Fast and Scalable Adversarial Training of Kernel SVM via Doubly Stochastic Gradients

Wu, Huimin; Hu, Ziheng; Gu, Bin

doi:10.1609/aaai.v35i12.17237

Cited by 7 publications

(1 citation statement)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The method performs an attack by minimizing the distance between the decision boundary and benign examples. A zeroth-order optimization algorithm is used with a randomized gradient-free method to minimize such distance and formulate the attack [ 28 , 41 , 42 ]. Table 3 shows the attack parameters of the benchmark ZOO for all datasets.…”

Section: A Proposed Robust Ensemble Adversarial Machine Learning Fram...mentioning

confidence: 99%

RobEns: Robust Ensemble Adversarial Machine Learning Framework for Securing IoT Traffic

Alkadi,

Al-Ahmadi,

Ben Ismail

2024

Sensors

View full text Add to dashboard Cite

Recently, Machine Learning (ML)-based solutions have been widely adopted to tackle the wide range of security challenges that have affected the progress of the Internet of Things (IoT) in various domains. Despite the reported promising results, the ML-based Intrusion Detection System (IDS) proved to be vulnerable to adversarial examples, which pose an increasing threat. In fact, attackers employ Adversarial Machine Learning (AML) to cause severe performance degradation and thereby evade detection systems. This promoted the need for reliable defense strategies to handle performance and ensure secure networks. This work introduces RobEns, a robust ensemble framework that aims at: (i) exploiting state-of-the-art ML-based models alongside ensemble models for IDSs in the IoT network; (ii) investigating the impact of evasion AML attacks against the provided models within a black-box scenario; and (iii) evaluating the robustness of the considered models after deploying relevant defense methods. In particular, four typical AML attacks are considered to investigate six ML-based IDSs using three benchmarking datasets. Moreover, multi-class classification scenarios are designed to assess the performance of each attack type. The experiments indicated a drastic drop in detection accuracy for some attempts. To harden the IDS even further, two defense mechanisms were derived from both data-based and model-based methods. Specifically, these methods relied on feature squeezing as well as adversarial training defense strategies. They yielded promising results, enhanced robustness, and maintained standard accuracy in the presence or absence of adversaries. The obtained results proved the efficiency of the proposed framework in robustifying IDS performance within the IoT context. In particular, the accuracy reached 100% for black-box attack scenarios while preserving the accuracy in the absence of attacks as well.

show abstract

Section: A Proposed Robust Ensemble Adversarial Machine Learning Fram...mentioning

confidence: 99%

RobEns: Robust Ensemble Adversarial Machine Learning Framework for Securing IoT Traffic

Alkadi,

Al-Ahmadi,

Ben Ismail

2024

Sensors

View full text Add to dashboard Cite

show abstract

Large-scale machine learning with fast and stable stochastic conjugate gradient

Yang

2022

Computers & Industrial Engineering

View full text Add to dashboard Cite

Support vector machine with discriminative low‐rank embedding

Liang,

Lai,

Kong

2024

CAAI Trans on Intel Tech

View full text Add to dashboard Cite

Support vector machine (SVM) is a binary classifier widely used in machine learning. However, neglecting the latent data structure in previous SVM can limit the performance of SVM and its extensions. To address this issue, the authors propose a novel SVM with discriminative low‐rank embedding (LRSVM) that finds a discriminative latent low‐rank subspace more suitable for SVM classification. The extension models of LRSVM are introduced by imposing different orthogonality constraints to prevent computational inaccuracies. A detailed derivation of the authors’ iterative algorithms are given that is essentially for solving the SVM on the low‐rank subspace. Additionally, some theorems and properties of the proposed models are presented by the authors. It is worth mentioning that the subproblems of the proposed algorithms are equivalent to the standard or the weighted linear discriminant analysis (LDA) problems. This indicates that the projection subspaces obtained by the authors’ algorithms are more suitable for SVM classification compared to those from the LDA method. The convergence analysis for the authors proposed algorithms are also provided. Furthermore, the authors conduct experiments on various machine learning data sets to evaluate the algorithms. The experiment results show that the authors’ algorithms perform significantly better than other algorithms, which indicates their superior abilities on classification tasks.

show abstract

Fast and Scalable Adversarial Training of Kernel SVM via Doubly Stochastic Gradients

Cited by 7 publications

References 25 publications

RobEns: Robust Ensemble Adversarial Machine Learning Framework for Securing IoT Traffic

RobEns: Robust Ensemble Adversarial Machine Learning Framework for Securing IoT Traffic

Large-scale machine learning with fast and stable stochastic conjugate gradient

Support vector machine with discriminative low‐rank embedding

Contact Info

Product

Resources

About