Item request has been placed! ×
Item request cannot be made. ×
loading  Processing Request

Certifying machine learning models against evasion attacks by program analysis

Item request has been placed! ×
Item request cannot be made. ×
loading   Processing Request
  • معلومة اضافية
    • بيانات النشر:
      IOS Press, 2023.
    • الموضوع:
      2023
    • نبذة مختصرة :
      Machine learning has proved invaluable for a range of different tasks, yet it also proved vulnerable to evasion attacks, i.e., maliciously crafted perturbations of inputs designed to force mispredictions. In this article we propose a novel technique to certify the security of machine learning models against evasion attacks with respect to an expressive threat model, where the attacker can be represented by an arbitrary imperative program. Our approach is based on a transformation of the model under attack into an equivalent imperative program, which is then analyzed using the traditional abstract interpretation framework. This solution is sound, efficient and general enough to be applied to a range of different models, including decision trees, logistic regression and neural networks. Our experiments on publicly available datasets show that our technique yields only a minimal number of false positives and scales up to cases which are intractable for a competitor approach.
    • ISSN:
      1875-8924
      0926-227X
    • الرقم المعرف:
      10.3233/jcs-210133
    • Rights:
      CLOSED
    • الرقم المعرف:
      edsair.doi.dedup.....320ccc3f01d820e3ad892bfb13d16395