Bowei Xi

A Game Theoretic Approach for Adversarial Machine Learning -- When Big Data Meets Cyber Security


Nowadays more and more data are gathered for detecting and preventing cyber attacks. Unique to the cyber security applications, learning models face active adversaries that try to deceive learning models and avoid being detected. Hence future datasets and the training data no longer follow the same distribution. The existence of such adversarial samples motivates the development of robust and resilient adversarial learning techniques. Game theory offers a suitable framework to model the conflict between adversaries and defender. We develop a game theoretic framework to model the sequential actions of the adversaries and the defender, allowing players to maximize their own utilities. For supervised learning tasks, our adversarial support vector machine has a conservative decision boundary, whereas our robust deep neural network plays a random strategy inspired by the mixed equilibrium strategy. One the other hand, in real practice, labeling the data instances often requires costly and time-consuming human expertise and becomes a significant bottleneck. We develop a novel grid based adversarial clustering algorithm, to understand adversaries' behavior from a large number of unlabeled instances. Our adversarial clustering algorithm is able to identify the normal regions inside mixed clusters, and to draw defensive walls around the center of the normal objects utilizing game theoretic ideas. Our algorithm also identifies sub-clusters of adversarial samples and the overlapping areas within mixed clusters, and identify outliers which may be potential anomalies.