Umfang:
1 Online-Ressource (171 Seiten)
ISBN:
9781681733968
,
9781681733982
Serie:
Synthesis Lectures on Artificial Intelligence and Machine Learning #38
Inhalt:
Intro -- List of Figures -- Preface -- Acknowledgments -- Introduction -- Machine Learning Preliminaries -- Supervised Learning -- Regression Learning -- Classification Learning -- PAC Learnability -- Supervised Learning in Adversarial Settings -- Unsupervised Learning -- Clustering -- Principal Component Analysis -- Matrix Completion -- Unsupervised Learning in Adversarial Settings -- Reinforcement Learning -- Reinforcement Learning in Adversarial Settings -- Bibliographic Notes -- Categories of Attacks on Machine Learning -- Attack Timing -- Information Available to the Attacker -- Attacker Goals -- Bibliographic Notes -- Attacks at Decision Time -- Examples of Evasion Attacks on Machine Learning Models -- Attacks on Anomaly Detection: Polymorphic Blending -- Attacks on PDF Malware Classifiers -- Modeling Decision-Time Attacks -- White-Box Decision-Time Attacks -- Attacks on Binary Classifiers: Adversarial Classifier Evasion -- Decision-Time Attacks on Multiclass Classifiers -- Decision-Time Attacks on Anomaly Detectors -- Decision-Time Attacks on Clustering Models -- Decision-Time Attacks on Regression Models -- Decision-Time Attacks on Reinforcement Learning -- Black-Box Decision-Time Attacks -- A Taxonomy of Black-Box Attacks -- Modeling Attacker Information Acquisition -- Attacking Using an Approximate Model -- Bibliographical Notes -- Defending Against Decision-Time Attacks -- Hardening Supervised Learning against Decision-Time Attacks -- Optimal Evasion-Robust Classification -- Optimal Evasion-Robust Sparse SVM -- Evasion-Robust SVM against Free-Range Attacks -- Evasion-Robust SVM against Restrained Attacks -- Evasion-Robust Classification on Unrestricted Feature Spaces -- Robustness to Adversarially Missing Features -- Approximately Hardening Classifiers against Decision-Time Attacks -- Relaxation Approaches
Inhalt:
General-Purpose Defense: Iterative Retraining -- Evasion-Robustness through Feature-Level Protection -- Decision Randomization -- Model -- Optimal Randomized Operational Use of Classification -- Evasion-Robust Regression -- Bibliographic Notes -- Data Poisoning Attacks -- Modeling Poisoning Attacks -- Poisoning Attacks on Binary Classification -- Label-Flipping Attacks -- Poison Insertion Attack on Kernel SVM -- Poisoning Attacks for Unsupervised Learning -- Poisoning Attacks on Clustering -- Poisoning Attacks on Anomaly Detection -- Poisoning Attack on Matrix Completion -- Attack Model -- Attacking Alternating Minimization -- Attacking Nuclear Norm Minimization -- Mimicking Normal User Behaviors -- A General Framework for Poisoning Attacks -- Black-Box Poisoning Attacks -- Bibliographic Notes -- Defending Against Data Poisoning -- Robust Learning through Data Sub-Sampling -- Robust Learning through Outlier Removal -- Robust Learning through Trimmed Optimization -- Robust Matrix Factorization -- Noise-Free Subspace Recovery -- Dealing with Noise -- Efficient Robust Subspace Recovery -- An Efficient Algorithm for Trimmed Optimization Problems -- Bibliographic Notes -- Attacking and Defending Deep Learning -- Attacking and Defending Deep Learning -- Neural Network Models -- Attacks on Deep Neural Networks: Adversarial Examples -- l_2-Norm Attacks -- l_-Norm Attacks -- l_0-Norm Attacks -- Attacks in the Physical World -- Black-Box Attacks -- Making Deep Learning Robust to Adversarial Examples -- Robust Optimization -- Retraining -- Distillation -- Bibliographic Notes -- The Road Ahead -- Beyond Robust Optimization -- Incomplete Information -- Confidence in Predictions -- Randomization -- Multiple Learners -- Models and Validation -- Bibliography -- Authors' Biographies -- Index -- Blank Page
Weitere Ausg.:
ISBN 9781681733951
Weitere Ausg.:
ISBN 9781681733975
Weitere Ausg.:
Erscheint auch als Druck-Ausgabe ISBN 9783031000256
Weitere Ausg.:
Erscheint auch als Druck-Ausgabe ISBN 9783031004520
Weitere Ausg.:
Erscheint auch als Druck-Ausgabe ISBN 9783031027086
Sprache:
Englisch
DOI:
10.1007/978-3-031-01580-9
