We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:

Download:

Current browse context:

cs.GT

Change to browse by:

References & Citations

DBLP - CS Bibliography

Bookmark

(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo ScienceWISE logo

Computer Science > Computer Science and Game Theory

Title: A General Retraining Framework for Scalable Adversarial Classification

Abstract: Traditional classification algorithms assume that training and test data come from the same or similar distribution. This assumption is violated in adversarial settings, where malicious actors modify instances to evade detection. A number of custom methods have been developed for both adversarial evasion attacks and robust learning. We propose the first systematic and general-purpose retraining framework which can: a) boost robustness of an arbitrary learning algorithm, and b) incorporate a broad class of adversarial models. We show that, under natural conditions, the retraining framework minimizes an upper bound on optimal adversarial risk, and show how to extend this result to account for approximations of evasion attacks. We also offer a very general adversarial evasion model and algorithmic framework based on coordinate greedy local search. Extensive experimental evaluation demonstrates that our retraining methods are nearly indistinguishable from state-of-the-art algorithms for optimizing adversarial risk, but far more scalable and general. The experiments also confirm that without retraining, our adversarial framework is extremely effective in dramatically reducing the effectiveness of learning. In contrast, retraining significantly boosts robustness to evasion attacks without compromising much overall accuracy.
Subjects: Computer Science and Game Theory (cs.GT); Machine Learning (cs.LG); Machine Learning (stat.ML)
Cite as: arXiv:1604.02606 [cs.GT]
  (or arXiv:1604.02606v1 [cs.GT] for this version)

Submission history

From: Bo Li [view email]
[v1] Sat, 9 Apr 2016 20:14:36 GMT (3250kb,D)
[v2] Sat, 26 Nov 2016 09:31:57 GMT (4018kb,D)

Link back to: arXiv, form interface, contact.