Evading Anomaly Detection through Variance Injection Attacks on PCA

Authors:
Benjamin I. Rubinstein;Blaine Nelson;Ling Huang;Anthony D. Joseph;Shing-Hon Lau;Nina Taft;J. D. Tygar
Affiliations:
UC Berkeley,;UC Berkeley,;Intel Research, Berkeley,;UC Berkeley, and Intel Research, Berkeley,;UC Berkeley,;Intel Research, Berkeley,;UC Berkeley,
Venue:
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
Year:
2008

Citing 1
Cited 2

Diagnosing network-wide traffic anomalies

Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications

Runtime Monitoring and Dynamic Reconfiguration for Intrusion Detection Systems

RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
Improving an SVD-based combination strategy of anomaly detectors for traffic labelling

Proceedings of the Asian Internet Engineeering Conference

Quantified Score

Hi-index	0.00

Visualization

Abstract

Whenever machine learning is applied to security problems, it is important to measure vulnerabilities to adversaries who poison the training data. We demonstrate the impact of variance injection schemes on PCA-based network-wide volume anomaly detectors, when a single compromised PoP injects chaff into the network. These schemes can increase the chance of evading detection by sixfold, for DoS attacks.