Traditional outlier detection methods are vulnerable in dynamic environments due to the presence of changing data, patterns and adversarial influences. Solving for the attacker’s problem and understanding the impact of the attack are crucial for increasing the reliability of the outlier detection. The intersection of dynamic data driven applications systems and adversarial decision models presents an opportunity for supporting the defense of outlier detection methods. This manuscript focuses on adversarial attacks against clustering based outlier detection. We explore the adversary’s decision problem of data poisoning considering various attack alternatives. We illustrate the attacks through a case study involving healthcare fraud detection. Then we discuss the underlying adversarial risk analysis and dynamic data driven applications systems concepts that could empower defenders to proactively mitigate malicious dynamic data manipulations while considering incomplete information and uncertainty.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Adversarial Attacks and Data-Driven Dynamic Outlier Detection Systems

  • Tahir Ekin,
  • Laxmi Shaw,
  • Venkata Surya Bellamkonda

摘要

Traditional outlier detection methods are vulnerable in dynamic environments due to the presence of changing data, patterns and adversarial influences. Solving for the attacker’s problem and understanding the impact of the attack are crucial for increasing the reliability of the outlier detection. The intersection of dynamic data driven applications systems and adversarial decision models presents an opportunity for supporting the defense of outlier detection methods. This manuscript focuses on adversarial attacks against clustering based outlier detection. We explore the adversary’s decision problem of data poisoning considering various attack alternatives. We illustrate the attacks through a case study involving healthcare fraud detection. Then we discuss the underlying adversarial risk analysis and dynamic data driven applications systems concepts that could empower defenders to proactively mitigate malicious dynamic data manipulations while considering incomplete information and uncertainty.