Near-Optimal Evasion of Convex-Inducing Classifiers

Blaine Nelson; Benjamin Rubinstein; Ling Huang; Anthony Joseph; Shing–hon Lau; Steven Lee; Satish Rao; Anthony Tran; Doug Tygar

2010 AISTATS AISTATS 2010

Near-Optimal Evasion of Convex-Inducing Classifiers

Abstract

Classifiers are often used to detect miscreant activities. We study how an adversary can efficiently query a classifier to elicit information that allows the adversary to evade detection at near-minimal cost. We generalize results of Lowd and Meek (2005) to convex-inducing classifiers. We present algorithms that construct undetected instances of near-minimal cost using only polynomially many queries in the dimension of the space and without reverse engineering the decision boundary.

🚀 Conference Pioneer — AISTATS 2010

📈 Trend Setter — Adversarial Learning

🧭 Keyword Pioneer — evasion attack

🐝 Cross-Pollinator — Artificial Intelligence, Computer Science, Computer Vision, Data Science & Analytics, Deep Learning, Machine Learning, Mathematics & Optimization, Natural Language Processing, Reinforcement Learning, Speech & Audio

🌉 Interdisciplinary Bridge — Artificial Intelligence and Machine Learning

🐣 Hot Topic Early Bird — adversarial learning

Authors

Blaine Nelson , Benjamin Rubinstein , Ling Huang , Anthony Joseph , Shing–hon Lau , Steven Lee , Satish Rao , Anthony Tran , Doug Tygar

Topics

Machine Learning > Learning Types > Adversarial Learning Artificial Intelligence > Core AI > Adversarial Learning

Keywords

adversarial learning convex optimization query complexity adversarial attack evasion attack convex classifier classifier evasion

Download PDF

Related papers

Towards Understanding Situated Natural Language 2010

Mass Fatality Incident Identification based on nuclear DNA evidence 2010

Locally Linear Denoising on Image Manifolds 2010

Negative Results for Active Learning with Convex Losses 2010

Collaborative Filtering on a Budget 2010