Go to DBLP homepageData Poisoning Attack and Defenses in Connectome-Based Predictive Models
Abstract: Connectome-based predictive models are widely used in the neuroimaging community and hold great clinical potential. Recent literature has focused on improving the accuracy and fairness of connectome-based models, while largely overlooking trustworthiness, defined as the robustness of a model to data manipulations. In this work, we investigate the idea of trustworthiness through backdoor data poisoning—a technique that manipulates a portion of the training data to encourage misclassification of a specific subset of testing data, while all other testing data remain unaffected. Furthermore, we demonstrate two defenses that mitigate, but do not completely prevent, the effects of data poisoning: randomized discretization and leave-one-site-out ensemble detection. Our findings suggest that trustworthiness in connectome-based predictive models needs to be carefully evaluated before any clinical applications and that defenses are necessary to ensure model outputs are trustworthy. Code is available at https://github.com/mattrosenblatt7/connectome_poisoning.
Loading