Security of Distributed Machine Learning: A Game-Theoretic Approach to Design Secure DSVM

Distributed machine learning algorithms play a significant role in processing massive data sets over large networks. However, the increasing reliance on machine learning on information and communication technologies (ICTs) makes it inherently vulnerable to cyber threats. This work aims to develop secure distributed algorithms to protect the learning from data poisoning and network attacks. We establish a game-theoretic framework to capture the conflicting goals of a learner who uses distributed support vector machines (SVMs) and an attacker who is capable of modifying training data and labels. We develop a fully distributed and iterative algorithm to capture real-time reactions of the learner at each node to adversarial behaviors. The numerical results show that distributed SVM is prone to fail in different types of attacks, and their impact has a strong dependence on the network structure and attack capabilities.

[1]  Brian Neil Levine,et al.  A Survey of Solutions to the Sybil Attack , 2006 .

[2]  Chris Clifton,et al.  Classifier evaluation and attribute selection against active adversaries , 2010, Data Mining and Knowledge Discovery.

[3]  Quanyan Zhu,et al.  Interdependent Strategic Security Risk Management With Bounded Rationality in the Internet of Things , 2019, IEEE Transactions on Information Forensics and Security.

[4]  R. Poovendran,et al.  Modeling node capture attacks in wireless sensor networks , 2008, 2008 46th Annual Allerton Conference on Communication, Control, and Computing.

[5]  Hennie A. Kruger,et al.  Value-focused assessment of ICT security awareness in an academic environment , 2007, Comput. Secur..

[6]  Yvo Desmedt Man-in-the-Middle Attack , 2005, Encyclopedia of Cryptography and Security.

[7]  Pietro Michiardi,et al.  Game theoretic analysis of security in mobile ad hoc networks , 2002 .

[8]  Blaine Nelson,et al.  Misleading Learners: Co-opting Your Spam Filter , 2009 .

[9]  Quanyan Zhu,et al.  Subgame Perfect Equilibrium Analysis for Jamming Attacks on Resilient Graphs , 2019, 2019 American Control Conference (ACC).

[10]  Quanyan Zhu,et al.  A Game-Theoretic Approach to Design Secure and Resilient Distributed Support Vector Machines , 2018, IEEE Transactions on Neural Networks and Learning Systems.

[11]  Pedro M. Domingos,et al.  Adversarial classification , 2004, KDD.

[12]  Vwani P. Roychowdhury,et al.  Distributed Parallel Support Vector Machines in Strongly Connected Networks , 2008, IEEE Transactions on Neural Networks.

[13]  Blaine Nelson,et al.  The security of machine learning , 2010, Machine Learning.

[14]  Tomoyuki Ohta,et al.  Secure decentralized data transfer against node capture attacks for wireless sensor networks , 2009, 2009 International Symposium on Autonomous Decentralized Systems.

[15]  Quanyan Zhu,et al.  Game-theoretic defense of adversarial distributed support vector machines , 2019 .

[16]  Quanyan Zhu,et al.  Consensus-based transfer linear support vector machines for decentralized multi-task multi-agent learning , 2018, 2018 52nd Annual Conference on Information Sciences and Systems (CISS).

[17]  Quanyan Zhu,et al.  Optimal Secure Two-Layer IoT Network Design , 2017, IEEE Transactions on Control of Network Systems.

[18]  Klaus Fischer,et al.  A Multiagent-Based Peer-to-Peer Network in Java for Distributed Spam Filtering , 2003, CEEMAS.

[19]  Stephen Tyree,et al.  Learning with Marginalized Corrupted Features , 2013, ICML.

[20]  Quanyan Zhu,et al.  A Differential Game Approach to Decentralized Virus-Resistant Weight Adaptation Policy Over Complex Networks , 2019, IEEE Transactions on Control of Network Systems.

[21]  Quanyan Zhu,et al.  $\mathtt{FlipIn}$ : A Game-Theoretic Cyber Insurance Framework for Incentive-Compatible Cyber Risk Management of Internet of Things , 2019, IEEE Transactions on Information Forensics and Security.

[22]  Eduardo Camponogara,et al.  Distributed Learning Agents in Urban Traffic Control , 2003, EPIA.

[23]  Emilio Parrado-Hernández,et al.  Distributed support vector machines , 2006, IEEE Trans. Neural Networks.

[24]  Di Wu,et al.  A Survey on Latest Botnet Attack and Defense , 2011, 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications.

[25]  Richard J. Lipton,et al.  Defense against man-in-the-middle attack in client-server systems , 2001, Proceedings. Sixth IEEE Symposium on Computers and Communications.

[26]  Stephen P. Boyd,et al.  Distributed Optimization and Statistical Learning via the Alternating Direction Method of Multipliers , 2011, Found. Trends Mach. Learn..

[27]  Fabio Roli,et al.  Bagging Classifiers for Fighting Poisoning Attacks in Adversarial Classification Tasks , 2011, MCS.

[28]  Claudia Eckert,et al.  Adversarial Label Flips Attack on Support Vector Machines , 2012, ECAI.

[29]  Rui Zhang,et al.  A game-theoretic analysis of label flipping attacks on distributed support vector machines , 2017, 2017 51st Annual Conference on Information Sciences and Systems (CISS).

[30]  J.A. Stankovic,et al.  Denial of Service in Sensor Networks , 2002, Computer.

[31]  A. Perrig,et al.  The Sybil attack in sensor networks: analysis & defenses , 2004, Third International Symposium on Information Processing in Sensor Networks, 2004. IPSN 2004.

[32]  John Langford,et al.  Scaling up machine learning: parallel and distributed approaches , 2011, KDD '11 Tutorials.

[33]  Sanjay Chawla,et al.  A Game Theoretical Model for Adversarial Learning , 2009, 2009 IEEE International Conference on Data Mining Workshops.

[34]  Jong Sou Park,et al.  Network Security Modeling and Cyber Attack Simulation Methodology , 2001, ACISP.

[35]  Blaine Nelson,et al.  Support Vector Machines Under Adversarial Label Noise , 2011, ACML.

[36]  Jeannette M. Wing,et al.  Game strategies in network security , 2005, International Journal of Information Security.

[37]  Amir Globerson,et al.  Nightmare at test time: robust learning by feature deletion , 2006, ICML.

[38]  Rui Zhang,et al.  Secure and resilient distributed machine learning under adversarial environments , 2015, 2015 18th International Conference on Information Fusion (Fusion).

[39]  Quanyan Zhu,et al.  A Bi-Level Game Approach to Attack-Aware Cyber Insurance of Computer Networks , 2017, IEEE Journal on Selected Areas in Communications.

[40]  Quanyan Zhu,et al.  A Dynamic Game Approach to Strategic Design of Secure and Resilient Infrastructure Network , 2019, IEEE Transactions on Information Forensics and Security.

[41]  Quanyan Zhu,et al.  Student research highlight: Secure and resilient distributed machine learning under adversarial environments , 2016, IEEE Aerospace and Electronic Systems Magazine.

[42]  Blaine Nelson,et al.  Poisoning Attacks against Support Vector Machines , 2012, ICML.

[43]  Ohad Shamir,et al.  Learning to classify with missing and corrupted features , 2008, ICML '08.

[44]  Georgios B. Giannakis,et al.  Consensus-Based Distributed Support Vector Machines , 2010, J. Mach. Learn. Res..

[45]  Quanyan Zhu,et al.  Consensus-Based Distributed Discrete Optimal Transport for Decentralized Resource Matching , 2019, IEEE Transactions on Signal and Information Processing over Networks.

[46]  Fabio Roli,et al.  Evasion Attacks against Machine Learning at Test Time , 2013, ECML/PKDD.

[47]  Zhong Chen,et al.  Securing Peer-to-Peer Content Sharing Service from Poisoning Attacks , 2008, 2008 Eighth International Conference on Peer-to-Peer Computing.