This paper presents a method to protect learning AI models against data and label poisoning attacks; The Norm Culture method posits that each class in an image classification problem possesses an inherent structure that serves as a primary defense against attacks—such as data or label poisoning—that can corrupt new training and testing samples during the parameter update phase of an AI predictive model within a conventional deep learning framework. The method requires calculating three elements from the essential training and testing samples. The first element is the flattened matrix representing the class image. The second element is the class alpha, a scalar that represents the weight norm of the class. The final element is the most recently validated AI predictive model. The experimental outcomes on a binary class image classification dataset from health domains indicate that the proposed method effectively identifies training and testing sample images compromised by either type of attack one or two. Additionally, there is potential for enhancing the method within the mathematical functions of the AI framework.
Keywords: Norm Culture Method, Classification, AI Attacks, training data poisoning and label poisoning
Cite as: Deniz Dahman. “The Norm Culture” advocates for the introduction of a security layer in continuously learning AI models to protect against data and label poisoning attacks. ScienceOpen Preprints. 2024. DOI: 10.14293/PR2199.000907.v1
