Machine Learning under Attack: Vulnerability Exploitation and Security Measures
作者: Battista Biggio
关键词:
摘要: Learning to discriminate between secure and hostile patterns is a crucial problem for species survive in nature. Mimetism camouflage are well-known examples of evolving weapons defenses the arms race predators preys. It thus clear that all information acquired by our senses should not be considered necessarily or reliable. In machine learning pattern recognition systems, however, we have started investigating these issues only recently. This phenomenon has been especially observed context adversarial settings like malware detection spam filtering, which data can purposely manipulated humans undermine outcome an automatic analysis. As current methods natively designed deal with intrinsic, nature problems, they exhibit specific vulnerabilities attacker may exploit either mislead evade detection. Identifying analyzing impact corresponding attacks on algorithms one main open novel research field learning, along design more algorithms.In first part this talk, I introduce general framework encompasses unifies previous work field, allowing systematically evaluate classifier security against different, potential attacks. example application framework, second discuss evasion attacks, where malicious samples at test time then show how carefully-designed poisoning some manipulating small fraction their training data. addition, defense mechanisms both real-world applications, including biometric identity computer security. Finally, briefly ongoing clustering algorithms, sketch promising future directions.
acm.org
sci-hub.se 参考文章(27)
Nedim Šrndić, Battista Biggio, Giorgio Giacinto, Igino Corona, Fabio Roli, Davide Maiorca, Blaine Nelson, Pavel Laskov, Evasion attacks against machine learning at test time european conference on machine learning. ,vol. 8190, pp. 387- 402 ,(2013) , 10.1007/978-3-642-40994-3_25
Fabio Roli, Battista Biggio, Giorgio Fumera, Pattern Recognition Systems under Attack iberoamerican congress on pattern recognition. ,vol. 8258, pp. 1- 8 ,(2013) , 10.1007/978-3-642-41822-8_1
Battista Biggio, Igino Corona, Zhi-Min He, Patrick P. K. Chan, Giorgio Giacinto, Daniel S. Yeung, Fabio Roli, One-and-a-Half-Class Multiple Classifier Systems for Secure Learning Against Evasion Attacks at Test Time multiple classifier systems. ,vol. 9132, pp. 168- 180 ,(2015) , 10.1007/978-3-319-20248-8_15
Pavel Laskov, Marius Kloft, Online Anomaly Detection under Adversarial Impact international conference on artificial intelligence and statistics. pp. 405- 412 ,(2010)
Battista Biggio, Igino Corona, Blaine Nelson, Benjamin I. P. Rubinstein, Davide Maiorca, Giorgio Fumera, Giorgio Giacinto, Fabio Roli, Security Evaluation of Support Vector Machines in Adversarial Environments arXiv: Learning. ,vol. 9783319023007, pp. 105- 153 ,(2014) , 10.1007/978-3-319-02300-7_4
Battista Biggio, Giorgio Fumera, Fabio Roli, Luca Didaci, Poisoning adaptive biometric systems SSPR'12/SPR'12 Proceedings of the 2012 Joint IAPR international conference on Structural, Syntactic, and Statistical Pattern Recognition. ,vol. 7626, pp. 417- 425 ,(2012) , 10.1007/978-3-642-34166-3_46
Battista Biggio, giorgio fumera, Paolo Russu, Luca Didaci, Fabio Roli, Adversarial Biometric Recognition : A review on biometric system security from the adversarial machine-learning perspective IEEE Signal Processing Magazine. ,vol. 32, pp. 31- 41 ,(2015) , 10.1109/MSP.2015.2426728
Benjamin I.P. Rubinstein, Blaine Nelson, Ling Huang, Anthony D. Joseph, Shing-hon Lau, Satish Rao, Nina Taft, J. D. Tygar, ANTIDOTE Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference - IMC '09. pp. 1- 14 ,(2009) , 10.1145/1644893.1644895
Davide Maiorca, Igino Corona, Giorgio Giacinto, Looking at the bag is not enough to find the bomb: an evasion of structural methods for malicious PDF files detection computer and communications security. pp. 119- 130 ,(2013) , 10.1145/2484313.2484327
BATTISTA BIGGIO, GIORGIO FUMERA, FABIO ROLI, Pattern Recognition Systems under Attack: Design Issues and Research Challenges International Journal of Pattern Recognition and Artificial Intelligence. ,vol. 28, pp. 1460002- ,(2014) , 10.1142/S0218001414600027