Query Strategies for Evading Convex-Inducing Classifiers
نویسندگان
چکیده
Classifiers are often used to detect miscreant activities. We study how an adversary can systematically query a classifier to elicit information that allows the adversary to evade detection while incurring a near-minimal cost of modifying their intended malfeasance. We generalize the theory of Lowd and Meek (2005) to the family of convex-inducing classifiers that partition input space into two sets one of which is convex. We present query algorithms for this family that construct undetected instances of approximately minimal cost using only polynomially-many queries in the dimension of the space and in the level of approximation. Our results demonstrate that near-optimal evasion can be accomplished without reverseengineering the classifier’s decision boundary. We also consider general lp costs and show that near-optimal evasion on the family of convex-inducing classifiers is generally efficient for both positive and negative convexity for all levels of approximation if p = 1.
منابع مشابه
Near-Optimal Evasion of Convex-Inducing Classifiers
Classifiers are often used to detect miscreant activities. We study how an adversary can efficiently query a classifier to elicit information that allows the adversary to evade detection at near-minimal cost. We generalize results of Lowd and Meek (2005) to convex-inducing classifiers. We present algorithms that construct undetected instances of near-minimal cost using only polynomially many qu...
متن کاملPoster: Evading Web Malware Classifiers using Genetic Programming
Malware classifiers based on machine learning models have become increasingly popular. These classifiers use a combination of structural and dynamic features to detect malware in various domains, including PDF, binaries, and web pages. We propose to use genetic programming techniques to automatically generate variants of malicious web pages that evade state-ofthe-art classifiers. Our method bui...
متن کاملInvestigation the Milling Strategies Effects on Machining of Convex Surfaces made of Glass/Epoxy Composite
In this study the effects of machining parameters such as shearing speed, feed rate, tool diameter and machining depth on different milling strategies i.e. 3D offset, spiral, raster and radial to produce the convex surface made of epoxy/glass composites is investigated. The effects of mentioned strategies on output parameters such as surface roughness and milling removal rate is also studied. T...
متن کاملPoster: Automatically Evading Classifiers A Case Study on Structural Feature-based PDF Malware Classifiers
Machine learning methods are widely used in security tasks. However, the robustness of these models against motivated adversaries is unclear. In this work, we propose a generic method that simulates evasion attempts to evaluate the robustness of classifiers under attack. We report results from experiments automatically generating malware variants to evade classifiers, from which we have observe...
متن کاملClassifier Selection Strategies for Label Fusion Using Large Atlas Databases
Structural segmentations of brain MRI can be generated by propagating manually labelled atlas images from a repository to a query subject and combining them. This method has been shown to be robust, consistent and increasingly accurate with increasing numbers of classifiers. It outperforms standard atlas-based segmentation but suffers, however, from problems of scale when the number of atlases ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Journal of Machine Learning Research
دوره 13 شماره
صفحات -
تاریخ انتشار 2012