Label Noise Detection System Against Label Flipping Attack

The label flipping attack is a special poisoning attack in the adversarial environment. By adding noise to the data, it destroys the learning process of the model and affects the decision-making performance of the model. Recent literature work uses semi-supervised learning techniques to defend against label flipping attacks. However, these methods require a clean dataset to achieve their goals. This study proposes a novel label noise processing framework to correct the labels of contaminated samples in the data preprocessing stage. Based on five real UCI datasets, we evaluated the effectiveness of the semi-supervised defensive label noise correction algorithm based on the AdaBoost algorithm(AdaSSL). With a noise ratio of 0~20%, we compared the classification performance of six classic machine learning algorithms (NB, LR, SVM, DT, KNN and MLP) under the AdaSSL defense algorithm. The results show that compared with the most advanced semi-supervised defense algorithms in the literature, our algorithm does not need to use an additional dataset. At a noise ratio of 10%, the AdaSSL algorithm is significantly better than state of the art label noise defense technology.