Geometric Algorithms for k-NN Poisoning
share
We propose a label poisoning attack on geometric data sets against k-nearest neighbor classification. We provide an algorithm that can compute an ε n-additive approximation of the optimal poisoning in n· 2^2^O(d+k/ε) time for a given data set X ∈ℝ^d, where |X| = n. Our algorithm achieves its objectives through the application of multi-scale random partitions.
READ FULL TEXT