short-paper

Understanding the risk factors of learning in adversarial environments

Authors:

Blaine Nelson,

Battista Biggio,

Pavel LaskovAuthors Info & Claims

AISec '11: Proceedings of the 4th ACM workshop on Security and artificial intelligence

Pages 87 - 92

https://doi.org/10.1145/2046684.2046698

Published: 21 October 2011 Publication History

Get Access

Abstract

Learning for security applications is an emerging field where adaptive approaches are needed but are complicated by changing adversarial behavior. Traditional approaches to learning assume benign errors in data and thus may be vulnerable to adversarial errors. In this paper, we incorporate the notion of adversarial corruption directly into the learning framework and derive a new criteria for classifier robustness to adversarial contamination.

References

[1]

M. Barreno, B. Nelson, A. D. Joseph, and J. D. Tygar. The security of machine learning. Machine Learning, 81(2):121--148, 2010.

Digital Library

Google Scholar

[2]

L. Bottou and O. Bousquet. The tradeoffs of large scale learning. In Advances in Neural Information Processing Systems (NIPS), volume 20, pages 161--168, 2008.

Google Scholar

[3]

N. Cesa-Bianchi and G. Lugosi. Prediction, Learning, and Games. Cambridge University Press, New York, NY, USA, 2006.

Digital Library

Google Scholar

[4]

N. Dalvi, P. Domingos, Mausam, S. Sanghai, and D. Verma. Adversarial classification. In Proceedings of the International Conference on Knowledge Discovery and Data Mining (KDD), pages 99--108, 2004.

Digital Library

Google Scholar

[5]

S. Dasgupta, A. T. Kalai, and C. Monteleoni. Analysis of perceptron-based active learning. Journal of Machine Learning Research, 10:281--299, 2009.

Digital Library

Google Scholar

[6]

A. Globerson and S. Roweis. Nightmare at test time: Robust learning by feature deletion. In Proceedings of the 23rd International Conference on Machine Learning (ICML), pages 353--360, 2006.

Digital Library

Google Scholar

[7]

F. R. Hampel, E. M. Ronchetti, P. J. Rousseeuw, and W. A. Stahel. Robust Statistics: The Approach Based on Influence Functions. John Wiley and Sons, 1986.

Google Scholar

[8]

P. Huber. Robust Statistics. John Wiley & Sons, 1981.

Google Scholar

[9]

M. Kearns and M. Li. Learning in the presence of malicious errors. SIAM Journal on Computing, 22(4):807--837, 1993.

Digital Library

Google Scholar

[10]

P. Laskov and M. Kloft. A framework for quantitative security analysis of machine learning. In Proceedings of the 2nd ACM Workshop on Security and Artificial Intelligence (AISec), pages 1--4, 2009.

Digital Library

Google Scholar

[11]

D. Lowd and C. Meek. Adversarial learning. In Proceedings of the International Conference on Knowledge Discovery and Data Mining (KDD), pages 641--647, 2005.

Digital Library

Google Scholar

[12]

C. H. Teo, A. Globerson, S. T. Roweis, and A. J. Smola. Convex learning with invariances. In Advances in Neural Information Processing Systems (NIPS), 2007.

Google Scholar

[13]

V. N. Vapnik. The Nature of Statistical Learning Theory. Springer-Verlag New York, Inc., 1995.

Digital Library

Google Scholar

[14]

H. Xu, C. Caramanis, and S. Mannor. Robustness and regularization of support vector machines. Journal of Machine Learning Research, 10:1485--1510, 2009.

Digital Library

Google Scholar

Cited By

View all

Hojas-Mazo WMaciá-Pérez FBerná Martínez JMoreno-Espino MLorenzo Fonseca IPavón J(2024)Framework Based on Simulation of Real-World Message Streams to Evaluate Classification SolutionsAlgorithms10.3390/a1701004717:1(47)Online publication date: 21-Jan-2024
https://doi.org/10.3390/a17010047
Rawat D(2023)Towards Neuro-Symbolic AI for Assured and Trustworthy Human-Autonomy Teaming2023 5th IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA)10.1109/TPS-ISA58951.2023.00030(177-179)Online publication date: 1-Nov-2023
https://doi.org/10.1109/TPS-ISA58951.2023.00030
Rawat D(2022)Artificial Intelligence Meets Tactical Autonomy: Challenges and Perspectives2022 IEEE 4th International Conference on Cognitive Machine Intelligence (CogMI)10.1109/CogMI56440.2022.00017(49-51)Online publication date: Dec-2022
https://doi.org/10.1109/CogMI56440.2022.00017
Show More Cited By

Index Terms

Understanding the risk factors of learning in adversarial environments
1. Computing methodologies
  1. Machine learning
    1. Learning paradigms
      1. Supervised learning
        Supervised learning by classification
    2. Machine learning approaches
      1. Classification and regression trees

Recommendations

Adversarial machine learning
AISec '11: Proceedings of the 4th ACM workshop on Security and artificial intelligence

In this paper (expanded from an invited talk at AISEC 2010), we discuss an emerging field of study: adversarial machine learning---the study of effective machine learning techniques against an adversarial opponent. In this paper, we: give a taxonomy for ...
Can machine learning be secure?
ASIACCS '06: Proceedings of the 2006 ACM Symposium on Information, computer and communications security

Machine learning systems offer unparalled flexibility in dealing with evolving input in a variety of applications, such as intrusion detection systems and spam e-mail filtering. However, machine learning algorithms themselves can be a target of attack ...
Defending against adversarial machine learning attacks using hierarchical learning: A case study on network traffic attack classification
Abstract
Machine learning is key for automated detection of malicious network activity to ensure that computer networks and organizations are protected against cyber security attacks. Recently, there has been growing interest in the domain of ...

Comments

Information & Contributors

Information

Published In

AISec '11: Proceedings of the 4th ACM workshop on Security and artificial intelligence

October 2011

124 pages

ISBN:9781450310031

DOI:10.1145/2046684

General Chair:
Yan Chen
Northwestern University, USA
,
Program Chairs:
Alvaro A. Cárdenas
Fujitsu Laboratories of America, USA
,
Rachel Greenstadt
Drexel University, USA
,
Ben Rubinstein
Microsoft Research, USA

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 21 October 2011

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper

Conference

CCS'11

Sponsor:

SIGSAC

CCS'11: the ACM Conference on Computer and Communications Security

October 21, 2011

Illinois, Chicago, USA

Acceptance Rates

Overall Acceptance Rate 94 of 231 submissions, 41%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

11
Total Citations
View Citations
279
Total Downloads

Downloads (Last 12 months)2
Downloads (Last 6 weeks)0

Reflects downloads up to 09 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Hojas-Mazo WMaciá-Pérez FBerná Martínez JMoreno-Espino MLorenzo Fonseca IPavón J(2024)Framework Based on Simulation of Real-World Message Streams to Evaluate Classification SolutionsAlgorithms10.3390/a1701004717:1(47)Online publication date: 21-Jan-2024
https://doi.org/10.3390/a17010047
Rawat D(2023)Towards Neuro-Symbolic AI for Assured and Trustworthy Human-Autonomy Teaming2023 5th IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA)10.1109/TPS-ISA58951.2023.00030(177-179)Online publication date: 1-Nov-2023
https://doi.org/10.1109/TPS-ISA58951.2023.00030
Rawat D(2022)Artificial Intelligence Meets Tactical Autonomy: Challenges and Perspectives2022 IEEE 4th International Conference on Cognitive Machine Intelligence (CogMI)10.1109/CogMI56440.2022.00017(49-51)Online publication date: Dec-2022
https://doi.org/10.1109/CogMI56440.2022.00017
Jáñez-Martino FAlaiz-Rodríguez RGonzález-Castro VFidalgo EAlegre E(2022)A review of spam email detection: analysis of spammer strategies and the dataset shift problemArtificial Intelligence Review10.1007/s10462-022-10195-456:2(1145-1173)Online publication date: 11-May-2022
https://doi.org/10.1007/s10462-022-10195-4
Wen JZhao BXue MOprea AQian H(2021)With Great Dispersion Comes Greater Resilience: Efficient Poisoning Attacks and Defenses for Linear Regression ModelsIEEE Transactions on Information Forensics and Security10.1109/TIFS.2021.308733216(3709-3723)Online publication date: 2021
https://doi.org/10.1109/TIFS.2021.3087332
Apte ABandyopadhyay AShenoy KAndrews JRathod AAgnihotri MJajodia A(2020)Countering Inconsistent Labelling by Google’s Vision API for Rotated ImagesInnovations in Computational Intelligence and Computer Vision10.1007/978-981-15-6067-5_23(202-213)Online publication date: 22-Sep-2020
https://doi.org/10.1007/978-981-15-6067-5_23
Burkard CLagesse BVerma RThuraisingham BVerma R(2017)Analysis of Causative Attacks against SVMs Learning from Data StreamsProceedings of the 3rd ACM on International Workshop on Security And Privacy Analytics10.1145/3041008.3041012(31-36)Online publication date: 24-Mar-2017
https://dl.acm.org/doi/10.1145/3041008.3041012
Xiao HBiggio BNelson BXiao HEckert CRoli F(2015)Support vector machines under adversarial label contaminationNeurocomputing10.5555/2779626.2779777160:C(53-62)Online publication date: 21-Jul-2015
https://dl.acm.org/doi/10.5555/2779626.2779777
Mozaffari-Kermani MSur-Kolay SRaghunathan AJha N(2015)Systematic Poisoning Attacks on and Defenses for Machine Learning in HealthcareIEEE Journal of Biomedical and Health Informatics10.1109/JBHI.2014.234409519:6(1893-1905)Online publication date: Nov-2015
https://doi.org/10.1109/JBHI.2014.2344095
Xiao HBiggio BNelson BXiao HEckert CRoli F(2015)Support vector machines under adversarial label contaminationNeurocomputing10.1016/j.neucom.2014.08.081160(53-62)Online publication date: Jul-2015
https://doi.org/10.1016/j.neucom.2014.08.081
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Adversarial machine learning

Can machine learning be secure?

Defending against adversarial machine learning attacks using hierarchical learning: A case study on network traffic attack classification

Comments

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Upcoming Conference

Other Metrics

Article Metrics

Other Metrics

Cited By

Login options

Full Access

PDF

eReader

Abstract

References

Cited By

Index Terms

Recommendations

Adversarial machine learning

Can machine learning be secure?

Defending against adversarial machine learning attacks using hierarchical learning: A case study on network traffic attack classification

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Upcoming Conference

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Get Access

Login options

Full Access

View options

PDF

eReader

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations