],"and":[24,72,98,162,192],"subvert":[25],"these":[26],"systems.":[27],"In":[28,167],"this":[29,144,226],"work,":[30],"we":[31,146,169],"focus":[32],"on":[33],"Data":[34],"Poisoning":[35],"attacks,":[36],"which":[37],"is":[38,52,124,227],"a":[39,62,148,171,180,196,233],"well-known":[40,63],"type":[41,173],"adversarial":[43,247],"attack":[44,177],"carried":[45],"out":[46],"by":[47],"an":[48],"adversary":[49],"whose":[50],"goal":[51],"reduce":[54,73],"the":[55,58,74,108,111,122,134,139,155,184,205,228,239],"effectiveness":[56],"learning":[59,65],"system.":[60],"Bagging,":[61],"ensemble":[64,244],"technique":[66],"that":[67,153,204],"aims":[68],"improve":[70],"performance":[71,120],"overall":[75],"system":[76,119],"variance,":[77],"demonstrated":[79],"robustness":[80,109],"against":[81],"data":[82,175,215],"poisoning":[83,176,216],"attacks.":[84],"Bagging":[85],"been":[87],"further":[88],"extended":[89],"include":[91],"weighted":[92,207],"schemes":[93],"designed":[94],"detect":[96],"outliers":[97],"assign":[99],"lower":[100],"resampling":[101,140],"probabilities":[102],"anomalous":[104,164],"instances,":[105],"thereby":[106],"enhancing":[107],"standard":[112,212],"bagging":[113,116,208,213],"mechanism.":[114],"Weighted":[115],"significantly":[117],"improves":[118],"when":[121],"dataset":[123,188],"poisoned;":[125],"however,":[126],"it":[127],"often":[128],"suffers":[129],"from":[130],"instability":[131],"due":[132],"mechanism":[135,209],"used":[136],"estimate":[138],"probabilities.":[141],"To":[142,223],"address":[143],"challenge,":[145],"propose":[147],"novel":[149],"weight":[150],"estimation":[151],"approach":[152],"leverages":[154],"reconstruction":[156],"capabilities":[157],"autoencoders":[159],"identify":[161],"down-weight":[163],"training":[165],"samples.":[166],"particular,":[168],"investigate":[170],"specific":[172],"known":[178],"label-flipping":[181],"attack,":[182],"using":[183,195],"widely":[185],"studied":[186],"MNIST":[187],"handwritten":[190],"images":[191],"conduct":[193],"experiments":[194],"Convolutional":[197],"Neural":[198],"Network":[199],"(CNN).":[200],"Our":[201],"results":[202],"show":[203],"proposed":[206],"consistently":[210],"outperforms":[211],"under":[214],"levels":[217],"up":[219],"$50":[221],"\\%$.":[222],"our":[224],"knowledge,":[225],"first":[229],"study":[230],"introduce":[232],"per-bag":[234],"anomaly-based":[235],"weighting":[236],"mechanism,":[237],"paving":[238],"way":[240],"future":[242],"adaptive":[243],"defenses":[245],"learning.":[249]},"counts_by_year":[],"updated_date":"2026-04-17T18:11:37.981687","created_date":"2025-12-03T00:00:00"}