Misleading learners: Co-opting your spam filter

Misleading learners: Co-opting your spam filter
B. Nelson, M. Barreno, F. Chi, A. Joseph, B. Rubinstein, U. Saini, C. Sutton, D. Tygar, K. Xia

Citation
B. Nelson, M. Barreno, F. Chi, A. Joseph, B. Rubinstein, U. Saini, C. Sutton, D. Tygar, K. Xia. "Misleading learners: Co-opting your spam filter". Springer, pp. 17-51, 2009.

Abstract
Using statistical machine learning for making security decisions introduces new vulnerabilities in large scale systems. We show how an adversary can exploit statistical machine learning, as used in the SpamBayes spam filter, to render it useless—even if the adversary’s access is limited to only 1% of the spam training messages. We demonstrate three new attacks that successfully make the filter unusable, prevent victims from receiving specific email messages, and cause spam emails to arrive in the victim’s inbox.

Electronic downloads

misleading.learners.pdf · application/pdf · 608 kbytes

Citation formats

HTML

B. Nelson, M. Barreno, F. Chi, A. Joseph, B. Rubinstein, U.
Saini, C. Sutton, D. Tygar, K. Xia. <a
href="http://www.truststc.org/pubs/723.html"
>Misleading learners: Co-opting your spam
filter</a>, <i> Springer</i>, pp. 17-51, 
2009.

Plain text

B. Nelson, M. Barreno, F. Chi, A. Joseph, B. Rubinstein, U.
Saini, C. Sutton, D. Tygar, K. Xia. "Misleading
learners: Co-opting your spam filter". <i>
Springer</i>, pp. 17-51,  2009.

BibTeX

@article{NelsonBarrenoChiJosephRubinsteinSainiSuttonTygarXia09_MisleadingLearnersCooptingYourSpamFilter,
    author = {B. Nelson and M. Barreno and F. Chi and A. Joseph
              and B. Rubinstein and U. Saini and C. Sutton and
              D. Tygar and K. Xia},
    title = {Misleading learners: Co-opting your spam filter},
    journal = { Springer},
    pages = {17-51},
    year = {2009},
    abstract = {Using statistical machine learning for making
              security decisions introduces new vulnerabilities
              in large scale systems. We show how an adversary
              can exploit statistical machine learning, as used
              in the SpamBayes spam filter, to render it
              uselessâ��even if the adversaryâ��s access is
              limited to only 1% of the spam training messages.
              We demonstrate three new attacks that successfully
              make the filter unusable, prevent victims from
              receiving specific email messages, and cause spam
              emails to arrive in the victimâ��s inbox.},
    URL = {http://www.truststc.org/pubs/723.html}
}

Posted by Jessica Gamble on 7 Apr 2010.
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.