Evading Anomaly Detection through Variance Injection Attacks on PCA

(Extended Abstract)
  • Benjamin I. P. Rubinstein
  • Blaine Nelson
  • Ling Huang
  • Anthony D. Joseph
  • Shing-hon Lau
  • Nina Taft
  • J. D. Tygar
Conference paper

DOI: 10.1007/978-3-540-87403-4_23

Part of the Lecture Notes in Computer Science book series (LNCS, volume 5230)
Cite this paper as:
Rubinstein B.I.P. et al. (2008) Evading Anomaly Detection through Variance Injection Attacks on PCA. In: Lippmann R., Kirda E., Trachtenberg A. (eds) Recent Advances in Intrusion Detection. RAID 2008. Lecture Notes in Computer Science, vol 5230. Springer, Berlin, Heidelberg

Abstract

Whenever machine learning is applied to security problems, it is important to measure vulnerabilities to adversaries who poison the training data. We demonstrate the impact of variance injection schemes on PCA-based network-wide volume anomaly detectors, when a single compromised PoP injects chaff into the network. These schemes can increase the chance of evading detection by sixfold, for DoS attacks.

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Benjamin I. P. Rubinstein
    • 1
  • Blaine Nelson
    • 1
  • Ling Huang
    • 2
  • Anthony D. Joseph
    • 1
    • 2
  • Shing-hon Lau
    • 1
  • Nina Taft
    • 2
  • J. D. Tygar
    • 1
  1. 1.UC Berkeley 
  2. 2.Intel ResearchBerkeley 

Personalised recommendations