ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Adversarial learning
Full text PdfPdf (774 KB)
Source International Conference on Knowledge Discovery and Data Mining archive
Proceedings of the eleventh ACM SIGKDD international conference on Knowledge discovery in data mining table of contents
Chicago, Illinois, USA
POSTER SESSION: Research track poster table of contents
Pages: 641 - 647  
Year of Publication: 2005
ISBN:1-59593-135-X
Authors
Daniel Lowd  University of Washington - Seattle, Seattle, WA
Christopher Meek  Microsoft Research, Redmond, WA
Sponsors
SIGKDD: ACM Special Interest Group on Knowledge Discovery in Data
ACM: Association for Computing Machinery
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 7,   Downloads (12 Months): 70,   Citation Count: 7
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1081870.1081950
What is a DOI?

ABSTRACT

Many classification tasks, such as spam filtering, intrusion detection, and terrorism detection, are complicated by an adversary who wishes to avoid detection. Previous work on adversarial classification has made the unrealistic assumption that the attacker has perfect knowledge of the classifier [2]. In this paper, we introduce the adversarial classifier reverse engineering (ACRE) learning problem, the task of learning sufficient information about a classifier to construct adversarial attacks. We present efficient algorithms for reverse engineering linear classifiers with either continuous or Boolean features and demonstrate their effectiveness using real data from the domain of spam filtering.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Dana Angluin, Queries and Concept Learning, Machine Learning, v.2 n.4, p.319-342, April 1988  [doi>10.1023/A:1022821128753]
2
Nilesh Dalvi , Pedro Domingos , Mausam , Sumit Sanghai , Deepak Verma, Adversarial classification, Proceedings of the tenth ACM SIGKDD international conference on Knowledge discovery and data mining, August 22-25, 2004, Seattle, WA, USA  [doi>10.1145/1014052.1014066]
 
3
D. Lowd and C. Meek. Good word attacks on statistical spam filters. In Proceedings of the Second Conference on Email and Anti-Spam, Palo Alto, CA, 2005.
 
4
M. Sahami, S. Dumais, D. Heckerman, and E. Horvitz. A Bayesian approach to filtering junk E-mail. In Learning for Text Categorization: Papers from the 1998 Workshop, Madison, Wisconsin, 1998. AAAI Technical Report WS-98-05.
 
5
S. Tzu. The art of war, 500bc.
6
L. G. Valiant, A theory of the learnable, Communications of the ACM, v.27 n.11, p.1134-1142, Nov. 1984  [doi>10.1145/1968.1972]
 
7
L. Zhang and T. Yao. Filtering junk mail with a maximum entropy model. In ICCPOL2003, pages 446--453, ShenYang, China, 2003.

CITED BY  7
Marco Barreno , Blaine Nelson , Russell Sears , Anthony D. Joseph , J. D. Tygar, Can machine learning be secure?, Proceedings of the 2006 ACM Symposium on Information, computer and communications security, March 21-24, 2006, Taipei, Taiwan
Blaine Nelson , Marco Barreno , Fuching Jack Chi , Anthony D. Joseph , Benjamin I. P. Rubinstein , Udam Saini , Charles Sutton , J. D. Tygar , Kai Xia, Exploiting machine learning to subvert your spam filter, Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats, p.1-9, April 15-15, 2008, San Francisco, California
Marco Barreno , Peter L. Bartlett , Fuching Jack Chi , Anthony D. Joseph , Blaine Nelson , Benjamin I.P. Rubinstein , Udam Saini , J. D. Tygar, Open problems in the security of learning, Proceedings of the 1st ACM workshop on Workshop on AISec, October 27-27, 2008, Alexandria, Virginia, USA
Ming-wei Chang , Wen-tau Yih , Christopher Meek, Partitioned logistic regression for spam filtering, Proceeding of the 14th ACM SIGKDD international conference on Knowledge discovery and data mining, August 24-27, 2008, Las Vegas, Nevada, USA
Clifton Phua , Vincent Lee , Kate Smith-Miles , Ross Gayler, Adaptive communal detection in search of adversarial identity crime, Proceedings of the 2007 international workshop on Domain driven data mining, p.1-10, August 12-12, 2007, San Jose, California
Zach Jorgensen , Yan Zhou , Meador Inge, A Multiple Instance Learning Strategy for Combating Good Word Attacks on Spam Filters, The Journal of Machine Learning Research, 9, p.1115-1146, 6/1/2008
Benjamin Liebald , Dan Roth , Neelay Shah , Vivek Srikumar, Proactive intrusion detection, Proceedings of the 23rd national conference on Artificial intelligence, p.772-777, July 13-17, 2008, Chicago, Illinois

INDEX TERMS

Primary Classification:
  I. Computing Methodologies
  I.2 ARTIFICIAL INTELLIGENCE
      I.2.6 Learning
          Subjects: Concept learning

Additional Classification:
  F. Theory of Computation
  F.2 ANALYSIS OF ALGORITHMS AND PROBLEM COMPLEXITY
      F.2.m Miscellaneous


General Terms:
Algorithms, Theory


Keywords:
adversarial classification, linear classifiers, spam

Collaborative Colleagues:
Daniel Lowd: colleagues
Christopher Meek: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player