Learning in the presence of malicious errors
SIAM Journal on Computing
On-line learning with malicious noise and the closure algorithm
Annals of Mathematics and Artificial Intelligence
Theoretical Computer Science
Proceedings of the tenth ACM SIGKDD international conference on Knowledge discovery and data mining
Polygraph: Automatically Generating Signatures for Polymorphic Worms
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Towards Automatic Generation of Vulnerability-Based Signatures
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
MisleadingWorm Signature Generators Using Deliberate Noise Injection
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Hamsa: Fast Signature Generation for Zero-day PolymorphicWorms with Provable Attack Resilience
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Nightmare at test time: robust learning by feature deletion
ICML '06 Proceedings of the 23rd international conference on Machine learning
Evading network anomaly detection systems: formal reasoning and practical techniques
Proceedings of the 13th ACM conference on Computer and communications security
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Casting out Demons: Sanitizing Training Data for Anomaly Sensors
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Graph regularization methods for Web spam detection
Machine Learning
Learning to classify with missing and corrupted features
Machine Learning
The security of machine learning
Machine Learning
On the infeasibility of modeling polymorphic shellcode
Machine Learning
Anagram: a content anomaly detector resistant to mimicry attack
RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
A unifying view on dataset shift in classification
Pattern Recognition
Bagging classifiers for fighting poisoning attacks in adversarial classification tasks
MCS'11 Proceedings of the 10th international conference on Multiple classifier systems
Poisoning adaptive biometric systems
SSPR'12/SPR'12 Proceedings of the 2012 Joint IAPR international conference on Structural, Syntactic, and Statistical Pattern Recognition
Hi-index | 0.00 |
Whenever machine learning is used to prevent illegal or unsanctioned activity and there is an economic incentive, adversaries will attempt to circumvent the protection provided. Constraints on how adversaries can manipulate training and test data for classifiers used to detect suspicious behavior make problems in this area tractable and interesting. This special issue highlights papers that span many disciplines including email spam detection, computer intrusion detection, and detection of web pages deliberately designed to manipulate the priorities of pages returned by modern search engines. The four papers in this special issue provide a standard taxonomy of the types of attacks that can be expected in an adversarial framework, demonstrate how to design classifiers that are robust to deleted or corrupted features, demonstrate the ability of modern polymorphic engines to rewrite malware so it evades detection by current intrusion detection and antivirus systems, and provide approaches to detect web pages designed to manipulate web page scores returned by search engines. We hope that these papers and this special issue encourages the multidisciplinary cooperation required to address many interesting problems in this relatively new area including predicting the future of the arms races created by adversarial learning, developing effective long-term defensive strategies, and creating algorithms that can process the massive amounts of training and test data available for internet-scale problems.