Evading Anomaly Detection through Variance Injection Attacks on PCA
- Cite this paper as:
- Rubinstein B.I.P. et al. (2008) Evading Anomaly Detection through Variance Injection Attacks on PCA. In: Lippmann R., Kirda E., Trachtenberg A. (eds) Recent Advances in Intrusion Detection. RAID 2008. Lecture Notes in Computer Science, vol 5230. Springer, Berlin, Heidelberg
Whenever machine learning is applied to security problems, it is important to measure vulnerabilities to adversaries who poison the training data. We demonstrate the impact of variance injection schemes on PCA-based network-wide volume anomaly detectors, when a single compromised PoP injects chaff into the network. These schemes can increase the chance of evading detection by sixfold, for DoS attacks.