Proceedings of the 2021 ACM Asia Conference on Computer and Communications Security 2021
DOI: 10.1145/3433210.3437513
|View full text |Cite
|
Sign up to set email alerts
|

ConAML: Constrained Adversarial Machine Learning for Cyber-Physical Systems

Abstract: Recent research demonstrated that the superficially well-trained machine learning (ML) models are highly vulnerable to adversarial examples. As ML techniques are rapidly employed in cyber-physical systems (CPSs), the security of these applications is of concern. However, current studies on adversarial machine learning (AML) mainly focus on computer vision and related fields. The risks the adversarial examples can bring to the CPS applications have not been well investigated. In particular, due to the distribut… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1

Citation Types

0
27
0

Year Published

2021
2021
2024
2024

Publication Types

Select...
3
2
2

Relationship

1
6

Authors

Journals

citations
Cited by 38 publications
(27 citation statements)
references
References 47 publications
(65 reference statements)
0
27
0
Order By: Relevance
“…This action may present a built-in defense mechanism. Li et al study potential vulnerabilities of ML applied in power systems by proposing constraints that adversarial examples must satisfy the intrinsic constraints of physical systems [14]. In power system SE the physical constraints have already been encoded in the mathematical model; however Liu et al propose an approach that guarantees attacker to pass those constraints in linear case [12].…”
Section: Problem Statementmentioning
confidence: 99%
See 1 more Smart Citation
“…This action may present a built-in defense mechanism. Li et al study potential vulnerabilities of ML applied in power systems by proposing constraints that adversarial examples must satisfy the intrinsic constraints of physical systems [14]. In power system SE the physical constraints have already been encoded in the mathematical model; however Liu et al propose an approach that guarantees attacker to pass those constraints in linear case [12].…”
Section: Problem Statementmentioning
confidence: 99%
“…To address this issue, physical-based constraints can provide a stronger obstacle for attacker. Li et al propose adding inherent constraints in power system state estimation (SE) [14]. This idea makes a further constrained problem that needs to be solved by attackers while satisfying the physical systems' inherent constraints.…”
Section: Introductionmentioning
confidence: 99%
“…As per Section 4.3.3, we apply a constrained gradient-guided mutation on the selected top test cases to maximize their likelihood of leading to traffic violations. The procedure, shown in Algorithm 1, is adapted from the constrained adversarial attack in [39].…”
mentioning
confidence: 99%
“…The simplest solution is to discard the perturbations (and subsequent iterations) that lead to constraint violation. However, as shown in [39], the insight for linear constraints is if an original (unperturbed) test case satisfies the constraints and the perturbation alone satisfies the constraints as well, then the perturbed test case also satisfies the constraints. Thus, only the perturbation needs to be checked against the constraints after each iteration.…”
mentioning
confidence: 99%
See 1 more Smart Citation