{"title":"基于复杂性的规避攻击优化策略","authors":"Shu Li, Yun Li","doi":"10.1109/ISKE.2017.8258845","DOIUrl":null,"url":null,"abstract":"Machine learning has been widely used in security related applications, such as spam filter, network intrusion detection. In machine learning process, the test set and the training set usually have the same probability distribution and through the information of learning the training set, the malicious samples in the machine learning algorithm can usually be correctly classified. However, the classification algorithm has neglected the classification under adversarial environment, so instead they will modify the features of test data in order to spoof the classifier so as to escape its detection. In this paper, we will consider to modify the feature value of the test samples in accordance with attack algorithm proposed by Battista Biggio and further improve the algorithm. As each feature has a range of independent constraints, so the algorithm should be transformed into a constrained optimization problem. This is done in order to make the original sample modify the smaller distance so as to escape the detection of the classifier, while also improve the convergence rate during the generation of adversarial samples.","PeriodicalId":208009,"journal":{"name":"2017 12th International Conference on Intelligent Systems and Knowledge Engineering (ISKE)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Complex-based optimization strategy for evasion attack\",\"authors\":\"Shu Li, Yun Li\",\"doi\":\"10.1109/ISKE.2017.8258845\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Machine learning has been widely used in security related applications, such as spam filter, network intrusion detection. In machine learning process, the test set and the training set usually have the same probability distribution and through the information of learning the training set, the malicious samples in the machine learning algorithm can usually be correctly classified. However, the classification algorithm has neglected the classification under adversarial environment, so instead they will modify the features of test data in order to spoof the classifier so as to escape its detection. In this paper, we will consider to modify the feature value of the test samples in accordance with attack algorithm proposed by Battista Biggio and further improve the algorithm. As each feature has a range of independent constraints, so the algorithm should be transformed into a constrained optimization problem. This is done in order to make the original sample modify the smaller distance so as to escape the detection of the classifier, while also improve the convergence rate during the generation of adversarial samples.\",\"PeriodicalId\":208009,\"journal\":{\"name\":\"2017 12th International Conference on Intelligent Systems and Knowledge Engineering (ISKE)\",\"volume\":\"13 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 12th International Conference on Intelligent Systems and Knowledge Engineering (ISKE)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISKE.2017.8258845\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 12th International Conference on Intelligent Systems and Knowledge Engineering (ISKE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISKE.2017.8258845","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Complex-based optimization strategy for evasion attack
Machine learning has been widely used in security related applications, such as spam filter, network intrusion detection. In machine learning process, the test set and the training set usually have the same probability distribution and through the information of learning the training set, the malicious samples in the machine learning algorithm can usually be correctly classified. However, the classification algorithm has neglected the classification under adversarial environment, so instead they will modify the features of test data in order to spoof the classifier so as to escape its detection. In this paper, we will consider to modify the feature value of the test samples in accordance with attack algorithm proposed by Battista Biggio and further improve the algorithm. As each feature has a range of independent constraints, so the algorithm should be transformed into a constrained optimization problem. This is done in order to make the original sample modify the smaller distance so as to escape the detection of the classifier, while also improve the convergence rate during the generation of adversarial samples.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
