Team for Research in
Ubiquitous Secure Technology

Evading Anomaly Detection through Variance Injection Attacks on PCA

Citation
"Evading Anomaly Detection through Variance Injection Attacks on PCA". B. Rubinstein, B. Nelson, L. Huang, A. Joseph, S. Lau, N. Taft, and J. D. Tygar (eds.), September, 2008.

Abstract
Whenever machine learning is applied to security problems, it is important to measure vulnerabilities to adversaries who poison the training data. We demonstrate the impact of variance injection schemes on PCA-based network-wide volume anomaly detectors, when a single compromised PoP injects chaff into the network. These schemes can increase the chance of evading detection by sixfold, for DoS attacks.

Electronic downloads

Citation formats  
  • HTML
     <a
    href="http://www.truststc.org/pubs/729.html"
    ><i>Evading Anomaly Detection through Variance
    Injection Attacks on PCA</i></a>, B. Rubinstein,
    B. Nelson, L. Huang, A. Joseph, S. Lau, N. Taft, and J. D.
    Tygar (eds.), September, 2008.
  • Plain text
     "Evading Anomaly Detection through Variance Injection
    Attacks on PCA". B. Rubinstein, B. Nelson, L. Huang, A.
    Joseph, S. Lau, N. Taft, and J. D. Tygar (eds.), September,
    2008.
  • BibTeX
    @proceedings{RubinsteinNelsonHuangJosephLauTaftTygar08_EvadingAnomalyDetectionThroughVarianceInjectionAttacks,
        title = {Evading Anomaly Detection through Variance
                  Injection Attacks on PCA},
        editor = {B. Rubinstein, B. Nelson, L. Huang, A. Joseph, S.
                  Lau, N. Taft, and J. D. Tygar},
        month = {September},
        year = {2008},
        abstract = {Whenever machine learning is applied to security
                  problems, it is important to measure
                  vulnerabilities to adversaries who poison the
                  training data. We demonstrate the impact of
                  variance injection schemes on PCA-based
                  network-wide volume anomaly detectors, when a
                  single compromised PoP injects chaff into the
                  network. These schemes can increase the chance of
                  evading detection by sixfold, for DoS attacks.},
        URL = {http://www.truststc.org/pubs/729.html}
    }
    

Posted by Jessica Gamble on 7 Apr 2010.
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.