Share on Facebook Tweet on Twitter Share on LinkedIn Share by email
Adversarial learning

Daniel Lowd and Christopher Meek

Abstract

Many classification tasks, such as spam filtering, intrusion detection, and terrorism detection, are complicated by an adversary who wishes to avoid detection. Previous work on adversarial classification has made the unrealistic assumption that the attacker has perfect knowledge of the classifier. In this paper, we introduce the adversarial classifier reverse engineering (ACRE) learning problem, the task of learning sufficient information about a classifier to construct adversarial attacks. We present efficient algorithms for reverse engineering linear classifiers with either continuous or Boolean features and demonstrate their effectiveness using real data from the domain of spam filtering.

Details

Publication typeInproceedings
Published inKDD
Pages641-647
PublisherACM – Association for Computing Machinery
> Publications > Adversarial learning