Go to DBLP homepageAdversarial Attack and Defense for Transductive Support Vector Machine
Abstract: As a classic semi-supervised approach, the Transductive Support Vector Machine (TSVM) has exhibited remarkable accuracy by utilizing unlabeled data. However, the robustness of TSVM against adversarial attacks remains a subject of investigation, prompting concerns about its reliability in security-critical applications. To unveil the vulnerability of TSVM, we introduce a finite-attack model specifically tailored to its characteristics, effectively manipulating its outputs. Additionally, we present Adversarial Defense-based TSVM (AD-TSVM), the first dedicated defense scheme designed for TSVM. AD-TSVM incorporates adversarial information into the optimization process, enhancing robustness by rebuilding a customized loss function and decision margin to counteract attacks. Rigorous experiments conducted on benchmark datasets demonstrate the effectiveness of AD-TSVM in significantly improving both the accuracy and stability of TSVM when confronted with adversarial attacks. This pioneering research assesses the weaknesses of TSVM and, more importantly, offers valuable insights and solutions for developing secure and trustworthy TSVM systems in the face of emerging threats.
Loading