Go to PAKDD 2011 homepageCompression for Anti-Adversarial Learning
Abstract: We investigate the susceptibility of compression-based learning algorithms to adversarial attacks. We demonstrate that compression-based algorithms are surprisingly resilient to carefully plotted attacks that can easily devastate standard learning algorithms. In the worst case where we assume the adversary has a full knowledge of training data, compression-based algorithms failed as expected. We tackle the worst case with a proposal of a new technique that analyzes subsequences strategically extracted from given data. We achieved near-zero performance loss in the worst case in the domain of spam filtering.
0 Replies
Loading