A Game-Theoretic Analysis of Adversarial Classification

Dritsoula, Lemonia; Loiseau, Patrick; Musacchio, John

doi:10.1109/tifs.2017.2718494

Cited by 30 publications

(28 citation statements)

References 43 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We can seek to exploit certain properties of Φ ∈ R κ×(do+1) and r ∈ R κ . To this end, we will first show that the matrix Φ ∈ R κ×(do+1) can be written as in (28), where δ i ∈ Z n+1 is a vector which can be viewed as the histogram of the distances from a i x to the encoded codewords, i.e., h(a i x ). Next, we will examine h(a i x )…”

Section: Relaxing Attack Space At Large Scalesmentioning

confidence: 99%

“…The proposed framework can be applied to any linear block code since the analytical results are based only on the abstraction of the code, i.e., [n, k, d] q . Therefore, in order to compute the detection rule, specific to the underlying encoding-decoding scheme, we need the configuration of the code, i.e., [n, k, d] q , and the matrix R ∈ R (n+1)×(do+1) , as defined in (28). At run-time, the detection mechanism triggers an alert based only on the number of mismatched symbols.…”

Section: Numerical Examplesmentioning

confidence: 99%

See 1 more Smart Citation

Reliable Smart Road Signs

Sayin

Lin

Kang

et al. 2020

IEEE Trans. Intell. Transport. Syst.

View full text Add to dashboard Cite

In this paper, we propose a game theoretical adversarial intervention detection mechanism for reliable smart road signs. A future trend in intelligent transportation systems is "smart road signs" that incorporate smart codes (e.g., visible at infrared) on their surface to provide more detailed information to smart vehicles. Such smart codes make road sign classification problem aligned with communication settings more than conventional classification. This enables us to integrate well-established results in communication theory, e.g., error-correction methods, into road sign classification problem. Recently, vision-based road sign classification algorithms have been shown to be vulnerable against (even) small scale adversarial interventions that are imperceptible for humans. On the other hand, smart codes constructed via error-correction methods can lead to robustness against small scale intelligent or random perturbations on them. In the recognition of smart road signs, however, humans are out of the loop since they cannot see or interpret them. Therefore, there is no equivalent concept of imperceptible perturbations in order to achieve a comparable performance with humans. Robustness against small scale perturbations would not be sufficient since the attacker can attack more aggressively without such a constraint. Under a game theoretical solution concept, we seek to ensure certain measure of guarantees against even the worst case (intelligent) attackers that can perturb the signal even at large scale. We provide a randomized detection strategy based on the distance between the decoder output and the received input, i.e., error rate. Finally, we examine the performance of the proposed scheme over various scenarios.

show abstract

Section: Relaxing Attack Space At Large Scalesmentioning

confidence: 99%

Section: Numerical Examplesmentioning

confidence: 99%

Reliable Smart Road Signs

Sayin

Lin

Kang

et al. 2020

IEEE Trans. Intell. Transport. Syst.

View full text Add to dashboard Cite

show abstract

“…about prob. Exploratory attacks by changing Spam filtering distribution of input and ground truth values of future input [18] Full information about learner's Exploratory attacks counterfeiting Image classification utility, cost and classifier params valid input Sequential, Bayesian, Non-zero Sum Games [6,21,5] No information about learner's Exploratory attacks by changing Spam filtering [22,36,7] utility, costs and classifier parameters values of future input [1] No information about learner's Exploratory attacks on test Stock prices utility, costs and classifier parameters set only [62,60,13] No information about learner's Exploratory attacks by mixing valid Spam filtering utility, costs and classifier parameters and adversarial input, e.g., altering [62,60] all or part of input features…”

Section: Initial Information About Learnermentioning

confidence: 99%

A Survey of Game Theoretic Approaches for Adversarial Machine Learning in Cybersecurity Tasks

Dasgupta¹,

Collins²

2019

AI Magazine

View full text Add to dashboard Cite

Machine learning techniques are currently used extensively for automating various cybersecurity tasks. Most of these techniques utilize supervised learning algorithms that rely on training the algorithm to classify incoming data into different categories, using data encountered in the relevant domain. A critical vulnerability of these algorithms is that they are susceptible to adversarial attacks where a malicious entity called an adversary deliberately alters the training data to misguide the learning algorithm into making classification errors. Adversarial attacks could render the learning algorithm unsuitable to use and leave critical systems vulnerable to cybersecurity attacks. Our paper provides a detailed survey of the state-of-the-art techniques that are used to make a machine learning algorithm robust against adversarial attacks using the computational framework of game theory. We also discuss open problems and challenges and possible directions for further research that would make deep machine learning-based systems more robust and reliable for cybersecurity tasks.

show abstract

“…This kind of problems, for instance, can be faced by game playing machine learning algorithms that seek to find an optimal trade-off between successfully passing the game level, earning the highest number of bonuses and doing all this in the fastest possible way. To this end, game theory has become a topic of ongoing interest in machine learning field that has already found its application in contributions related to numerous learning scenarios such as reinforcement learning (Peshkin et al 2000;Hu and Wellman 2003;Claus and Boutilier 1998;Panait and Luke 2005), supervised learning (Freund and Schapire 1999;Shalev-Shwartz and Singer 2007a;2007b;Schuurmans and Zinkevich 2016), and adversarial classification (Liu and Chawla 2009;Brückner and Scheffer 2011;Dritsoula, Loiseau, and Musacchio 2017) to name a few.…”

Section: Introductionmentioning

confidence: 99%

On Fair Cost Sharing Games in Machine Learning

Redko¹,

Laclau²

2019

AAAI

View full text Add to dashboard Cite

Machine learning and game theory are known to exhibit a very strong link as they mutually provide each other with solutions and models allowing to study and analyze the optimal behaviour of a set of agents. In this paper, we take a closer look at a special class of games, known as fair cost sharing games, from a machine learning perspective. We show that this particular kind of games, where agents can choose between selfish behaviour and cooperation with shared costs, has a natural link to several machine learning scenarios including collaborative learning with homogeneous and heterogeneous sources of data. We further demonstrate how the game-theoretical results bounding the ratio between the best Nash equilibrium (or its approximate counterpart) and the optimal solution of a given game can be used to provide the upper bound of the gain achievable by the collaborative learning expressed as the expected risk and the sample complexity for homogeneous and heterogeneous cases, respectively. We believe that the established link can spur many possible future implications for other learning scenarios as well, with privacy-aware learning being among the most noticeable examples.

show abstract

A Game-Theoretic Analysis of Adversarial Classification

Cited by 30 publications

References 43 publications

Reliable Smart Road Signs

Reliable Smart Road Signs

A Survey of Game Theoretic Approaches for Adversarial Machine Learning in Cybersecurity Tasks

On Fair Cost Sharing Games in Machine Learning

Contact Info

Product

Resources

About