{"id":"https://openalex.org/W4403321808","doi":"https://doi.org/10.48550/arxiv.2409.05657","title":"Adversarial Attacks on Data Attribution","display_name":"Adversarial Attacks on Data Attribution","publication_year":2024,"publication_date":"2024-09-09","ids":{"openalex":"https://openalex.org/W4403321808","doi":"https://doi.org/10.48550/arxiv.2409.05657"},"language":"en","primary_location":{"id":"pmh:oai:arXiv.org:2409.05657","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2409.05657","pdf_url":"https://arxiv.org/pdf/2409.05657","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},"type":"preprint","indexed_in":["arxiv","datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/2409.05657","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5058827392","display_name":"Xinhe Wang","orcid":"https://orcid.org/0000-0002-0027-4672"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Wang, Xinhe","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5030390478","display_name":"Pingbang Hu","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Hu, Pingbang","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5028811228","display_name":"Junwei Deng","orcid":"https://orcid.org/0009-0004-9430-3244"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Deng, Junwei","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5113429293","display_name":"Jiaqi W. Ma","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Ma, Jiaqi W.","raw_affiliation_strings":[],"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5058827392"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":true,"cited_by_count":1,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9296000003814697,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9296000003814697,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.8195626735687256},{"id":"https://openalex.org/keywords/attribution","display_name":"Attribution","score":0.7146660089492798},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5471011400222778},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5396741628646851},{"id":"https://openalex.org/keywords/authorship-attribution","display_name":"Authorship attribution","score":0.4226521849632263},{"id":"https://openalex.org/keywords/data-science","display_name":"Data science","score":0.3418980836868286},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3240394592285156},{"id":"https://openalex.org/keywords/psychology","display_name":"Psychology","score":0.2507492005825043},{"id":"https://openalex.org/keywords/social-psychology","display_name":"Social psychology","score":0.1550237238407135}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.8195626735687256},{"id":"https://openalex.org/C143299363","wikidata":"https://www.wikidata.org/wiki/Q900584","display_name":"Attribution","level":2,"score":0.7146660089492798},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5471011400222778},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5396741628646851},{"id":"https://openalex.org/C3020202489","wikidata":"https://www.wikidata.org/wiki/Q2032038","display_name":"Authorship attribution","level":2,"score":0.4226521849632263},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.3418980836868286},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3240394592285156},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.2507492005825043},{"id":"https://openalex.org/C77805123","wikidata":"https://www.wikidata.org/wiki/Q161272","display_name":"Social psychology","level":1,"score":0.1550237238407135}],"mesh":[],"locations_count":2,"locations":[{"id":"pmh:oai:arXiv.org:2409.05657","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2409.05657","pdf_url":"https://arxiv.org/pdf/2409.05657","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},{"id":"doi:10.48550/arxiv.2409.05657","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2409.05657","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"pmh:oai:arXiv.org:2409.05657","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2409.05657","pdf_url":"https://arxiv.org/pdf/2409.05657","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":false},"content_urls":{"pdf":"https://content.openalex.org/works/W4403321808.pdf"},"referenced_works_count":0,"referenced_works":[],"related_works":["https://openalex.org/W2502115930","https://openalex.org/W2482350142","https://openalex.org/W4246396837","https://openalex.org/W3126451824","https://openalex.org/W1561927205","https://openalex.org/W3191453585","https://openalex.org/W4297672492","https://openalex.org/W4205570701","https://openalex.org/W2975078241","https://openalex.org/W2623063325"],"abstract_inverted_index":{"Data":[0],"attribution":[1,53,179],"aims":[2],"to":[3,12,23,60,72,112,165,188,196,230],"quantify":[4],"the":[5,13,25,35,48,85,114,123,127,147,156,166,208,213,221],"contribution":[6],"of":[7,15,27,51],"individual":[8],"training":[9,28],"data":[10,29,32,52,97,124,157,178,183],"points":[11,184],"outputs":[14],"an":[16,172],"AI":[17,128],"model,":[18],"which":[19,108],"has":[20,57],"been":[21,58],"used":[22,140],"measure":[24],"value":[26],"and":[30,40,88,90,105,130,159,192,204],"compensate":[31],"providers.":[33],"Given":[34],"impact":[36],"on":[37,96,162],"financial":[38],"decisions":[39],"compensation":[41,115,215,225],"mechanisms,":[42],"a":[43,78,137],"critical":[44],"question":[45],"arises":[46],"concerning":[47],"adversarial":[49,93,132,194],"robustness":[50],"methods.":[54],"However,":[55],"there":[56],"little":[59],"no":[61],"systematic":[62],"research":[63],"addressing":[64],"this":[65,68,74],"issue.":[66],"In":[67,145],"work,":[69],"we":[70],"aim":[71],"bridge":[73],"gap":[75],"by":[76,216],"detailing":[77],"threat":[79],"model":[80],"with":[81],"clear":[82],"assumptions":[83],"about":[84,122,155],"adversary's":[86],"goal":[87],"capabilities":[89],"proposing":[91],"principled":[92],"attack":[94],"methods":[95,180],"attribution.":[98],"We":[99],"present":[100,175],"two":[101],"methods,":[102],"Shadow":[103,118,209],"Attack":[104,119,149,210,223],"Outlier":[106,148,222],"Attack,":[107],"generate":[109,197],"manipulated":[110,198],"datasets":[111],"inflate":[113,212],"adversarially.":[116],"The":[117],"leverages":[120],"knowledge":[121,154],"distribution":[125,158],"in":[126,141,176,201],"applications,":[129],"derives":[131],"perturbations":[133],"through":[134],"\"shadow":[135],"training\",":[136],"technique":[138],"commonly":[139],"membership":[142],"inference":[143],"attacks.":[144],"contrast,":[146],"does":[150],"not":[151],"assume":[152],"any":[153],"relies":[160],"solely":[161],"black-box":[163],"queries":[164],"target":[167],"model's":[168],"predictions.":[169],"It":[170],"exploits":[171],"inductive":[173],"bias":[174],"many":[177],"-":[181,191],"outlier":[182],"are":[185],"more":[186],"likely":[187],"be":[189],"influential":[190],"employs":[193],"examples":[195],"datasets.":[199],"Empirically,":[200],"image":[202],"classification":[203],"text":[205],"generation":[206],"tasks,":[207],"can":[211],"data-attribution-based":[214],"at":[217,239],"least":[218],"200%,":[219],"while":[220],"achieves":[224],"inflation":[226],"ranging":[227],"from":[228],"185%":[229],"as":[231,233],"much":[232],"643%.":[234],"Our":[235],"implementation":[236],"is":[237],"ready":[238],"https://github.com/TRAIS-Lab/adversarial-attack-data-attribution.":[240]},"counts_by_year":[{"year":2026,"cited_by_count":1}],"updated_date":"2026-03-07T16:01:11.037858","created_date":"2025-10-10T00:00:00"}