This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Security Evaluation of PatternClassifiers under Attack
April 2014 (vol. 26 no. 4)
pp. 984-996
Giorgio Fumera, Dept. of Electr. & Electron. Eng., Univ. of Cagliari, Cagliari, Italy
Fabio Roli, Dept. of Electr. & Electron. Eng., Univ. of Cagliari, Cagliari, Italy
Battista Biggio, Dept. of Electr. & Electron. Eng., Univ. of Cagliari, Cagliari, Italy
Pattern classification systems are commonly used in adversarial applications, like biometric authentication, network intrusion detection, and spam filtering, in which data can be purposely manipulated by humans to undermine their operation. As this adversarial scenario is not taken into account by classical design methods, pattern classification systems may exhibit vulnerabilities, whose exploitation may severely affect their performance, and consequently limit their practical utility. Extending pattern classification theory and design methods to adversarial settings is thus a novel and very relevant research direction, which has not yet been pursued in a systematic way. In this paper, we address one of the main open issues: evaluating at design phase the security of pattern classifiers, namely, the performance degradation under potential attacks they may incur during operation. We propose a framework for empirical evaluation of classifier security that formalizes and generalizes the main ideas proposed in the literature, and give examples of its use in three real applications. Reported results show that security evaluation can provide a more complete understanding of the classifier's behavior in adversarial environments, and lead to better design choices.
Index Terms:
robustness evaluation,Pattern classification,adversarial classification,performance evaluation,security evaluation
Citation:
Giorgio Fumera, Fabio Roli, Battista Biggio, "Security Evaluation of PatternClassifiers under Attack," IEEE Transactions on Knowledge and Data Engineering, vol. 26, no. 4, pp. 984-996, April 2014, doi:10.1109/TKDE.2013.57
Usage of this product signifies your acceptance of the Terms of Use.