首页> 外文期刊>Neural Networks and Learning Systems, IEEE Transactions on >Randomized Prediction Games for Adversarial Machine Learning
【24h】

Randomized Prediction Games for Adversarial Machine Learning

机译:对抗机器学习的随机预测游戏

获取原文
获取原文并翻译 | 示例

摘要

In spam and malware detection, attackers exploit randomization to obfuscate malicious data and increase their chances of evading detection at test time, e.g., malware code is typically obfuscated using random strings or byte sequences to hide known exploits. Interestingly, randomization has also been proposed to improve security of learning algorithms against evasion attacks, as it results in hiding information about the classifier to the attacker. Recent work has proposed game-theoretical formulations to learn secure classifiers, by simulating different evasion attacks and modifying the classification function accordingly. However, both the classification function and the simulated data manipulations have been modeled in a deterministic manner, without accounting for any form of randomization. In this paper, we overcome this limitation by proposing a randomized prediction game, namely, a noncooperative game-theoretic formulation in which the classifier and the attacker make randomized strategy selections according to some probability distribution defined over the respective strategy set. We show that our approach allows one to improve the tradeoff between attack detection and false alarms with respect to the state-of-the-art secure classifiers, even against attacks that are different from those hypothesized during design, on application examples including handwritten digit recognition, spam, and malware detection.
机译:在垃圾邮件和恶意软件检测中,攻击者利用随机化来混淆恶意数据并增加其在测试时逃避检测的机会,例如,通常使用随机字符串或字节序列来混淆恶意软件代码以隐藏已知漏洞。有趣的是,还提出了随机化以提高针对逃避攻击的学习算法的安全性,因为它导致向攻击者隐藏有关分类器的信息。最近的工作提出了一种游戏理论公式,通过模拟不同的规避攻击并相应地修改分类功能,来学习安全的分类器。但是,分类函数和模拟数据操作均已以确定性方式建模,而不考虑任何形式的随机化。在本文中,我们通过提出一个随机预测博弈(即非合作博弈理论表述)克服了这一局限,其中分类器和攻击者根据在各自策略集上定义的某种概率分布来进行随机策略选择。我们证明,在包括手写数字识别在内的应用示例中,我们的方法相对于最新的安全分类器,甚至可以针对与设计期间假设的攻击不同的攻击,可以改善攻击检测与错误警报之间的权衡。 ,垃圾邮件和恶意软件检测。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有
  • 客服微信

  • 服务号