{"title":"机会主义对手:基于学习的业务自动化迫在眉睫的威胁","authors":"Michiaki Tatsubori, Shohei Hido","doi":"10.1109/SRII.2012.24","DOIUrl":null,"url":null,"abstract":"False positives and negatives are inevitable in real-world classification problems. In general, machine-learning-based business process automation is still viable with reduced classification accuracy due to such false decisions, thanks to business models that replace human decision processes with automated decision processes covering the costs of introducing automation and the losses from rare mistakes by the automation with the profits from relatively large savings in human-factor costs. However, under certain conditions, it is possible for attackers to outsmart a classifier at a reasonable cost and thus destroy the business model that the learner system depends on. Attackers may eventually detect the misclassification cases they can benefit from and try to create similar inputs that will be misclassified by the unaware learner system. We call adversaries of this type \"opportunistic adversaries\". This paper specifies the environmental patterns that can expose vulnerabilities to opportunistic adversaries and presents some likely business scenarios for these threats. Then we propose a countermeasure algorithm to detect such attacks based on change detection in the post-classification data distributions. Experimental results show that our algorithm has higher detection accuracy than other approaches based on outlier detection or change-point detection.","PeriodicalId":110778,"journal":{"name":"2012 Annual SRII Global Conference","volume":"46 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-07-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Opportunistic Adversaries: On Imminent Threats to Learning-Based Business Automation\",\"authors\":\"Michiaki Tatsubori, Shohei Hido\",\"doi\":\"10.1109/SRII.2012.24\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"False positives and negatives are inevitable in real-world classification problems. In general, machine-learning-based business process automation is still viable with reduced classification accuracy due to such false decisions, thanks to business models that replace human decision processes with automated decision processes covering the costs of introducing automation and the losses from rare mistakes by the automation with the profits from relatively large savings in human-factor costs. However, under certain conditions, it is possible for attackers to outsmart a classifier at a reasonable cost and thus destroy the business model that the learner system depends on. Attackers may eventually detect the misclassification cases they can benefit from and try to create similar inputs that will be misclassified by the unaware learner system. We call adversaries of this type \\\"opportunistic adversaries\\\". This paper specifies the environmental patterns that can expose vulnerabilities to opportunistic adversaries and presents some likely business scenarios for these threats. Then we propose a countermeasure algorithm to detect such attacks based on change detection in the post-classification data distributions. Experimental results show that our algorithm has higher detection accuracy than other approaches based on outlier detection or change-point detection.\",\"PeriodicalId\":110778,\"journal\":{\"name\":\"2012 Annual SRII Global Conference\",\"volume\":\"46 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-07-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2012 Annual SRII Global Conference\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SRII.2012.24\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 Annual SRII Global Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SRII.2012.24","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Opportunistic Adversaries: On Imminent Threats to Learning-Based Business Automation
False positives and negatives are inevitable in real-world classification problems. In general, machine-learning-based business process automation is still viable with reduced classification accuracy due to such false decisions, thanks to business models that replace human decision processes with automated decision processes covering the costs of introducing automation and the losses from rare mistakes by the automation with the profits from relatively large savings in human-factor costs. However, under certain conditions, it is possible for attackers to outsmart a classifier at a reasonable cost and thus destroy the business model that the learner system depends on. Attackers may eventually detect the misclassification cases they can benefit from and try to create similar inputs that will be misclassified by the unaware learner system. We call adversaries of this type "opportunistic adversaries". This paper specifies the environmental patterns that can expose vulnerabilities to opportunistic adversaries and presents some likely business scenarios for these threats. Then we propose a countermeasure algorithm to detect such attacks based on change detection in the post-classification data distributions. Experimental results show that our algorithm has higher detection accuracy than other approaches based on outlier detection or change-point detection.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
