![]() |
![]() |
University of Birmingham > Talks@bham > Computer Security Seminars > Intriguing Properties of Adversarial ML Attacks in the Problem Space
Intriguing Properties of Adversarial ML Attacks in the Problem SpaceAdd to your list(s) Download to your calendar using vCal
If you have a question about this talk, please contact Isra Ahmed. Recent research efforts on adversarial ML have investigated problem-space attacks, focusing on the generation of real evasive objects in domains where, unlike images, there is no clear inverse mapping to the feature space (e.g., software). However, the design, comparison, and real-world implications of problem-space attacks remain underexplored. In this talk, I will present two major contributions from our recent IEEE S&P 2020 paper [1]. First, I will present our novel reformulation of adversarial ML evasion attacks in the problem-space (also known as realizable attacks). This requires to consider and reason about additional constraints feature-space attacks ignore, which shed light on the relationship between feature-space and problem-space attacks. Second, building on our reformulation, I will present a novel problem-space attack for generating end-to-end evasive Android malware, showing that it is feasible to generate evasive malware at scale, while evading state-of-the-art defenses. [1] Fabio Pierazzi, Feargus Pendlebury, Jacopo Cortellazzi, and Lorenzo Cavallaro. “Intriguing Properties of Adversarial ML Attacks in the Problem Space”. IEEE Symp. Security & Privacy (Oakland), 2020. This is joint work with Thorsten Kleinjung, Arjen K. Lenstra, Benjamin Wesolowski and Jens Zumbragel. This talk is part of the Computer Security Seminars series. This talk is included in these lists:
Note that ex-directory lists are not shown. |
Other listsComputer Science Departmental Series Contemporary History RSLC PhD/Postdoc Seminars (Chemistry)Other talksTBA Ultrafast Spectroscopy and Microscopy as probes of Energy Materials Counting cycles in planar graphs The tragic destiny of Mileva Marić Einstein Life : it’s out there, but what and why ? Control variates for computing transport coefficients |