Randomizing SVM Against Adversarial Attacks Under Uncertainty

Yan Chen; Wei Wang; Xiangliang Zhang

doi:10.1007/978-3-319-93040-4_44

Randomizing SVM Against Adversarial Attacks Under Uncertainty

Yan Chen, Wei Wang, Xiangliang Zhang

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

3 Scopus citations

Abstract

Robust machine learning algorithms have been widely studied in adversarial environments where the adversary maliciously manipulates data samples to evade security systems. In this paper, we propose randomized SVMs against generalized adversarial attacks under uncertainty, through learning a classifier distribution rather than a single classifier in traditional robust SVMs. The randomized SVMs have advantages on better resistance against attacks while preserving high accuracy of classification, especially for non-separable cases. The experimental results demonstrate the effectiveness of our proposed models on defending against various attacks, including aggressive attacks with uncertainty.

Original language	English (US)
Title of host publication	Advances in Knowledge Discovery and Data Mining
Publisher	Springer Nature
Pages	556-568
Number of pages	13
ISBN (Print)	9783319930398
DOIs	https://doi.org/10.1007/978-3-319-93040-4_44
State	Published - Jun 17 2018

Access to Document

10.1007/978-3-319-93040-4_44

https://repository.kaust.edu.sa/bitstream/10754/628272/1/332.pdf

Cite this

@inproceedings{a33e7c1054f44dc58e29f1ee9d3c6d31,

title = "Randomizing SVM Against Adversarial Attacks Under Uncertainty",

abstract = "Robust machine learning algorithms have been widely studied in adversarial environments where the adversary maliciously manipulates data samples to evade security systems. In this paper, we propose randomized SVMs against generalized adversarial attacks under uncertainty, through learning a classifier distribution rather than a single classifier in traditional robust SVMs. The randomized SVMs have advantages on better resistance against attacks while preserving high accuracy of classification, especially for non-separable cases. The experimental results demonstrate the effectiveness of our proposed models on defending against various attacks, including aggressive attacks with uncertainty.",

author = "Yan Chen and Wei Wang and Xiangliang Zhang",

note = "KAUST Repository Item: Exported on 2020-10-01 Acknowledgements: This work was supported by the King Abdullah University of Science and Technology, and by Natural Science Foundation of China, under grant U1736114 and 61672092, and in part by National Key R&D Program of China (2017YFB0802805).",

year = "2018",

month = jun,

day = "17",

doi = "10.1007/978-3-319-93040-4_44",

language = "English (US)",

isbn = "9783319930398",

pages = "556--568",

booktitle = "Advances in Knowledge Discovery and Data Mining",

publisher = "Springer Nature",

}

TY - GEN

T1 - Randomizing SVM Against Adversarial Attacks Under Uncertainty

AU - Chen, Yan

AU - Wang, Wei

AU - Zhang, Xiangliang

N1 - KAUST Repository Item: Exported on 2020-10-01 Acknowledgements: This work was supported by the King Abdullah University of Science and Technology, and by Natural Science Foundation of China, under grant U1736114 and 61672092, and in part by National Key R&D Program of China (2017YFB0802805).

PY - 2018/6/17

Y1 - 2018/6/17

N2 - Robust machine learning algorithms have been widely studied in adversarial environments where the adversary maliciously manipulates data samples to evade security systems. In this paper, we propose randomized SVMs against generalized adversarial attacks under uncertainty, through learning a classifier distribution rather than a single classifier in traditional robust SVMs. The randomized SVMs have advantages on better resistance against attacks while preserving high accuracy of classification, especially for non-separable cases. The experimental results demonstrate the effectiveness of our proposed models on defending against various attacks, including aggressive attacks with uncertainty.

AB - Robust machine learning algorithms have been widely studied in adversarial environments where the adversary maliciously manipulates data samples to evade security systems. In this paper, we propose randomized SVMs against generalized adversarial attacks under uncertainty, through learning a classifier distribution rather than a single classifier in traditional robust SVMs. The randomized SVMs have advantages on better resistance against attacks while preserving high accuracy of classification, especially for non-separable cases. The experimental results demonstrate the effectiveness of our proposed models on defending against various attacks, including aggressive attacks with uncertainty.

UR - http://hdl.handle.net/10754/628272

UR - https://link.springer.com/chapter/10.1007%2F978-3-319-93040-4_44

UR - http://www.scopus.com/inward/record.url?scp=85049373377&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-93040-4_44

DO - 10.1007/978-3-319-93040-4_44

M3 - Conference contribution

AN - SCOPUS:85049373377

SN - 9783319930398

SP - 556

EP - 568

BT - Advances in Knowledge Discovery and Data Mining

PB - Springer Nature

ER -

Randomizing SVM Against Adversarial Attacks Under Uncertainty

Abstract

Access to Document

Other files and links

Fingerprint

Cite this