Adversarial Attacks and Data-Driven Dynamic Outlier Detection Systems
摘要
Traditional outlier detection methods are vulnerable in dynamic environments due to the presence of changing data, patterns and adversarial influences. Solving for the attacker’s problem and understanding the impact of the attack are crucial for increasing the reliability of the outlier detection. The intersection of dynamic data driven applications systems and adversarial decision models presents an opportunity for supporting the defense of outlier detection methods. This manuscript focuses on adversarial attacks against clustering based outlier detection. We explore the adversary’s decision problem of data poisoning considering various attack alternatives. We illustrate the attacks through a case study involving healthcare fraud detection. Then we discuss the underlying adversarial risk analysis and dynamic data driven applications systems concepts that could empower defenders to proactively mitigate malicious dynamic data manipulations while considering incomplete information and uncertainty.