Team for Research in
Ubiquitous Secure Technology

Misleading learners: Co-opting your spam filter
B. Nelson, M. Barreno, F. Chi, A. Joseph, B. Rubinstein, U. Saini, C. Sutton, D. Tygar, K. Xia

Citation
B. Nelson, M. Barreno, F. Chi, A. Joseph, B. Rubinstein, U. Saini, C. Sutton, D. Tygar, K. Xia. "Misleading learners: Co-opting your spam filter". Springer, pp. 17-51, 2009.

Abstract
Using statistical machine learning for making security decisions introduces new vulnerabilities in large scale systems. We show how an adversary can exploit statistical machine learning, as used in the SpamBayes spam filter, to render it useless—even if the adversary’s access is limited to only 1% of the spam training messages. We demonstrate three new attacks that successfully make the filter unusable, prevent victims from receiving specific email messages, and cause spam emails to arrive in the victim’s inbox.

Electronic downloads

Citation formats  
  • HTML
    B. Nelson, M. Barreno, F. Chi, A. Joseph, B. Rubinstein, U.
    Saini, C. Sutton, D. Tygar, K. Xia. <a
    href="http://www.truststc.org/pubs/723.html"
    >Misleading learners: Co-opting your spam
    filter</a>, <i> Springer</i>, pp. 17-51, 
    2009.
  • Plain text
    B. Nelson, M. Barreno, F. Chi, A. Joseph, B. Rubinstein, U.
    Saini, C. Sutton, D. Tygar, K. Xia. "Misleading
    learners: Co-opting your spam filter". <i>
    Springer</i>, pp. 17-51,  2009.
  • BibTeX
    @article{NelsonBarrenoChiJosephRubinsteinSainiSuttonTygarXia09_MisleadingLearnersCooptingYourSpamFilter,
        author = {B. Nelson and M. Barreno and F. Chi and A. Joseph
                  and B. Rubinstein and U. Saini and C. Sutton and
                  D. Tygar and K. Xia},
        title = {Misleading learners: Co-opting your spam filter},
        journal = { Springer},
        pages = {17-51},
        year = {2009},
        abstract = {Using statistical machine learning for making
                  security decisions introduces new vulnerabilities
                  in large scale systems. We show how an adversary
                  can exploit statistical machine learning, as used
                  in the SpamBayes spam filter, to render it
                  useless—even if the adversary’s access is
                  limited to only 1% of the spam training messages.
                  We demonstrate three new attacks that successfully
                  make the filter unusable, prevent victims from
                  receiving specific email messages, and cause spam
                  emails to arrive in the victim’s inbox.},
        URL = {http://www.truststc.org/pubs/723.html}
    }
    

Posted by Jessica Gamble on 7 Apr 2010.
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.