SOCIAL: Self-Organizing ClassIfier ensemble for Adversarial Learning

  • Francesco Gargiulo
  • Carlo Sansone
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5997)


Pattern recognition techniques are often used in environments (called adversarial environments) where adversaries can consciously act to limit or prevent accurate recognition performance. This can be obtained, for example, by changing labels of training data in a malicious way.

While Multiple Classifier Systems (MCS) are currently used in several security applications, like intrusion detection in computer networks and spam filtering, there are very few MCS proposals that explicitly address the problem of learning in adversarial environments. In this paper we propose a general algorithm based on a multiple classifier approach to find out and clean mislabeled training samples. We will report several experiments to verify the robustness of the proposed approach to the presence of possible mislabeled samples. In particular, we will show that the performance obtained with a simple classifier trained on the training set “cleaned” by our algorithm is comparable and even better than those obtained by some state-of-the-art MCS trained on the original datasets.


Intrusion Detection Probabilistic Neural Network Adversarial Environment Malicious User Pattern Recognition Technique 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Abad, C., Bonilla, R.: An analysis on the schemes for detecting and preventing ARP cache poisoning attacks. In: ICDCS Workshops, p. 60. IEEE Computer Society, Los Alamitos (2007)Google Scholar
  2. 2.
    Barreno, M., Nelson, B., Sears, R., Joseph, A.D., Tygar, J.D.: Can machine learning be secure? In: Lin, F.-C., Lee, D.-T., Lin, B.-S., Shieh, S., Jajodia, S. (eds.) ASIACCS, pp. 16–25. ACM, New York (2006)CrossRefGoogle Scholar
  3. 3.
    Biggio, B., Fumera, G., Pillai, I., Roli, F.: Image spam filtering using visual information. In: Proc. of the 14th International Conf. on Image Analysis and Processing (ICIAP), pp. 105–110 (2007)Google Scholar
  4. 4.
    Biggio, B., Fumera, G., Roli, F.: Adversarial pattern classification using multiple classifiers and randomisation. In: da Vitoria Lobo, N., Kasparis, T., Roli, F., Kwok, J.T.-Y., Georgiopoulos, M., Anagnostopoulos, G.C., Loog, M. (eds.) SSSPR 2008. LNCS, vol. 5342, pp. 500–509. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  5. 5.
    Biggio, B., Fumera, G., Roli, F.: Multiple classifier systems for adversarial classification tasks. In: Benediktsson, J.A., Kittler, J., Roli, F. (eds.) MCS 2009. LNCS, vol. 5519, pp. 132–141. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  6. 6.
    Corona, I., Giacinto, G., Mazzariello, C., Roli, F., Sansone, C.: Information fusion for computer security: State of the art and open issues. Information Fusion 10(4), 274–284 (2009)CrossRefGoogle Scholar
  7. 7.
    Dietterich, T.G.: Ensemble methods in machine learning. In: Kittler, J., Roli, F. (eds.) MCS 2000. LNCS, vol. 1857, pp. 1–15. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  8. 8.
    Freund, Y., Schapire, R.E.: Experiments with a new boosting algorithm. In: Proc. 13th International Conference on Machine Learning, pp. 146–148. Morgan Kaufmann, San Francisco (1996)Google Scholar
  9. 9.
    Fumera, G., Pillai, I., Roli, F.: Spam filtering based on the analysis of text information embedded into images. Journal of Machine Learning Research 6, 2699–2720 (2006)Google Scholar
  10. 10.
    Gargiulo, F., Kuncheva, L.I., Sansone, C.: Network protocol verification by a classifier selection ensemble. In: Benediktsson, J.A., Kittler, J., Roli, F. (eds.) MCS 2009. LNCS, vol. 5519, pp. 314–323. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  11. 11.
    Gargiulo, F., Penta, A., Picariello, A., Sansone, C.: A personal antispam system based on a behaviour-knowledge space approach. In: Okun, O., Valentini, G. (eds.) Applications of Supervised and Unsupervised Ensemble Methods. Studies in Computational Intelligence, vol. 245, pp. 39–57. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  12. 12.
    Kuncheva, L.I.: Classifier ensembles for changing environments. In: Roli, F., Kittler, J., Windeatt, T. (eds.) MCS 2004. LNCS, vol. 3077, pp. 1–15. Springer, Heidelberg (2004)Google Scholar
  13. 13.
    Melville, P., Mooney, R.J.: Diverse ensembles for active learning. In: Brodley, C.E. (ed.) ICML. ACM International Conference Proceeding Series, vol. 69. ACM, New York (2004)Google Scholar
  14. 14.
    Oza, N.C.: Aveboost2: Boosting for noisy data. In: Roli, F., Kittler, J., Windeatt, T. (eds.) MCS 2004. LNCS, vol. 3077, pp. 31–40. Springer, Heidelberg (2004)Google Scholar
  15. 15.
    Smets, P., Magrez, P.: The measure of the degree of truth and the grade of membership. Fuzzy Sets Syst. 25(1), 67–72 (1988)CrossRefMathSciNetGoogle Scholar
  16. 16.
    Specht, D.F.: Probabilistic neural networks. Neural Networks 3, 109–118 (1990)CrossRefGoogle Scholar
  17. 17.
    Thiel, C.: Classification on soft labels is robust against label noise. In: Lovrek, I., Howlett, R.J., Jain, L.C. (eds.) KES 2008, Part I. LNCS (LNAI), vol. 5177, pp. 65–73. Springer, Heidelberg (2008)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Francesco Gargiulo
    • 1
  • Carlo Sansone
    • 1
  1. 1.Dipartimento di Informatica e SistemisticaUniversità degli Studi di Napoli Federico IINapoliItaly

Personalised recommendations