Pattern Recognition Systems under Attack [chapter]

Fabio Roli, Battista Biggio, Giorgio Fumera
2013 Lecture Notes in Computer Science  
We analyze the problem of designing pattern recognition systems in adversarial settings, under an engineering viewpoint, motivated by their increasing exploitation in security-sensitive applications like spam and malware detection, despite their vulnerability to potential attacks has not yet been deeply understood. We first review previous work and report examples of how a complex system may be evaded either by leveraging on trivial vulnerabilities of its untrained components, e.g., parsing
more » ... rs in the pre-processing steps, or by exploiting more subtle vulnerabilities of learning algorithms. We then discuss the need of exploiting both reactive and proactive security paradigms complementarily to improve the security by design. Our ultimate goal is to provide some useful guidelines for improving the security of pattern recognition in adversarial settings, and to suggest related open issues to foster research in this area.
doi:10.1007/978-3-642-41822-8_1 fatcat:6wbtsbfdv5dd7ity24yuwnppse