A game-theoretic defense against data poisoning attacks in distributed support vector machines

With a large number of sensors and control units in networked systems, distributed support vector machines (DSVMs) play a fundamental role in scalable and efficient multi-sensor classification and prediction tasks. However, DSVMs are vulnerable to adversaries who can modify and generate data to deceive the system to misclassification and misprediction. This work aims to design defense strategies for DSVM learner against a potential adversary. We use a game-theoretic framework to capture the conflicting interests between the DSVM learner and the attacker. The Nash equilibrium of the game allows predicting the outcome of learning algorithms in adversarial environments, and enhancing the resilience of the machine learning through dynamic distributed algorithms. We develop a secure and resilient DSVM algorithm with rejection method, and show its resiliency against adversary with numerical experiments.

[1]  Kanishka Bhaduri,et al.  Distributed Support Vector Machines: An Overview , 2016, Solving Large Scale Learning Tasks.

[2]  Fabio Roli,et al.  Evasion Attacks against Machine Learning at Test Time , 2013, ECML/PKDD.

[3]  Blaine Nelson,et al.  Adversarial machine learning , 2019, AISec '11.

[4]  Rui Zhang,et al.  A game-theoretic analysis of label flipping attacks on distributed support vector machines , 2017, 2017 51st Annual Conference on Information Sciences and Systems (CISS).

[5]  Georgios B. Giannakis,et al.  Consensus-Based Distributed Support Vector Machines , 2010, J. Mach. Learn. Res..

[6]  Quanyan Zhu,et al.  Game theory meets network security and privacy , 2013, CSUR.

[7]  Gang Wang,et al.  On-line least squares support vector machine algorithm in gas prediction , 2009 .

[8]  Sanjay Chawla,et al.  A Game Theoretical Model for Adversarial Learning , 2009, 2009 IEEE International Conference on Data Mining Workshops.

[9]  Dan Shen,et al.  Adaptive Markov Game Theoretic Data Fusion Approach for Cyber Network Defense , 2007, MILCOM 2007 - IEEE Military Communications Conference.

[10]  Swagatam Das,et al.  Multi-sensor data fusion using support vector machine for motor fault detection , 2012, Inf. Sci..

[11]  Jian-xiong Dong,et al.  Fast SVM training algorithm with decomposition on very large data sets , 2005, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[12]  Huosheng Hu,et al.  Toward a fully decentralized architecture for multi-sensor data fusion , 1990, Proceedings., IEEE International Conference on Robotics and Automation.

[13]  Lorenzo Bruzzone,et al.  Fusion of Hyperspectral and LIDAR Remote Sensing Data for Classification of Complex Forest Areas , 2008, IEEE Transactions on Geoscience and Remote Sensing.

[14]  Stephen P. Boyd,et al.  Distributed Optimization and Statistical Learning via the Alternating Direction Method of Multipliers , 2011, Found. Trends Mach. Learn..

[15]  Chris Clifton,et al.  A game theoretic framework for adversarial learning , 2008 .

[16]  Adrian Perrig,et al.  Security and Privacy in Sensor Networks , 2003, Computer.

[17]  Quanyan Zhu,et al.  A Game-Theoretic Approach to Design Secure and Resilient Distributed Support Vector Machines , 2018, IEEE Transactions on Neural Networks and Learning Systems.

[18]  Jon Atli Benediktsson,et al.  Fusion of Support Vector Machines for Classification of Multisensor Data , 2007, IEEE Transactions on Geoscience and Remote Sensing.

[19]  Jonathan Eckstein Augmented Lagrangian and Alternating Direction Methods for Convex Optimization: A Tutorial and Some Illustrative Computational Results , 2012 .

[20]  Ivor W. Tsang,et al.  Core Vector Machines: Fast SVM Training on Very Large Data Sets , 2005, J. Mach. Learn. Res..

[21]  Shie Mannor,et al.  Robustness and Regularization of Support Vector Machines , 2008, J. Mach. Learn. Res..

[22]  Rui Zhang,et al.  Secure and resilient distributed machine learning under adversarial environments , 2015, 2015 18th International Conference on Information Fusion (Fusion).

[23]  Jérôme Hert,et al.  New Methods for Ligand-Based Virtual Screening: Use of Data Fusion and Machine Learning to Enhance the Effectiveness of Similarity Searching , 2006, J. Chem. Inf. Model..

[24]  Wei Jiang,et al.  A Stochastic Game Theoretic Approach to Attack Prediction and Optimal Active Defense Strategy Decision , 2008, 2008 IEEE International Conference on Networking, Sensing and Control.

[25]  Bingsheng He,et al.  On non-ergodic convergence rate of Douglas–Rachford alternating direction method of multipliers , 2014, Numerische Mathematik.

[26]  Kaigui Bian,et al.  Robust Distributed Spectrum Sensing in Cognitive Radio Networks , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[27]  Blaine Nelson,et al.  Can machine learning be secure? , 2006, ASIACCS '06.