Our work targets at searching feasible adversarial perturbation to attack a classifier with high-dimensional categorical inputs in a domain-agnostic setting. This is intrinsically a NP-hard knapsack problem where the exploration space becomes explosively larger as the feature dimension increases. Without the help of domain knowledge, solving this problem via heuristic method, such as Branch-and-Bound, suffers from exponential complexity, yet can bring arbitrarily bad attack results. We address the challenge via the lens of multi-armed bandit based combinatorial search. Our proposed method, namely FEAT, treats modifying each categorical feature as pulling an arm in multi-armed bandit programming. Our objective is to achieve highly efficient...
Abstract. In adversarial classification tasks like spam filtering, intru-sion detection in computer ...
Adversarial attack is a technique for deceiving Machine Learning (ML) models, which provides a way t...
http://www.machinelearning.orgInternational audienceIn this paper we apply multi-armed bandits (MABs...
International audienceCharacterizing and assessing the adversarial risk of a classifier with categor...
Research in adversarial learning has primarily focused on homogeneous unstructured datasets, which o...
The generation of feasible adversarial examples is necessary for properly assessing models that work...
Machine learning models are vulnerable to evasion attacks, where the attacker starts from a correctl...
We study an important and challenging task of attacking natural language processing models in a hard...
International audienceMachine learning classifiers are critically prone to evasion attacks. Adversar...
Evasion attack in multi-label learning systems is an interesting, widely witnessed, yet rarely explo...
This thesis presents and evaluates three mitigation techniques for evasion attacks against machine l...
Adversarial attacks on machine learning-based classifiers, along with defense mechanisms, have been ...
Pattern recognition and machine learning techniques have been increasingly adopted in adversarial se...
Recent research efforts on adversarial ML have investigated problem-space attacks, focusing on the g...
In this paper we apply multi-armed bandits (MABs) to accelerate ADABOOST. ADABOOST constructs a stro...
Abstract. In adversarial classification tasks like spam filtering, intru-sion detection in computer ...
Adversarial attack is a technique for deceiving Machine Learning (ML) models, which provides a way t...
http://www.machinelearning.orgInternational audienceIn this paper we apply multi-armed bandits (MABs...
International audienceCharacterizing and assessing the adversarial risk of a classifier with categor...
Research in adversarial learning has primarily focused on homogeneous unstructured datasets, which o...
The generation of feasible adversarial examples is necessary for properly assessing models that work...
Machine learning models are vulnerable to evasion attacks, where the attacker starts from a correctl...
We study an important and challenging task of attacking natural language processing models in a hard...
International audienceMachine learning classifiers are critically prone to evasion attacks. Adversar...
Evasion attack in multi-label learning systems is an interesting, widely witnessed, yet rarely explo...
This thesis presents and evaluates three mitigation techniques for evasion attacks against machine l...
Adversarial attacks on machine learning-based classifiers, along with defense mechanisms, have been ...
Pattern recognition and machine learning techniques have been increasingly adopted in adversarial se...
Recent research efforts on adversarial ML have investigated problem-space attacks, focusing on the g...
In this paper we apply multi-armed bandits (MABs) to accelerate ADABOOST. ADABOOST constructs a stro...
Abstract. In adversarial classification tasks like spam filtering, intru-sion detection in computer ...
Adversarial attack is a technique for deceiving Machine Learning (ML) models, which provides a way t...
http://www.machinelearning.orgInternational audienceIn this paper we apply multi-armed bandits (MABs...