FENCE: Feasible Evasion Attacks on Neural Networks in Constrained Environments

Chernikova, Alesia; Oprea, Alina

doi:10.1145/3544746

Cited by 17 publications

(6 citation statements)

References 73 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…First, we performed evaluations on the raw data. As the multi-class classification models require a fixed input shape and an arbitrary elevation profile does not have a specific length, we divided the elevation profiles into equallength (32) chunks and use the raw data to train and test the models. For all datasets and threat models, we used a slightly modified version of the soft voting ensemble method while testing with raw data.…”

Section: Evaluation Resultsmentioning

confidence: 99%

“…in the image domain is a valid perturbation candidate. We emphasize, however, that this issue is not particular to this problem space we address in this paper, but applicable to a range of problems in general, such as software [29]- [31] and network domains [32], where the feature representation used for implementing the machine learning algorithm transforms the input by upholding a dependency among the features, which is not the case in the original image modality used in computer vision applications [33].…”

Section: Discussionmentioning

confidence: 99%

See 1 more Smart Citation

Learning Location From Shared Elevation Profiles in Fitness Apps: A Privacy Perspective

Meteriz-Yıldıran

Yildiran

Kim

et al. 2024

IEEE Trans. on Mobile Comput.

View full text Add to dashboard Cite

The extensive use of smartphones and wearable devices has facilitated many useful applications. For example, with Global Positioning System (GPS)-equipped smart and wearable devices, many applications can gather, process, and share rich metadata, such as geolocation, trajectories, elevation, and time. For example, fitness applications, such as Runkeeper and Strava, utilize the information for activity tracking and have recently witnessed a boom in popularity. Those fitness tracker applications have their own web platforms and allow users to share activities on such platforms or even with other social network platforms. To preserve the privacy of users while allowing sharing, several of those platforms may allow users to disclose partial information, such as the elevation profile for an activity, which supposedly would not leak the location of the users. In this work, and as a cautionary tale, we create a proof of concept where we examine the extent to which elevation profiles can be used to predict the location of users. To tackle this problem, we devise three plausible threat settings under which the city or borough of the targets can be predicted. Those threat settings define the amount of information available to the adversary to launch the prediction attacks. Establishing that simple features of elevation profiles, e.g., spectral features, are insufficient, we devise both natural language processing (NLP)-inspired text-like representation and computer vision-inspired image-like representation of elevation profiles, and we convert the problem at hand into text and image classification problem. We use both traditional machine learning-and deep learning-based techniques and achieve a prediction success rate ranging from 59.59% to 99.80%. The findings are alarming, highlighting that sharing elevation information may have significant location privacy risks.

show abstract

Section: Evaluation Resultsmentioning

confidence: 99%

Section: Discussionmentioning

confidence: 99%

Learning Location From Shared Elevation Profiles in Fitness Apps: A Privacy Perspective

Meteriz-Yıldıran

Yildiran

Kim

et al. 2024

IEEE Trans. on Mobile Comput.

View full text Add to dashboard Cite

show abstract

“…In the fourth problem, we propose algorithms for designing evasion attacks against ML classifiers to test the robustness of DNN models and understand possible countermeasures [36].…”

Section: Thesis Contributionsmentioning

confidence: 99%

“…• Robustness of ML security measures: We design ML techniques to predict malicious or benign behavior in the networks and study their robustness by developing the framework for mounting evasion attacks against ML models feasible in the cybersecurity constrained environments [36].…”

Section: Thesis Contributionsmentioning

confidence: 99%

See 1 more Smart Citation

Towards resilient cyber networks against adversarial attacks

Chernikova

View full text Add to dashboard Cite

I am infinitely grateful to my advisor, Alina Oprea. Her constant guidance, support, honesty, and optimism have been the foundation for my success as a Ph.D. student. I have always been fascinated and inspired by her intellectuality, as well as her compassion and integrity. Alina's trust and belief in me as a researcher were invaluable. Cristina Nita-Rotaru was the first person I met at Northeastern. I still remember my excitement after our first conversation, and I felt like the happiest person in the world after talking about the opportunities at Northeastern in the NDS2 laboratory. Cristina always provided valuable feedback on my research and gave advice on Ph.D. student life. Alina and Cristina have made the NDS2 lab a supportive and friendly place where I flourished as a researcher and person. During the darkest times of my life, they were sources of light. Without them, I would never have made it to the end. I am so grateful that Alina and Cristina opened the door to the new life of the scientist I have always dreamed of.I am very thankful to Tina Eliassi-Rad, who was always on my side, supporting me and cheering me up. She showed me what it means to be a good researcher, inspired me with her rigor and attention to detail, and helped me build confidence in the value of my work. I met Nicola Perra while working on one of the research projects. I was immediately fascinated by his detailed knowledge of the research topic we were working on, his research attitude, and his limitless scientific abilities. I met Nicolò Gozzi, a knowledgeable and great researcher on the same project. I could never finish the project successfully without their ideas, knowledge, and support. It was a great pleasure to work with such intellectual and friendly individuals. I am very thankful to them for our collaboration.I am grateful to all members of the NDS2 lab for all the amazing moments of sincere joy we shared. I am honored to be a part of such a great community of researchers. I also would like to thank all the students and postdocs of the ISEC community -it was a pleasure to gather over lunches, go bouldering, watch movies, have endless discussions, party, and enjoy pies in their company. I am so happy that I became friends with Jack Doerner and Marinos Vomvas and spent infinite hours discussing and making art with them. I will never forget developing film in the lab, having weird and interesting ideas for photos, attending galleries and exhibitions, taking photos walking around Boston, and experiencing the total solar eclipse. I am also very grateful to Maryam Motallebighomi for her kindness, support, sincerity, and for the time we spent together.I want to thank my undergraduate Thesis advisor, Vladimir Malugin, for introducing me to the world of research and for all the knowledge and wisdom he shared. I was also lucky to learn from other Belarusian State University professors: Eugeniy Zhuk, Vitaliy Alsevich, Adolf Naumovich, Alexander Mazanik, and Vladimir Zadvorny. I am very grateful to my high school physics teacher, Vladi...

show abstract

Artificial Intelligence and Machine Learning for Network Security: Quo Vadis?

De Lucia,

Srinivasan

2024

Advances in Information Security

View full text Add to dashboard Cite

FENCE: Feasible Evasion Attacks on Neural Networks in Constrained Environments

Cited by 17 publications

References 73 publications

Learning Location From Shared Elevation Profiles in Fitness Apps: A Privacy Perspective

Learning Location From Shared Elevation Profiles in Fitness Apps: A Privacy Perspective

Towards resilient cyber networks against adversarial attacks

Artificial Intelligence and Machine Learning for Network Security: Quo Vadis?

Contact Info

Product

Resources

About