Research on filter-based adversarial feature selection against evasion attacks

Research on filter-based adversarial feature selection against evasion attacks

With the rapid development and widespread application of machine learning technology, its security has attracted increasing attention, leading to a growing interest in adversarial machine learning.In adversarial scenarios, machine learning techniques are threatened by attacks that manipulate a small...

Full description

Saved in:
Bibliographic Details
Main Authors: Qimeng HUANG, Miaomiao WU, Yun LI
Format: Article
Language:zho
Published: Beijing Xintong Media Co., Ltd 2023-07-01
Series:Dianxin kexue
Subjects:
adversarial feature selection
evasion attack
mRMR
security assessment criteria
Pareto dominate
Online Access:http://www.telecomsci.com/zh/article/doi/10.11959/j.issn.1000-0801.2023140/
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:With the rapid development and widespread application of machine learning technology, its security has attracted increasing attention, leading to a growing interest in adversarial machine learning.In adversarial scenarios, machine learning techniques are threatened by attacks that manipulate a small number of samples to induce misclassification, resulting in serious consequences in various domains such as spam detection, traffic signal recognition, and network intrusion detection.An evaluation criterion for filter-based adversarial feature selection was proposed, based on the minimum redundancy and maximum relevance (mRMR) method, while considering security metrics against evasion attacks.Additionally, a robust adversarial feature selection algorithm was introduced, named SDPOSS, which was based on the decomposition-based Pareto optimization for subset selection (DPOSS) algorithm.SDPOSS didn’t depend on subsequent models and effectively handles large-scale high-dimensional feature spaces.Experimental results demonstrate that as the number of decompositions increases, the runtime of SDPOSS decreases linearly, while achieving excellent classification performance.Moreover, SDPOSS exhibits strong robustness against evasion attacks, providing new insights for adversarial machine learning.
ISSN:1000-0801

Similar Items