论文信息 - A framework for quantitative security analysis of machine learning

A framework for quantitative security analysis of machine learning

We propose a framework for quantitative security analysis of machine learning methods. The key parts of this framework are the formal specification of a deployed learning model and attacker's constraints, the computation of an optimal attack, and the derivation of an upper bound on adversarial impact. We exemplarily apply the framework for the analysis of one specific learning scenario, online centroid anomaly detection, and experimentally verify the tightness of obtained theoretical bounds.

Marius Kloft | Pavel Laskov | M. Kloft | P. Laskov

[1] Pedro M. Domingos,et al. Adversarial classification , 2004, KDD.

[2] Konrad Rieck,et al. Linear-Time Computation of Similarity Measures for Sequential Data , 2008, J. Mach. Learn. Res..

[3] Blaine Nelson,et al. Can machine learning be secure? , 2006, ASIACCS '06.

[4] Christopher Meek,et al. Good Word Attacks on Statistical Spam Filters , 2005, CEAS.

[5] Ming Li,et al. Learning in the presence of malicious errors , 1993, STOC '88.

[6] A. Joseph,et al. Bounding an Attack ’ s Complexity for a Simple Learning Model , 2006 .

[7] Salvatore J. Stolfo,et al. On the infeasibility of modeling polymorphic shellcode , 2009, Machine Learning.

[8] Wenke Lee,et al. Misleading worm signature generators using deliberate noise injection , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[9] Wenke Lee,et al. Evading network anomaly detection systems: formal reasoning and practical techniques , 2006, CCS '06.

[10] Vladimir Vapnik,et al. Statistical learning theory , 1998 .

[11] Dawn Xiaodong Song,et al. Limits of Learning-based Signature Generation with Adversaries , 2008, NDSS.