Defacement Detection with Passive Adversaries
作者: Francesco Bergadano , Fabio Carretto , Fabio Cogno , Dario Ragno
DOI: 10.3390/A12080150
关键词:
摘要: A novel approach to defacement detection is proposed in this paper, addressing explicitly the possible presence of a passive adversary. Defacement an important security measure for Web Sites and Applications, aimed at avoiding unwanted modifications that would result significant reputational damage. As many other anomaly contexts, algorithm used identify defacements obtained via Adversarial Machine Learning process. We consider exploratory setting, where adversary can observe detector’s alarm-generating behaviour, with purpose devising injecting will pass undetected. It then necessary make learning process unpredictable, so be unable replicate it predict classifier’s behaviour. achieve goal by introducing secret key—a key our does not know. The influence number different ways, are precisely defined paper. This includes subset examples features actually used, time testing, as well algorithm’s hyper-parameters. methodology successfully applied context, using system both real artificially modified sites. year-long experimentation also described, referred monitoring new Site major manufacturing company.
mdpi.com
sci-hub.se 参考文章(26)
Nedim Šrndić, Battista Biggio, Giorgio Giacinto, Igino Corona, Fabio Roli, Davide Maiorca, Blaine Nelson, Pavel Laskov, Evasion attacks against machine learning at test time european conference on machine learning. ,vol. 8190, pp. 387- 402 ,(2013) , 10.1007/978-3-642-40994-3_25
FRANCESCO BERGADANO, ATTILIO GIORDANA, A Knowledge Intensive Approach to Concept Induction. international conference on machine learning. pp. 305- 317 ,(1988) , 10.1016/B978-0-934613-64-4.50037-2
Sasa Mrdovic, Branislava Drazenovic, None, KIDS: keyed intrusion detection system international conference on detection of intrusions and malware and vulnerability assessment. pp. 173- 182 ,(2010) , 10.1007/978-3-642-14215-4_10
Ke Wang, Janak J. Parekh, Salvatore J. Stolfo, Anagram: A Content Anomaly Detector Resistant to Mimicry Attack Lecture Notes in Computer Science. pp. 226- 248 ,(2006) , 10.1007/11856214_12
Kevin Borgolte, Christopher Kruegel, Giovanni Vigna, Meerkat: detecting website defacements through image-based object recognition usenix security symposium. pp. 595- 610 ,(2015)
Giorgio Davanzo, Eric Medvet, Alberto Bartoli, A Comparative Study of Anomaly Detection Techniques in Web Site Defacement Detection information security conference. pp. 711- 716 ,(2008) , 10.1007/978-0-387-09699-5_50
Michael Kearns, Ming Li, Learning in the Presence of Malicious Errors SIAM Journal on Computing. ,vol. 22, pp. 807- 837 ,(1993) , 10.1137/0222052
Francesco Bergadano, Daniele Gunetti, Claudia Picardi, User authentication through keystroke dynamics ACM Transactions on Information and System Security. ,vol. 5, pp. 367- 397 ,(2002) , 10.1145/581271.581272
Juan E. Tapiador, Agustin Orfila, Arturo Ribagorda, Benjamin Ramos, Key-Recovery Attacks on KIDS, a Keyed Anomaly Detection System IEEE Transactions on Dependable and Secure Computing. ,vol. 12, pp. 312- 325 ,(2015) , 10.1109/TDSC.2013.39
Charu C. Aggarwal, Jian Pei, Bo Zhang, On privacy preservation against adversarial data mining knowledge discovery and data mining. pp. 510- 516 ,(2006) , 10.1145/1150402.1150460