On the Statistical Detection of Adversarial Instances over Encrypted Data

Mina Sheikhalishahi; Majid Nateghizad; Fabio Martinelli; Zekeriya Erkin; Marco Loog

doi:10.1007/978-3-030-31511-5_5

On the Statistical Detection of Adversarial Instances over Encrypted Data

Mina Sheikhalishahi^*, Majid Nateghizad, Fabio Martinelli, Zekeriya Erkin, Marco Loog

^*Corresponding author for this work

Research output: Chapter in Book/Conference proceedings/Edited volume › Conference contribution › Scientific › peer-review

2 Citations (Scopus)

Abstract

Adversarial instances are malicious inputs designed to fool machine learning models. In particular, motivated and sophisticated attackers intentionally design adversarial instances to evade classifiers which have been trained to detect security violation, such as malware detection. While the existing approaches provide effective solutions in detecting and defending adversarial samples, they fail to detect them when they are encrypted. In this study, a novel framework is proposed which employs statistical test to detect adversarial instances, when data under analysis are encrypted. An experimental evaluation of our approach shows its practical feasibility in terms of computation cost.

Original language	English
Title of host publication	Security and Trust Management - 15th International Workshop, STM 2019, Proceedings
Editors	Sjouke Mauw, Mauro Conti
Publisher	Springer
Pages	71-88
Number of pages	18
Volume	11738
ISBN (Print)	9783030315108
DOIs	https://doi.org/10.1007/978-3-030-31511-5_5
Publication status	Published - 2019
Event	15th International Workshop on Security and Trust Management, STM 2019 held in conjunction with the 24th European Symposium on Research in Computer Security, ESORICS 2019 - Luxembourg, Luxembourg Duration: 26 Sept 2019 → 27 Sept 2019

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	11738 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	15th International Workshop on Security and Trust Management, STM 2019 held in conjunction with the 24th European Symposium on Research in Computer Security, ESORICS 2019
Country/Territory	Luxembourg
City	Luxembourg
Period	26/09/19 → 27/09/19

Keywords

Adversarial machine learning
Homomorphic encryption
Privacy

Access to Document

10.1007/978-3-030-31511-5_5

Cite this

Sheikhalishahi, M., Nateghizad, M., Martinelli, F., Erkin, Z., & Loog, M. (2019). On the Statistical Detection of Adversarial Instances over Encrypted Data. In S. Mauw, & M. Conti (Eds.), Security and Trust Management - 15th International Workshop, STM 2019, Proceedings (Vol. 11738, pp. 71-88). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11738 LNCS). Springer. https://doi.org/10.1007/978-3-030-31511-5_5

Sheikhalishahi, Mina ; Nateghizad, Majid ; Martinelli, Fabio et al. / On the Statistical Detection of Adversarial Instances over Encrypted Data. Security and Trust Management - 15th International Workshop, STM 2019, Proceedings. editor / Sjouke Mauw ; Mauro Conti. Vol. 11738 Springer, 2019. pp. 71-88 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{696ab9aad01e4b27a18466730a42638b,

title = "On the Statistical Detection of Adversarial Instances over Encrypted Data",

abstract = "Adversarial instances are malicious inputs designed to fool machine learning models. In particular, motivated and sophisticated attackers intentionally design adversarial instances to evade classifiers which have been trained to detect security violation, such as malware detection. While the existing approaches provide effective solutions in detecting and defending adversarial samples, they fail to detect them when they are encrypted. In this study, a novel framework is proposed which employs statistical test to detect adversarial instances, when data under analysis are encrypted. An experimental evaluation of our approach shows its practical feasibility in terms of computation cost.",

keywords = "Adversarial machine learning, Homomorphic encryption, Privacy",

author = "Mina Sheikhalishahi and Majid Nateghizad and Fabio Martinelli and Zekeriya Erkin and Marco Loog",

year = "2019",

doi = "10.1007/978-3-030-31511-5_5",

language = "English",

isbn = "9783030315108",

volume = "11738",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer",

pages = "71--88",

editor = "Sjouke Mauw and Mauro Conti",

booktitle = "Security and Trust Management - 15th International Workshop, STM 2019, Proceedings",

note = "15th International Workshop on Security and Trust Management, STM 2019 held in conjunction with the 24th European Symposium on Research in Computer Security, ESORICS 2019 ; Conference date: 26-09-2019 Through 27-09-2019",

}

Sheikhalishahi, M, Nateghizad, M, Martinelli, F, Erkin, Z & Loog, M 2019, On the Statistical Detection of Adversarial Instances over Encrypted Data. in S Mauw & M Conti (eds), Security and Trust Management - 15th International Workshop, STM 2019, Proceedings. vol. 11738, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 11738 LNCS, Springer, pp. 71-88, 15th International Workshop on Security and Trust Management, STM 2019 held in conjunction with the 24th European Symposium on Research in Computer Security, ESORICS 2019, Luxembourg, Luxembourg, 26/09/19. https://doi.org/10.1007/978-3-030-31511-5_5

On the Statistical Detection of Adversarial Instances over Encrypted Data. / Sheikhalishahi, Mina; Nateghizad, Majid; Martinelli, Fabio et al.
Security and Trust Management - 15th International Workshop, STM 2019, Proceedings. ed. / Sjouke Mauw; Mauro Conti. Vol. 11738 Springer, 2019. p. 71-88 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11738 LNCS).

Research output: Chapter in Book/Conference proceedings/Edited volume › Conference contribution › Scientific › peer-review

TY - GEN

T1 - On the Statistical Detection of Adversarial Instances over Encrypted Data

AU - Sheikhalishahi, Mina

AU - Nateghizad, Majid

AU - Martinelli, Fabio

AU - Erkin, Zekeriya

AU - Loog, Marco

PY - 2019

Y1 - 2019

N2 - Adversarial instances are malicious inputs designed to fool machine learning models. In particular, motivated and sophisticated attackers intentionally design adversarial instances to evade classifiers which have been trained to detect security violation, such as malware detection. While the existing approaches provide effective solutions in detecting and defending adversarial samples, they fail to detect them when they are encrypted. In this study, a novel framework is proposed which employs statistical test to detect adversarial instances, when data under analysis are encrypted. An experimental evaluation of our approach shows its practical feasibility in terms of computation cost.

AB - Adversarial instances are malicious inputs designed to fool machine learning models. In particular, motivated and sophisticated attackers intentionally design adversarial instances to evade classifiers which have been trained to detect security violation, such as malware detection. While the existing approaches provide effective solutions in detecting and defending adversarial samples, they fail to detect them when they are encrypted. In this study, a novel framework is proposed which employs statistical test to detect adversarial instances, when data under analysis are encrypted. An experimental evaluation of our approach shows its practical feasibility in terms of computation cost.

KW - Adversarial machine learning

KW - Homomorphic encryption

KW - Privacy

UR - http://www.scopus.com/inward/record.url?scp=85075597788&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-31511-5_5

DO - 10.1007/978-3-030-31511-5_5

M3 - Conference contribution

AN - SCOPUS:85075597788

SN - 9783030315108

VL - 11738

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 71

EP - 88

BT - Security and Trust Management - 15th International Workshop, STM 2019, Proceedings

A2 - Mauw, Sjouke

A2 - Conti, Mauro

PB - Springer

T2 - 15th International Workshop on Security and Trust Management, STM 2019 held in conjunction with the 24th European Symposium on Research in Computer Security, ESORICS 2019

Y2 - 26 September 2019 through 27 September 2019

ER -

Sheikhalishahi M, Nateghizad M, Martinelli F, Erkin Z , Loog M. On the Statistical Detection of Adversarial Instances over Encrypted Data. In Mauw S, Conti M, editors, Security and Trust Management - 15th International Workshop, STM 2019, Proceedings. Vol. 11738. Springer. 2019. p. 71-88. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-030-31511-5_5

On the Statistical Detection of Adversarial Instances over Encrypted Data

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this