Mitigation of Adversarial Attacks through Embedded Feature Selection

08/16/2018
by   Ziyi Bao, et al.
0

Machine learning has become one of the main components for task automation in many application domains. Despite the advancements and impressive achievements of machine learning, it has been shown that learning algorithms can be compromised by attackers both at training and test time. Machine learning systems are especially vulnerable to adversarial examples where small perturbations added to the original data points can produce incorrect or unexpected outputs in the learning algorithms at test time. Mitigation of these attacks is hard as adversarial examples are difficult to detect. Existing related work states that the security of machine learning systems against adversarial examples can be weakened when feature selection is applied to reduce the systems' complexity. In this paper, we empirically disprove this idea, showing that the relative distortion that the attacker has to introduce to succeed in the attack is greater when the target is using a reduced set of features. We also show that the minimal adversarial examples differ statistically more strongly from genuine examples with a lower number of features. However, reducing the feature count can negatively impact the system's performance. We illustrate the trade-off between security and accuracy with specific examples. We propose a design methodology to evaluate the security of machine learning classifiers with embedded feature selection against adversarial examples crafted using different attack strategies.

READ FULL TEXT
research
02/08/2018

Detection of Adversarial Training Examples in Poisoning Attacks through Anomaly Detection

Machine learning has become an important component for many systems and ...
research
05/25/2020

Adversarial Feature Selection against Evasion Attacks

Pattern recognition and machine learning techniques have been increasing...
research
06/13/2023

Theoretical Foundations of Adversarially Robust Learning

Despite extraordinary progress, current machine learning systems have be...
research
02/20/2018

Attack Strength vs. Detectability Dilemma in Adversarial Machine Learning

As the prevalence and everyday use of machine learning algorithms, along...
research
12/08/2017

Wild Patterns: Ten Years After the Rise of Adversarial Machine Learning

Learning-based pattern classifiers, including deep networks, have demons...
research
12/11/2022

Mitigating Adversarial Gray-Box Attacks Against Phishing Detectors

Although machine learning based algorithms have been extensively used fo...
research
01/10/2019

Characterizing and evaluating adversarial examples for Offline Handwritten Signature Verification

The phenomenon of Adversarial Examples is attracting increasing interest...

Please sign up or login with your details

Forgot password? Click here to reset