Using Randomness to Improve Robustness of Tree-based Models Against Evasion Attacks
| dc.contributor.author | Yang, Fan | |
| dc.contributor.author | Chen, Zhiyuan | |
| dc.contributor.author | Gangopadhyay, Aryya | |
| dc.date.accessioned | 2023-09-06T20:07:33Z | |
| dc.date.available | 2023-09-06T20:07:33Z | |
| dc.date.issued | 2019-03-13 | |
| dc.description | IWSPA ’19, Richardson, TX, USA, March 27, 2019 | en_US |
| dc.description.abstract | Machine learning models have been widely used in security applications. However, it is well-known that adversaries can adapt their attacks to evade detection. There has been some work on making machine learning models more robust to such attacks. However, one simple but promising approach called randomization is under-explored. In addition, most existing works focus on models with differentiable error functions while tree-based models do not have such error functions but are quite popular because they are easy to interpret. This paper proposes a novel randomization-based approach to improve robustness of tree-based models against evasion attacks. The proposed approach incorporates randomization into both model training time and model application time (meaning when the model is used to detect attacks). We also apply this approach to random forest, an existing ML method which already has incorporated randomness at training time but still often fails to generate robust models. We proposed a novel weighted-random-forest method to generate more robust models and a clustering method to add randomness at model application time. Experiments on intrusion detection and spam filtering data show that our approach further improves robustness of random-forest method. | en_US |
| dc.description.uri | https://dl.acm.org/doi/10.1145/3309182.3309186 | en_US |
| dc.format.extent | 12 | |
| dc.genre | conference papers and proceedings | en_US |
| dc.genre | preprints | |
| dc.identifier | doi:10.13016/m2g9ly-jwvu | |
| dc.identifier.citation | Yang, Fan, Zhiyuan Chen, and Aryya Gangopadhyay. “Using Randomness to Improve Robustness of Tree-Based Models Against Evasion Attacks.” In Proceedings of the ACM International Workshop on Security and Privacy Analytics, 25–35. IWSPA ’19. New York, NY, USA: Association for Computing Machinery, 2019. https://doi.org/10.1145/3309182.3309186. | en_US |
| dc.identifier.uri | https://doi.org/10.1145/3309182.3309186 | |
| dc.identifier.uri | http://hdl.handle.net/11603/29599 | |
| dc.language.iso | en_US | en_US |
| dc.publisher | ACM | en_US |
| dc.relation.isAvailableAt | The University of Maryland, Baltimore County (UMBC) | |
| dc.relation.ispartof | UMBC Information Systems Department Collection | |
| dc.relation.ispartof | UMBC Faculty Collection | |
| dc.relation.ispartof | UMBC Student Collection | |
| dc.rights | This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author. | en_US |
| dc.subject | Evasion attacks | en_US |
| dc.subject | Machine learning | en_US |
| dc.subject | Adversarial learning | en_US |
| dc.subject | Intrusion detection | en_US |
| dc.subject | Spam filtering | en_US |
| dc.title | Using Randomness to Improve Robustness of Tree-based Models Against Evasion Attacks | en_US |
| dc.type | Text | en_US |
| dcterms.creator | https://orcid.org/0000-0002-4113-764X | en_US |
| dcterms.creator | https://orcid.org/0000-0002-6984-7248 | en_US |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- Using Randomness to Improve Robustness of Tree-based Models Against Evasion Attacks.pdf
- Size:
- 713.14 KB
- Format:
- Adobe Portable Document Format
License bundle
1 - 1 of 1
Loading...
- Name:
- license.txt
- Size:
- 2.56 KB
- Format:
- Item-specific license agreed upon to submission
- Description: