Adversarial machine learning
- 21 October 2011
- conference paper
- conference paper
- Published by Association for Computing Machinery (ACM)
- Vol. 15 (5), 43-58
- https://doi.org/10.1145/2046684.2046692
Abstract
In this paper (expanded from an invited talk at AISEC 2010), we discuss an emerging field of study: adversarial machine learning---the study of effective machine learning techniques against an adversarial opponent. In this paper, we: give a taxonomy for classifying attacks against online machine learning algorithms; discuss application-specific factors that limit an adversary's capabilities; introduce two models for modeling an adversary's capabilities; explore the limits of an adversary's knowledge about the algorithm, feature space, training, and input data; explore vulnerabilities in machine learning algorithms; discuss countermeasures against attacks; introduce the evasion challenge; and discuss privacy-preserving learning techniques.This publication has 35 references indexed in Scilit:
- A firm foundation for private data analysisCommunications of the ACM, 2011
- New Efficient Attacks on Statistical Disclosure Control MechanismsLecture Notes in Computer Science, 2008
- Advanced Allergy Attacks: Does a Corpus Really Help?Lecture Notes in Computer Science, 2007
- Algorithms for Projection–Pursuit robust principal component analysisChemometrics and Intelligent Laboratory Systems, 2007
- L -diversityACM Transactions on Knowledge Discovery From Data, 2007
- Differential PrivacyLecture Notes in Computer Science, 2006
- Paragraph: Thwarting Signature Learning by Training MaliciouslyLecture Notes in Computer Science, 2006
- Allergy Attack Against Automatic Signature GenerationLecture Notes in Computer Science, 2006
- Calibrating Noise to Sensitivity in Private Data AnalysisLecture Notes in Computer Science, 2006
- k-ANONYMITY: A MODEL FOR PROTECTING PRIVACYInternational Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, 2002