Geometric Algorithms for $k$-NN Poisoning. (arXiv:2306.12377v1 [cs.LG])

We propose a label poisoning attack on geometric data sets against
$k$-nearest neighbor classification. We provide an algorithm that can compute
an $\varepsilon n$-additive approximation of the optimal poisoning in $n\cdot
2^{2^{O(d+k/\varepsilon)}}$ time for a given data set $X \in \mathbb{R}^d$,
where $|X| = n$. Our algorithm achieves its objectives through the application
of multi-scale random partitions.

algorithm algorithms application attack classification compute data data sets objectives poisoning