对抗实例的隐私保护统计检测

2020 IEEE 29th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE) Pub Date : 2020-09-01 DOI:10.1109/WETICE49692.2020.00039

M. Alishahi, Nicola Zannone

{"title":"对抗实例的隐私保护统计检测","authors":"M. Alishahi, Nicola Zannone","doi":"10.1109/WETICE49692.2020.00039","DOIUrl":null,"url":null,"abstract":"Adversarial instances are malicious input designed by attackers to cause a classification model to make a false prediction, e.g. in Spam detection. Effective solutions have been proposed to detect and block adversarial instances in real time. Still, the proposed approaches fail to detect adversarial instances over private input (required by many on-line platforms analyzing sensitive personal data).In this work, we propose a novel framework that applies a statistical test to detect adversarial instances when data under analysis are in private format. The practical feasibility of our approach in terms of computation cost is shown through an experimental evaluation.","PeriodicalId":114214,"journal":{"name":"2020 IEEE 29th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE)","volume":"12 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Privacy Preserving Statistical Detection of Adversarial Instances\",\"authors\":\"M. Alishahi, Nicola Zannone\",\"doi\":\"10.1109/WETICE49692.2020.00039\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Adversarial instances are malicious input designed by attackers to cause a classification model to make a false prediction, e.g. in Spam detection. Effective solutions have been proposed to detect and block adversarial instances in real time. Still, the proposed approaches fail to detect adversarial instances over private input (required by many on-line platforms analyzing sensitive personal data).In this work, we propose a novel framework that applies a statistical test to detect adversarial instances when data under analysis are in private format. The practical feasibility of our approach in terms of computation cost is shown through an experimental evaluation.\",\"PeriodicalId\":114214,\"journal\":{\"name\":\"2020 IEEE 29th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE)\",\"volume\":\"12 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 IEEE 29th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/WETICE49692.2020.00039\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE 29th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/WETICE49692.2020.00039","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

对抗性实例是攻击者设计的恶意输入，以导致分类模型做出错误的预测，例如在垃圾邮件检测中。已经提出了实时检测和阻止对抗实例的有效解决方案。尽管如此，所提出的方法未能检测到私人输入(许多在线平台分析敏感个人数据所需要的)的对抗性实例。在这项工作中，我们提出了一个新的框架，当被分析的数据是私有格式时，该框架应用统计检验来检测对抗实例。通过实验验证了该方法在计算成本方面的实际可行性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Privacy Preserving Statistical Detection of Adversarial Instances

Adversarial instances are malicious input designed by attackers to cause a classification model to make a false prediction, e.g. in Spam detection. Effective solutions have been proposed to detect and block adversarial instances in real time. Still, the proposed approaches fail to detect adversarial instances over private input (required by many on-line platforms analyzing sensitive personal data).In this work, we propose a novel framework that applies a statistical test to detect adversarial instances when data under analysis are in private format. The practical feasibility of our approach in terms of computation cost is shown through an experimental evaluation.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2020 IEEE 29th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE)

自引率

0.00%

发文量