图 书 馆
基于模型解释的对抗检测Adversarial Detection with Model Interpretation |
|
| 课程网址: | http://videolectures.net/kdd2018_liu_adversarial_interpretation/ |
| 主讲教师: | Ninghao Liu |
| 开课单位: | 德克萨斯农工大学 |
| 开课时间: | 2018-11-23 |
| 课程语种: | 英语 |
| 中文简介: |  |
| 课程简介: | Machine learning (ML) systems have been increasingly applied in web security applications such as spammer detection, malware detection and fraud detection. These applications have an intrinsic adversarial nature where intelligent attackers can adaptively change their behaviors to avoid being detected by the deployed detectors. Existing efforts against adversaries are usually limited by the type of applied ML models or the specific applications such as image classification. Additionally, the working mechanisms of ML models usually cannot be well understood by users, which in turn impede them from understanding the vulnerabilities of models nor improving their robustness. To bridge the gap, in this paper, we propose to investigate whether model interpretation could potentially help adversarial detection. Specifically, we develop a novel adversary-resistant detection framework by utilizing the interpretation of ML models. The interpretation process explains the mechanism of how the target ML model makes prediction for a given instance, thus providing more insights for crafting adversarial samples. The robustness of detectors is then improved through adversarial training with the adversarial samples. A data-driven method is also developed to empirically estimate costs of adversaries in feature manipulation. Our approach is model-agnostic and can be applied to various types of classification models. Our experimental results on two real-world datasets demonstrate the effectiveness of interpretation-based attacks and how estimated feature manipulation cost would affect the behavior of adversaries. |
| 关 键 词: | 机器学习; 网络安全应用; 检测框架 |
| 课程来源: | 视频讲座网 |
| 数据采集: | 2022-12-04:chenjy |
| 最后编审: | 2022-12-04:chenjy |
| 阅读次数: | 35 |