对抗逃避攻击的过滤式对抗特征选择研究

doi:10.11959/j.issn.1000-0801.2023140

Abstract

Abstract:

With the rapid development and widespread application of machine learning technology, its security has attracted increasing attention, leading to a growing interest in adversarial machine learning.In adversarial scenarios, machine learning techniques are threatened by attacks that manipulate a small number of samples to induce misclassification, resulting in serious consequences in various domains such as spam detection, traffic signal recognition, and network intrusion detection.An evaluation criterion for filter-based adversarial feature selection was proposed, based on the minimum redundancy and maximum relevance (mRMR) method, while considering security metrics against evasion attacks.Additionally, a robust adversarial feature selection algorithm was introduced, named SDPOSS, which was based on the decomposition-based Pareto optimization for subset selection (DPOSS) algorithm.SDPOSS didn’t depend on subsequent models and effectively handles large-scale high-dimensional feature spaces.Experimental results demonstrate that as the number of decompositions increases, the runtime of SDPOSS decreases linearly, while achieving excellent classification performance.Moreover, SDPOSS exhibits strong robustness against evasion attacks, providing new insights for adversarial machine learning.

Key words: adversarial feature selection, evasion attack, mRMR, security assessment criteria, Pareto dominate

CLC Number:

TP393

Qimeng HUANG, Miaomiao WU, Yun LI. Research on filter-based adversarial feature selection against evasion attacks[J]. Telecommunications Science, 2023, 39(7): 46-58.

Figures/Tables 10

References 15

[1]	PUGH K . Attacks on linking revisited:a new look at Bion’s classic work[J]. The International Journal of Psychoanalysis, 2020,101(2): 402-406.
[2]	SHEN M , YU H , ZHU L H ,et al. Effective and robust physical-world attacks on deep learning face recognition systems[J]. IEEE Transactions on Information Forensics and Security, 2021(16): 4063-4077.
[3]	RAO S , VERMA A K , BHATIA T . A review on social spam detection:challenges,open issues,and future directions[J]. Expert Systems With Applications, 2021(186): 115742.
[4]	SALMAN E H , TAHER M A , HAMMADI Y I ,et al. An anomaly intrusion detection for high-density Internet of things wireless communication network based deep learning algorithms[J]. Sensors (Basel,Switzerland), 2022,23(1): 206.
[5]	HANG J , HAN K J , CHEN H ,et al. Ensemble adversarial black-box attacks against deep learning systems[J]. Pattern Recognition, 2020,101:107184.
[6]	SELVAGANAPATHY S G , SADASIVAM S . Defense against adversarial malware using robust classifier:dam-ROC[J]. Sādhanā, 2022,47(4): 209.
[7]	ZHANG F , CHAN P P K , BIGGIO B ,et al. Adversarial feature selection against evasion attacks[J]. IEEE Transactions on Cybernetics, 2016,46(3): 766-777.
[8]	QIAN C , YU Y , ZHOU Z H . Subset selection by Pareto optimization[C]// Proceedings of the 28th International Conference on Neural Information Processing Systems. Cambridge:MIT Press, 2015: 1774-1782.
[9]	钱超, 周志华 . 基于分解策略的多目标演化子集选择算法[J]. 中国科学(信息科学), 2016,46(9): 1276-1287.
	QIAN C , ZHOU Z H . Decomposition-based Pareto optimization for subset selection[J]. Scientia Sinica (Informationis), 2016,46(9): 1276-1287.
[10]	QIAN C , BIAN C , FENG C . Subset selection by Pareto optimization with recombination[J]. Proceedings of the AAAI Conference on Artificial Intelligence, 2020,34(3): 2408-2415.
[11]	WU M M , LI Y . Adversarial mRMR against evasion attacks[C]// Proceedings of 2018 International Joint Conference on Neural Networks (IJCNN). Piscataway:IEEE Press, 2018: 1-6.
[12]	PENG H C , LONG F H , DING C . Feature selection based on mutual information:criteria of max-dependency,max-relevance,and Min-redundancy[J]. IEEE Transactions on Pattern Analysis and Machine Intelligence, 2005,27(8): 1226-1238.
[13]	CORMACK G V . TREC 2007 spam track overview[C]// Proceedings of the 16th Text REtrieval Conference.[S.l.:s.n.], 2007.
[14]	BIGGIO B , PILLAI I , BULò S R ,et al. Is data clustering in adversarial settings secure?[C]// Proceedings of the 2013 ACM Workshop on Artificial Intelligence and Security. New York:ACM Press, 2013: 87-98.
[15]	RO?KOVá V GEORGE E I . The spike-and-slab LASSO[J]. Journal of the American Statistical Association, 2018,113(521): 431-444.

Metrics

Recommended 0

No Suggested Reading articles found!

Research on filter-based adversarial feature selection against evasion attacks

RichHTML

PDF下载

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 10

References 15

Related Articles 15

Metrics

Recommended 0

[1]	Bensheng YUN, Xiaoya GAN, Yaguan QIAN. A network traffic classification method based on random forest and improved convolutional neural network [J]. Telecommunications Science, 2023, 39(7): 80-89.
[2]	Xuefeng ZHOU, Qiang XU, Yanting TAN, Jiayi LANG, Hang JING, Zhiqiang ZHAO. Cloud architecture data center network abnormal traffic filtering algorithm based on improved grey clustering algorithm [J]. Telecommunications Science, 2023, 39(7): 90-98.
[3]	Wenlei GUO. Optimization model of random load balancing of heterogeneous nodes in complex buildings [J]. Telecommunications Science, 2023, 39(7): 139-148.
[4]	Guqiao ZHU, Chao JIANG, Yuye XU. Super-resolution reconstruction technology and its application on intelligent terminal device [J]. Telecommunications Science, 2023, 39(7): 156-165.
[5]	Kaihui GAO, Dan LI. Data center networks with performance guarantee: a survey [J]. Telecommunications Science, 2023, 39(6): 1-21.
[6]	Yu LI, Zhaozhao LI, Ping LYU, Qinrang LIU. Design on the full-dimensional reconfiguration polymorphic network switching chip architecture [J]. Telecommunications Science, 2023, 39(6): 22-32.
[7]	Jiong LI, Yuxiang HU, Pengshuai CUI, Le TIAN, Yongji DONG. Research on incremental deployment mechanism of network modality for polymorphic network environment [J]. Telecommunications Science, 2023, 39(6): 33-43.
[8]	Zehua GUO, Haowen ZHU, Tongwen XU. Network modal innovation for distributed machine learning [J]. Telecommunications Science, 2023, 39(6): 44-51.
[9]	Aihua LIU, Hanguang LUO, Jianzhong WEN, Zhiguo ZHAN. Research on isolated-forwarding technology oriented polymorphic network [J]. Telecommunications Science, 2023, 39(6): 52-60.
[10]	Tao ZOU, Huifeng ZHANG, Wanxin GAO, Qi XU, Congqi SHEN, Jun ZHU, Zhongxia PAN, Xingchang GUO. Research on polymorphic network application technology oriented intelligent manufacturing [J]. Telecommunications Science, 2023, 39(6): 61-72.
[11]	Yaoyu HE, Chao ZHANG. Airworthiness analysis of low earth orbit satellite communication technology for UAV application [J]. Telecommunications Science, 2023, 39(6): 96-104.
[12]	. [J]. Telecommunications Science, 2023, 39(Z1): 39-46.
[13]	. [J]. Telecommunications Science, 2023, 39(Z1): 47-54.
[14]	. [J]. Telecommunications Science, 2023, 39(Z1): 62-70.
[15]	. [J]. Telecommunications Science, 2023, 39(Z1): 79-85.