File(s) under permanent embargo
Exploring data correlation between feature pairs for generating constraint-based adversarial examples
conference contribution
posted on 2020-01-01, 00:00 authored by Y Tian, Y Wang, E Tong, W Niu, L Chang, Q A Chen, Gang LiGang Li, J LiuAdversarial example (AE), an input that is modified slightly to cause a machine learning system to produce erroneous outputs, has seen significant studies recently. Unfortunately, the fine data perturbation of AE ignores to keep potential data correlations between feature pairs. Thus, such AE will be easily filtered by configuring data correlations as basic filtering rules. In this paper, avoiding not to be filtered as well as causing false classification, an advanced robust AE generation attack is proposed. We first define four basic data correlations called strict linear constraint, approximate linear constraint, addition boundary constraint and zero multiplication constraint. Then, based on embedding multiple data correlations into one constraint matrix from the Pearson analysis, our approach can enable a Hadamard product of the constraint matrix and the sign of gradient matrix to craft perturbations, keeping consistent data correlations. Experimental results on intrusion detection system (IDS) indicate: 1) Nearly all AEs from original IFGSM are invalid by filtering according to basic data correlations; 2) In our method, AEs against a targeted DNN-based classifier can achieve an attack success rate of 99%, with transfer attack ability of 94% average success rate to attack other different mainstream classifiers.
History
Event
Parallel and Distributed Systems. Conference (2020 : 26th : Hong Kong)Volume
2020-DecemberPagination
430 - 437Publisher
IEEELocation
Hong KongPlace of publication
Piscataway, N.J.Publisher DOI
Start date
2020-12-02End date
2020-12-04ISSN
1521-9097ISBN-13
9781728190747Language
engPublication classification
E1 Full written paper - refereedTitle of proceedings
ICPADS 2020 : Proceedings of the International Conference on Parallel and Distributed SystemsUsage metrics
Categories
No categories selectedKeywords
Licence
Exports
RefWorks
BibTeX
Ref. manager
Endnote
DataCite
NLM
DC