International Workshop on Recent Advances in Intrusion Detection

RAID 2008: Recent Advances in Intrusion Detection pp 394-395

Evading Anomaly Detection through Variance Injection Attacks on PCA

(Extended Abstract)
  • Benjamin I. P. Rubinstein
  • Blaine Nelson
  • Ling Huang
  • Anthony D. Joseph
  • Shing-hon Lau
  • Nina Taft
  • J. D. Tygar
Conference paper

DOI: 10.1007/978-3-540-87403-4_23

Volume 5230 of the book series Lecture Notes in Computer Science (LNCS)
Cite this paper as:
Rubinstein B.I.P. et al. (2008) Evading Anomaly Detection through Variance Injection Attacks on PCA. In: Lippmann R., Kirda E., Trachtenberg A. (eds) Recent Advances in Intrusion Detection. RAID 2008. Lecture Notes in Computer Science, vol 5230. Springer, Berlin, Heidelberg

Abstract

Whenever machine learning is applied to security problems, it is important to measure vulnerabilities to adversaries who poison the training data. We demonstrate the impact of variance injection schemes on PCA-based network-wide volume anomaly detectors, when a single compromised PoP injects chaff into the network. These schemes can increase the chance of evading detection by sixfold, for DoS attacks.

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Benjamin I. P. Rubinstein
    • 1
  • Blaine Nelson
    • 1
  • Ling Huang
    • 2
  • Anthony D. Joseph
    • 1
    • 2
  • Shing-hon Lau
    • 1
  • Nina Taft
    • 2
  • J. D. Tygar
    • 1
  1. 1.UC Berkeley 
  2. 2.Intel ResearchBerkeley