SlideShare a Scribd company logo

Detecting Adversarial Data Using Negative Detectors

Download as PPTX, PDF
Kishor Datta Gupta
Kishor Datta Gupta

With the increased popularity of Machine Learning (ML) in real-world applications, adversarial attacks are emerging to subvert the ML-based decision support systems. It appears that the existing adversarial defenses are ineffective against adaptive attacks since these are highly depend on knowledge of prior attacks and the ML model architecture. To alleviate the challenges, We propose a negative filtering strategy that does not require any adversarial knowledge and can work independent of ML models. This filtering strategy relies on salient features of clean (training) data and employs a complementary approach to cover possible attack surface in an application. Our empirical experiments with different data sets demonstrate that the negative filters could effectively detect wide-range of adversarial inputs and update itself to protect against adaptive attacks.

Engineering
1 of 13
Using Negative Detectors for Identifying Adversarial Data Manipulation Presented by : Kishor Datta Gupta
Adversarial Attack (AA) on AI/ML “Manipulation of training data, Machine Learning (ML) model architecture, or manipulate testing data in a way that will result in wrong output from ML”
Limitation of AA Defense Strategies • Generate Adversarial Example and Retrain the model • Limitations: Reduce the accuracy of learning model Retrain: • Using PCA, low-pass filtering, JPEG compression, soft thresholding techniques as pre-processing technique. • Limitation: Vulnerable to adaptive attack. Input Reconstruction or Transformation: • Modifying the ML architecture to detect adversarial attack • Limitations: Require Modification of learning models. Model Modification:
We need an adaptive defense strategy which don’t modify the learning model and don’t require the adversarial knowledge. Problem Definition Detect adversarial input using only the knowledge of non-adversarial data, Converting it as an Outlier detection problem
Relevant Outlier Detection models Type Abbr Algorithm Linear Model MCD Minimum Covariance Determinant (use the mahalanobis distances as the outlier scores) OCSVM One-Class Support Vector Machines LMDD Deviation-based Outlier Detection (LMDD) Proximity-Based LOF Local Outlier Factor COF Connectivity-Based Outlier Factor CBLOF Clustering-Based Local Outlier Factor LOCI LOCI: Fast outlier detection using the local correlation integral HBOS Histogram-based Outlier Score SOD Subspace Outlier Detection ROD Rotation-based Outlier Detection Probabilistic ABOD Angle-Based Outlier Detection COPOD COPOD: Copula-Based Outlier Detection FastABOD Fast Angle-Based Outlier Detection using approximation MAD Median Absolute Deviation (MAD) SOS Stochastic Outlier Selection Outlier Ensembles IForest Isolation Forest FB Feature Bagging LSCP LSCP: Locally Selective Combination of Parallel Outlier Ensembles XGBOD Extreme Boosting Based Outlier Detection (Supervised) LODA Lightweight On-line Detector of Anomalies Neural Networks AutoEncoder Fully connected AutoEncoder (use reconstruction error as the outlier score) VAE Variational AutoEncoder (use reconstruction error as the outlier score) Beta-VAE Variational AutoEncoder (all customized loss term by varying gamma and capacity) SO_GAAL Single-Objective Generative Adversarial Active Learning MO_GAAL Multiple-Objective Generative Adversarial Active Learning
Negative Selection Algorithm
Generating Detector set
Use of Detectors
System Workflow
Experimental Results
Comparison
Summary We devised an adaptive negative filtering methodology to detect adversarial attacks that does not modify the ML model or information about the ML model. Our strategy can be implemented in any ML-based system without expensive retraining. Adaptive attacks are ineffective in our negative filtering approach. Further works will be needed to conduce comprehensive experiments for testing various attacks using datasets from different domains.
Q/A

Recommended

Adversarial Input Detection Using Image Processing Techniques (IPT)
Adversarial Input Detection Using Image Processing Techniques (IPT)Adversarial Input Detection Using Image Processing Techniques (IPT)
Adversarial Input Detection Using Image Processing Techniques (IPT)Kishor Datta Gupta
 
Robust Filtering Schemes for Machine Learning Systems to Defend Adversarial A...
Robust Filtering Schemes for Machine Learning Systems to Defend Adversarial A...Robust Filtering Schemes for Machine Learning Systems to Defend Adversarial A...
Robust Filtering Schemes for Machine Learning Systems to Defend Adversarial A...Kishor Datta Gupta
 
Applicability issues of Evasion-Based Adversarial Attacks and Mitigation Tech...
Applicability issues of Evasion-Based Adversarial Attacks and Mitigation Tech...Applicability issues of Evasion-Based Adversarial Attacks and Mitigation Tech...
Applicability issues of Evasion-Based Adversarial Attacks and Mitigation Tech...Kishor Datta Gupta
 
Wrapper feature selection method
Wrapper feature selection methodWrapper feature selection method
Wrapper feature selection methodAmir Razmjou
 
Improving Analogy Software Effort Estimation using Fuzzy Feature Subset Selec...
Improving Analogy Software Effort Estimation using Fuzzy Feature Subset Selec...Improving Analogy Software Effort Estimation using Fuzzy Feature Subset Selec...
Improving Analogy Software Effort Estimation using Fuzzy Feature Subset Selec...gregoryg
 
RapidMiner: Learning Schemes In Rapid Miner
RapidMiner: Learning Schemes In Rapid MinerRapidMiner: Learning Schemes In Rapid Miner
RapidMiner: Learning Schemes In Rapid MinerDataminingTools Inc
 
Adversarial Learning_Rupam Bhattacharya
Adversarial Learning_Rupam BhattacharyaAdversarial Learning_Rupam Bhattacharya
Adversarial Learning_Rupam BhattacharyaRupam Bhattacharya
 
Feature Selection in Machine Learning
Feature Selection in Machine LearningFeature Selection in Machine Learning
Feature Selection in Machine LearningUpekha Vandebona
 

Recommended

Adversarial Input Detection Using Image Processing Techniques (IPT)
Adversarial Input Detection Using Image Processing Techniques (IPT)Adversarial Input Detection Using Image Processing Techniques (IPT)
Adversarial Input Detection Using Image Processing Techniques (IPT)Kishor Datta Gupta
 
Robust Filtering Schemes for Machine Learning Systems to Defend Adversarial A...
Robust Filtering Schemes for Machine Learning Systems to Defend Adversarial A...Robust Filtering Schemes for Machine Learning Systems to Defend Adversarial A...
Robust Filtering Schemes for Machine Learning Systems to Defend Adversarial A...Kishor Datta Gupta
 
Applicability issues of Evasion-Based Adversarial Attacks and Mitigation Tech...
Applicability issues of Evasion-Based Adversarial Attacks and Mitigation Tech...Applicability issues of Evasion-Based Adversarial Attacks and Mitigation Tech...
Applicability issues of Evasion-Based Adversarial Attacks and Mitigation Tech...Kishor Datta Gupta
 
Wrapper feature selection method
Wrapper feature selection methodWrapper feature selection method
Wrapper feature selection methodAmir Razmjou
 
Improving Analogy Software Effort Estimation using Fuzzy Feature Subset Selec...
Improving Analogy Software Effort Estimation using Fuzzy Feature Subset Selec...Improving Analogy Software Effort Estimation using Fuzzy Feature Subset Selec...
Improving Analogy Software Effort Estimation using Fuzzy Feature Subset Selec...gregoryg
 
RapidMiner: Learning Schemes In Rapid Miner
RapidMiner: Learning Schemes In Rapid MinerRapidMiner: Learning Schemes In Rapid Miner
RapidMiner: Learning Schemes In Rapid MinerDataminingTools Inc
 
Adversarial Learning_Rupam Bhattacharya
Adversarial Learning_Rupam BhattacharyaAdversarial Learning_Rupam Bhattacharya
Adversarial Learning_Rupam BhattacharyaRupam Bhattacharya
 
Feature Selection in Machine Learning
Feature Selection in Machine LearningFeature Selection in Machine Learning
Feature Selection in Machine LearningUpekha Vandebona
 
TreeHuggr: Discovering Where Tree-based Classifiers are Vulnerable to Adversa...
TreeHuggr: Discovering Where Tree-based Classifiers are Vulnerable to Adversa...TreeHuggr: Discovering Where Tree-based Classifiers are Vulnerable to Adversa...
TreeHuggr: Discovering Where Tree-based Classifiers are Vulnerable to Adversa...Bobby Filar
 
OCLR: A More Expressive, Pattern-Based Temporal Extension of OCL
OCLR: A More Expressive, Pattern-Based Temporal Extension of OCLOCLR: A More Expressive, Pattern-Based Temporal Extension of OCL
OCLR: A More Expressive, Pattern-Based Temporal Extension of OCLLionel Briand
 
Branch And Bound and Beam Search Feature Selection Algorithms
Branch And Bound and Beam Search Feature Selection AlgorithmsBranch And Bound and Beam Search Feature Selection Algorithms
Branch And Bound and Beam Search Feature Selection AlgorithmsChamin Nalinda Loku Gam Hewage
 
Attacks on Victim Model! A Defense Strategy
Attacks on Victim Model! A Defense StrategyAttacks on Victim Model! A Defense Strategy
Attacks on Victim Model! A Defense StrategySivaranjanikumar1
 
Automated Inference of Access Control Policies for Web Applications
Automated Inference of Access Control Policies for Web ApplicationsAutomated Inference of Access Control Policies for Web Applications
Automated Inference of Access Control Policies for Web ApplicationsLionel Briand
 
Decision tables
Decision tablesDecision tables
Decision tablesAshish Kulkarni
 
RapidMiner: Data Mining And Rapid Miner
RapidMiner: Data Mining And Rapid MinerRapidMiner: Data Mining And Rapid Miner
RapidMiner: Data Mining And Rapid MinerDataminingTools Inc
 
Improving Spam Mail Filtering Using Classification Algorithms With Partition ...
Improving Spam Mail Filtering Using Classification Algorithms With Partition ...Improving Spam Mail Filtering Using Classification Algorithms With Partition ...
Improving Spam Mail Filtering Using Classification Algorithms With Partition ...IRJET Journal
 
01 Introduction to Machine Learning
01 Introduction to Machine Learning01 Introduction to Machine Learning
01 Introduction to Machine LearningTamer Ahmed Farrag, PhD
 
Implicit and explicit sequence control with exception handling
Implicit and explicit sequence control with exception handlingImplicit and explicit sequence control with exception handling
Implicit and explicit sequence control with exception handlingVIKASH MAINANWAL
 
Anomaly detection (Unsupervised Learning) in Machine Learning
Anomaly detection (Unsupervised Learning) in Machine LearningAnomaly detection (Unsupervised Learning) in Machine Learning
Anomaly detection (Unsupervised Learning) in Machine LearningKuppusamy P
 
Load Test Correlation
Load Test CorrelationLoad Test Correlation
Load Test CorrelationLoadium
 
Deep learning MindMap
Deep learning MindMapDeep learning MindMap
Deep learning MindMapAshish Patel
 
Machine learning Mind Map
Machine learning Mind MapMachine learning Mind Map
Machine learning Mind MapAshish Patel
 
Competition16
Competition16Competition16
Competition16Saurabh Vashist
 
Matrix Factorization Technique for Recommender Systems
Matrix Factorization Technique for Recommender SystemsMatrix Factorization Technique for Recommender Systems
Matrix Factorization Technique for Recommender SystemsAladejubelo Oluwashina
 
Supervised Machine Learning: A Review of Classification ...
Supervised Machine Learning: A Review of Classification ...Supervised Machine Learning: A Review of Classification ...
Supervised Machine Learning: A Review of Classification ...butest
 
Adapted Branch-and-Bound Algorithm Using SVM With Model Selection
Adapted Branch-and-Bound Algorithm Using SVM With Model SelectionAdapted Branch-and-Bound Algorithm Using SVM With Model Selection
Adapted Branch-and-Bound Algorithm Using SVM With Model SelectionIJECEIAES
 
Application Security
Application SecurityApplication Security
Application SecurityUTD Computer Security Group
 
Optimal feature selection from v mware esxi 5.1 feature set
Optimal feature selection from v mware esxi 5.1 feature setOptimal feature selection from v mware esxi 5.1 feature set
Optimal feature selection from v mware esxi 5.1 feature setijccmsjournal
 
Deep Recurrent Neural Network for Multi-target Filtering
Deep Recurrent Neural Network for Multi-target FilteringDeep Recurrent Neural Network for Multi-target Filtering
Deep Recurrent Neural Network for Multi-target FilteringMehryar (Mike) E., Ph.D.
 
Responsible AI in Industry: Practical Challenges and Lessons Learned
Responsible AI in Industry: Practical Challenges and Lessons LearnedResponsible AI in Industry: Practical Challenges and Lessons Learned
Responsible AI in Industry: Practical Challenges and Lessons LearnedKrishnaram Kenthapadi
 

More Related Content

What's hot

TreeHuggr: Discovering Where Tree-based Classifiers are Vulnerable to Adversa...
TreeHuggr: Discovering Where Tree-based Classifiers are Vulnerable to Adversa...TreeHuggr: Discovering Where Tree-based Classifiers are Vulnerable to Adversa...
TreeHuggr: Discovering Where Tree-based Classifiers are Vulnerable to Adversa...Bobby Filar
 
OCLR: A More Expressive, Pattern-Based Temporal Extension of OCL
OCLR: A More Expressive, Pattern-Based Temporal Extension of OCLOCLR: A More Expressive, Pattern-Based Temporal Extension of OCL
OCLR: A More Expressive, Pattern-Based Temporal Extension of OCLLionel Briand
 
Branch And Bound and Beam Search Feature Selection Algorithms
Branch And Bound and Beam Search Feature Selection AlgorithmsBranch And Bound and Beam Search Feature Selection Algorithms
Branch And Bound and Beam Search Feature Selection AlgorithmsChamin Nalinda Loku Gam Hewage
 
Attacks on Victim Model! A Defense Strategy
Attacks on Victim Model! A Defense StrategyAttacks on Victim Model! A Defense Strategy
Attacks on Victim Model! A Defense StrategySivaranjanikumar1
 
Automated Inference of Access Control Policies for Web Applications
Automated Inference of Access Control Policies for Web ApplicationsAutomated Inference of Access Control Policies for Web Applications
Automated Inference of Access Control Policies for Web ApplicationsLionel Briand
 
RapidMiner: Data Mining And Rapid Miner
RapidMiner: Data Mining And Rapid MinerRapidMiner: Data Mining And Rapid Miner
RapidMiner: Data Mining And Rapid MinerDataminingTools Inc
 
Improving Spam Mail Filtering Using Classification Algorithms With Partition ...
Improving Spam Mail Filtering Using Classification Algorithms With Partition ...Improving Spam Mail Filtering Using Classification Algorithms With Partition ...
Improving Spam Mail Filtering Using Classification Algorithms With Partition ...IRJET Journal
 
Implicit and explicit sequence control with exception handling
Implicit and explicit sequence control with exception handlingImplicit and explicit sequence control with exception handling
Implicit and explicit sequence control with exception handlingVIKASH MAINANWAL
 
Anomaly detection (Unsupervised Learning) in Machine Learning
Anomaly detection (Unsupervised Learning) in Machine LearningAnomaly detection (Unsupervised Learning) in Machine Learning
Anomaly detection (Unsupervised Learning) in Machine LearningKuppusamy P
 
Load Test Correlation
Load Test CorrelationLoad Test Correlation
Load Test CorrelationLoadium
 
Deep learning MindMap
Deep learning MindMapDeep learning MindMap
Deep learning MindMapAshish Patel
 
Machine learning Mind Map
Machine learning Mind MapMachine learning Mind Map
Machine learning Mind MapAshish Patel
 
Matrix Factorization Technique for Recommender Systems
Matrix Factorization Technique for Recommender SystemsMatrix Factorization Technique for Recommender Systems
Matrix Factorization Technique for Recommender SystemsAladejubelo Oluwashina
 
Supervised Machine Learning: A Review of Classification ...
Supervised Machine Learning: A Review of Classification ...Supervised Machine Learning: A Review of Classification ...
Supervised Machine Learning: A Review of Classification ...butest
 
Adapted Branch-and-Bound Algorithm Using SVM With Model Selection
Adapted Branch-and-Bound Algorithm Using SVM With Model SelectionAdapted Branch-and-Bound Algorithm Using SVM With Model Selection
Adapted Branch-and-Bound Algorithm Using SVM With Model SelectionIJECEIAES
 
Optimal feature selection from v mware esxi 5.1 feature set
Optimal feature selection from v mware esxi 5.1 feature setOptimal feature selection from v mware esxi 5.1 feature set
Optimal feature selection from v mware esxi 5.1 feature setijccmsjournal
 

What's hot (20)

TreeHuggr: Discovering Where Tree-based Classifiers are Vulnerable to Adversa...
TreeHuggr: Discovering Where Tree-based Classifiers are Vulnerable to Adversa...TreeHuggr: Discovering Where Tree-based Classifiers are Vulnerable to Adversa...
TreeHuggr: Discovering Where Tree-based Classifiers are Vulnerable to Adversa...
 
OCLR: A More Expressive, Pattern-Based Temporal Extension of OCL
OCLR: A More Expressive, Pattern-Based Temporal Extension of OCLOCLR: A More Expressive, Pattern-Based Temporal Extension of OCL
OCLR: A More Expressive, Pattern-Based Temporal Extension of OCL
 
Branch And Bound and Beam Search Feature Selection Algorithms
Branch And Bound and Beam Search Feature Selection AlgorithmsBranch And Bound and Beam Search Feature Selection Algorithms
Branch And Bound and Beam Search Feature Selection Algorithms
 
Attacks on Victim Model! A Defense Strategy
Attacks on Victim Model! A Defense StrategyAttacks on Victim Model! A Defense Strategy
Attacks on Victim Model! A Defense Strategy
 
Automated Inference of Access Control Policies for Web Applications
Automated Inference of Access Control Policies for Web ApplicationsAutomated Inference of Access Control Policies for Web Applications
Automated Inference of Access Control Policies for Web Applications
 
Decision tables
Decision tablesDecision tables
Decision tables
 
RapidMiner: Data Mining And Rapid Miner
RapidMiner: Data Mining And Rapid MinerRapidMiner: Data Mining And Rapid Miner
RapidMiner: Data Mining And Rapid Miner
 
Improving Spam Mail Filtering Using Classification Algorithms With Partition ...
Improving Spam Mail Filtering Using Classification Algorithms With Partition ...Improving Spam Mail Filtering Using Classification Algorithms With Partition ...
Improving Spam Mail Filtering Using Classification Algorithms With Partition ...
 
01 Introduction to Machine Learning
01 Introduction to Machine Learning01 Introduction to Machine Learning
01 Introduction to Machine Learning
 
Implicit and explicit sequence control with exception handling
Implicit and explicit sequence control with exception handlingImplicit and explicit sequence control with exception handling
Implicit and explicit sequence control with exception handling
 
Anomaly detection (Unsupervised Learning) in Machine Learning
Anomaly detection (Unsupervised Learning) in Machine LearningAnomaly detection (Unsupervised Learning) in Machine Learning
Anomaly detection (Unsupervised Learning) in Machine Learning
 
Load Test Correlation
Load Test CorrelationLoad Test Correlation
Load Test Correlation
 
Deep learning MindMap
Deep learning MindMapDeep learning MindMap
Deep learning MindMap
 
Machine learning Mind Map
Machine learning Mind MapMachine learning Mind Map
Machine learning Mind Map
 
Competition16
Competition16Competition16
Competition16
 
Matrix Factorization Technique for Recommender Systems
Matrix Factorization Technique for Recommender SystemsMatrix Factorization Technique for Recommender Systems
Matrix Factorization Technique for Recommender Systems
 
Supervised Machine Learning: A Review of Classification ...
Supervised Machine Learning: A Review of Classification ...Supervised Machine Learning: A Review of Classification ...
Supervised Machine Learning: A Review of Classification ...
 
Adapted Branch-and-Bound Algorithm Using SVM With Model Selection
Adapted Branch-and-Bound Algorithm Using SVM With Model SelectionAdapted Branch-and-Bound Algorithm Using SVM With Model Selection
Adapted Branch-and-Bound Algorithm Using SVM With Model Selection
 
Application Security
Application SecurityApplication Security
Application Security
 
Optimal feature selection from v mware esxi 5.1 feature set
Optimal feature selection from v mware esxi 5.1 feature setOptimal feature selection from v mware esxi 5.1 feature set
Optimal feature selection from v mware esxi 5.1 feature set
 

Similar to Detecting Adversarial Data Using Negative Detectors

Deep Recurrent Neural Network for Multi-target Filtering
Deep Recurrent Neural Network for Multi-target FilteringDeep Recurrent Neural Network for Multi-target Filtering
Deep Recurrent Neural Network for Multi-target FilteringMehryar (Mike) E., Ph.D.
 
Responsible AI in Industry: Practical Challenges and Lessons Learned
Responsible AI in Industry: Practical Challenges and Lessons LearnedResponsible AI in Industry: Practical Challenges and Lessons Learned
Responsible AI in Industry: Practical Challenges and Lessons LearnedKrishnaram Kenthapadi
 
Realtime pothole detection system using improved CNN Models
Realtime pothole detection system using improved CNN ModelsRealtime pothole detection system using improved CNN Models
Realtime pothole detection system using improved CNN Modelsnithinsai2992
 
Ubiquitious Computing system : Integrating RFID with Face Recognition systems
Ubiquitious Computing system : Integrating RFID with Face Recognition systemsUbiquitious Computing system : Integrating RFID with Face Recognition systems
Ubiquitious Computing system : Integrating RFID with Face Recognition systemsShahryar Ali
 
Automated parameter optimization should be included in future 
defect predict...
Automated parameter optimization should be included in future 
defect predict...Automated parameter optimization should be included in future 
defect predict...
Automated parameter optimization should be included in future 
defect predict...Chakkrit (Kla) Tantithamthavorn
 
4. Classification.pdf
4. Classification.pdf4. Classification.pdf
4. Classification.pdfJyoti Yadav
 
Presentation on BornoNet Research Paper and Python Basics
Presentation on BornoNet Research Paper and Python BasicsPresentation on BornoNet Research Paper and Python Basics
Presentation on BornoNet Research Paper and Python BasicsShibbir Ahmed
 
Intro to Multitarget Tracking for CURVE
Intro to Multitarget Tracking for CURVEIntro to Multitarget Tracking for CURVE
Intro to Multitarget Tracking for CURVEchenhm
 
Andrew Bossy. Data Imputation Using Reverse ML
Andrew Bossy. Data Imputation Using Reverse MLAndrew Bossy. Data Imputation Using Reverse ML
Andrew Bossy. Data Imputation Using Reverse MLLviv Startup Club
 
Deep_Learning__INAF_baroncelli.pdf
Deep_Learning__INAF_baroncelli.pdfDeep_Learning__INAF_baroncelli.pdf
Deep_Learning__INAF_baroncelli.pdfasdfasdf214078
 
Outlier detection method introduction
Outlier detection method introductionOutlier detection method introduction
Outlier detection method introductionDaeJin Kim
 
Recent advances on low-rank and sparse decomposition for moving object detection
Recent advances on low-rank and sparse decomposition for moving object detectionRecent advances on low-rank and sparse decomposition for moving object detection
Recent advances on low-rank and sparse decomposition for moving object detectionActiveEon
 
COSMOS-ASME-IDETC-2014
COSMOS-ASME-IDETC-2014COSMOS-ASME-IDETC-2014
COSMOS-ASME-IDETC-2014OptiModel
 
Adaptive Hyper-Parameter Tuning for Black-box LiDAR Odometry [IROS2021]
Adaptive Hyper-Parameter Tuning for Black-box LiDAR Odometry [IROS2021]Adaptive Hyper-Parameter Tuning for Black-box LiDAR Odometry [IROS2021]
Adaptive Hyper-Parameter Tuning for Black-box LiDAR Odometry [IROS2021]KenjiKoide1
 
VSSML17 Review. Summary Day 1 Sessions
VSSML17 Review. Summary Day 1 SessionsVSSML17 Review. Summary Day 1 Sessions
VSSML17 Review. Summary Day 1 SessionsBigML, Inc
 
Andy Bosyi: Data Imputation using Reverse ML
Andy Bosyi: Data Imputation using Reverse MLAndy Bosyi: Data Imputation using Reverse ML
Andy Bosyi: Data Imputation using Reverse MLEdunomica
 

Similar to Detecting Adversarial Data Using Negative Detectors (20)

Deep Recurrent Neural Network for Multi-target Filtering
Deep Recurrent Neural Network for Multi-target FilteringDeep Recurrent Neural Network for Multi-target Filtering
Deep Recurrent Neural Network for Multi-target Filtering
 
Responsible AI in Industry: Practical Challenges and Lessons Learned
Responsible AI in Industry: Practical Challenges and Lessons LearnedResponsible AI in Industry: Practical Challenges and Lessons Learned
Responsible AI in Industry: Practical Challenges and Lessons Learned
 
Realtime pothole detection system using improved CNN Models
Realtime pothole detection system using improved CNN ModelsRealtime pothole detection system using improved CNN Models
Realtime pothole detection system using improved CNN Models
 
Robustness in deep learning
Robustness in deep learningRobustness in deep learning
Robustness in deep learning
 
Ubiquitious Computing system : Integrating RFID with Face Recognition systems
Ubiquitious Computing system : Integrating RFID with Face Recognition systemsUbiquitious Computing system : Integrating RFID with Face Recognition systems
Ubiquitious Computing system : Integrating RFID with Face Recognition systems
 
Automated parameter optimization should be included in future 
defect predict...
Automated parameter optimization should be included in future 
defect predict...Automated parameter optimization should be included in future 
defect predict...
Automated parameter optimization should be included in future 
defect predict...
 
4. Classification.pdf
4. Classification.pdf4. Classification.pdf
4. Classification.pdf
 
Final PPT.pdf
Final PPT.pdfFinal PPT.pdf
Final PPT.pdf
 
Presentation on BornoNet Research Paper and Python Basics
Presentation on BornoNet Research Paper and Python BasicsPresentation on BornoNet Research Paper and Python Basics
Presentation on BornoNet Research Paper and Python Basics
 
Intro to Multitarget Tracking for CURVE
Intro to Multitarget Tracking for CURVEIntro to Multitarget Tracking for CURVE
Intro to Multitarget Tracking for CURVE
 
Andrew Bossy. Data Imputation Using Reverse ML
Andrew Bossy. Data Imputation Using Reverse MLAndrew Bossy. Data Imputation Using Reverse ML
Andrew Bossy. Data Imputation Using Reverse ML
 
Deep_Learning__INAF_baroncelli.pdf
Deep_Learning__INAF_baroncelli.pdfDeep_Learning__INAF_baroncelli.pdf
Deep_Learning__INAF_baroncelli.pdf
 
Outlier detection method introduction
Outlier detection method introductionOutlier detection method introduction
Outlier detection method introduction
 
Recent advances on low-rank and sparse decomposition for moving object detection
Recent advances on low-rank and sparse decomposition for moving object detectionRecent advances on low-rank and sparse decomposition for moving object detection
Recent advances on low-rank and sparse decomposition for moving object detection
 
COSMOS-ASME-IDETC-2014
COSMOS-ASME-IDETC-2014COSMOS-ASME-IDETC-2014
COSMOS-ASME-IDETC-2014
 
SASA Presentation 2013
SASA Presentation 2013SASA Presentation 2013
SASA Presentation 2013
 
Adaptive Hyper-Parameter Tuning for Black-box LiDAR Odometry [IROS2021]
Adaptive Hyper-Parameter Tuning for Black-box LiDAR Odometry [IROS2021]Adaptive Hyper-Parameter Tuning for Black-box LiDAR Odometry [IROS2021]
Adaptive Hyper-Parameter Tuning for Black-box LiDAR Odometry [IROS2021]
 
VSSML17 Review. Summary Day 1 Sessions
VSSML17 Review. Summary Day 1 SessionsVSSML17 Review. Summary Day 1 Sessions
VSSML17 Review. Summary Day 1 Sessions
 
Andy Bosyi: Data Imputation using Reverse ML
Andy Bosyi: Data Imputation using Reverse MLAndy Bosyi: Data Imputation using Reverse ML
Andy Bosyi: Data Imputation using Reverse ML
 
Adaptive relaying
Adaptive relayingAdaptive relaying
Adaptive relaying
 

More from Kishor Datta Gupta

Interpretable Learning Model for Lower Dimensional Feature Space: A Case stud...
Interpretable Learning Model for Lower Dimensional Feature Space: A Case stud...Interpretable Learning Model for Lower Dimensional Feature Space: A Case stud...
Interpretable Learning Model for Lower Dimensional Feature Space: A Case stud...Kishor Datta Gupta
 
A safer approach to build recommendation systems on unidentifiable data
A safer approach to build recommendation systems on unidentifiable dataA safer approach to build recommendation systems on unidentifiable data
A safer approach to build recommendation systems on unidentifiable dataKishor Datta Gupta
 
Adversarial Attacks and Defense
Adversarial Attacks and DefenseAdversarial Attacks and Defense
Adversarial Attacks and DefenseKishor Datta Gupta
 
Who is responsible for adversarial defense
Who is responsible for adversarial defenseWho is responsible for adversarial defense
Who is responsible for adversarial defenseKishor Datta Gupta
 
Deep Reinforcement Learning based Recommendation with Explicit User-ItemInter...
Deep Reinforcement Learning based Recommendation with Explicit User-ItemInter...Deep Reinforcement Learning based Recommendation with Explicit User-ItemInter...
Deep Reinforcement Learning based Recommendation with Explicit User-ItemInter...Kishor Datta Gupta
 
Machine learning in computer security
Machine learning in computer securityMachine learning in computer security
Machine learning in computer securityKishor Datta Gupta
 
Policy Based reinforcement Learning for time series Anomaly detection
Policy Based reinforcement Learning for time series Anomaly detectionPolicy Based reinforcement Learning for time series Anomaly detection
Policy Based reinforcement Learning for time series Anomaly detectionKishor Datta Gupta
 
understanding the pandemic through mining covid news using natural language p...
understanding the pandemic through mining covid news using natural language p...understanding the pandemic through mining covid news using natural language p...
understanding the pandemic through mining covid news using natural language p...Kishor Datta Gupta
 
Different representation space for MNIST digit
Different representation space for MNIST digitDifferent representation space for MNIST digit
Different representation space for MNIST digitKishor Datta Gupta
 
"Can NLP techniques be utilized as a reliable tool for medical science?" -Bui...
"Can NLP techniques be utilized as a reliable tool for medical science?" -Bui..."Can NLP techniques be utilized as a reliable tool for medical science?" -Bui...
"Can NLP techniques be utilized as a reliable tool for medical science?" -Bui...Kishor Datta Gupta
 
An empirical study on algorithmic bias (aiml compsac2020)
An empirical study on algorithmic bias (aiml compsac2020)An empirical study on algorithmic bias (aiml compsac2020)
An empirical study on algorithmic bias (aiml compsac2020)Kishor Datta Gupta
 
Hybrid pow-pos-based-system against majority attack-in-cryptocurrency system ...
Hybrid pow-pos-based-system against majority attack-in-cryptocurrency system ...Hybrid pow-pos-based-system against majority attack-in-cryptocurrency system ...
Hybrid pow-pos-based-system against majority attack-in-cryptocurrency system ...Kishor Datta Gupta
 
Shamir secret sharing: Alternative of hashing for authentication
Shamir secret sharing: Alternative of hashing for authenticationShamir secret sharing: Alternative of hashing for authentication
Shamir secret sharing: Alternative of hashing for authenticationKishor Datta Gupta
 
A Genetic Algorithm Approach to Optimize Dispatching for A Micro-grid Energy ...
A Genetic Algorithm Approach to Optimize Dispatching for A Micro-grid Energy ...A Genetic Algorithm Approach to Optimize Dispatching for A Micro-grid Energy ...
A Genetic Algorithm Approach to Optimize Dispatching for A Micro-grid Energy ...Kishor Datta Gupta
 
Multi level ransomware analysis MALCON 2019 conference
Multi level ransomware analysis MALCON 2019 conferenceMulti level ransomware analysis MALCON 2019 conference
Multi level ransomware analysis MALCON 2019 conferenceKishor Datta Gupta
 

More from Kishor Datta Gupta (20)

GAN introduction.pptx
GAN introduction.pptxGAN introduction.pptx
GAN introduction.pptx
 
Interpretable Learning Model for Lower Dimensional Feature Space: A Case stud...
Interpretable Learning Model for Lower Dimensional Feature Space: A Case stud...Interpretable Learning Model for Lower Dimensional Feature Space: A Case stud...
Interpretable Learning Model for Lower Dimensional Feature Space: A Case stud...
 
A safer approach to build recommendation systems on unidentifiable data
A safer approach to build recommendation systems on unidentifiable dataA safer approach to build recommendation systems on unidentifiable data
A safer approach to build recommendation systems on unidentifiable data
 
Adversarial Attacks and Defense
Adversarial Attacks and DefenseAdversarial Attacks and Defense
Adversarial Attacks and Defense
 
Who is responsible for adversarial defense
Who is responsible for adversarial defenseWho is responsible for adversarial defense
Who is responsible for adversarial defense
 
Zero shot learning
Zero shot learning Zero shot learning
Zero shot learning
 
Deep Reinforcement Learning based Recommendation with Explicit User-ItemInter...
Deep Reinforcement Learning based Recommendation with Explicit User-ItemInter...Deep Reinforcement Learning based Recommendation with Explicit User-ItemInter...
Deep Reinforcement Learning based Recommendation with Explicit User-ItemInter...
 
Machine learning in computer security
Machine learning in computer securityMachine learning in computer security
Machine learning in computer security
 
Policy Based reinforcement Learning for time series Anomaly detection
Policy Based reinforcement Learning for time series Anomaly detectionPolicy Based reinforcement Learning for time series Anomaly detection
Policy Based reinforcement Learning for time series Anomaly detection
 
Cyber intrusion
Cyber intrusionCyber intrusion
Cyber intrusion
 
understanding the pandemic through mining covid news using natural language p...
understanding the pandemic through mining covid news using natural language p...understanding the pandemic through mining covid news using natural language p...
understanding the pandemic through mining covid news using natural language p...
 
Different representation space for MNIST digit
Different representation space for MNIST digitDifferent representation space for MNIST digit
Different representation space for MNIST digit
 
"Can NLP techniques be utilized as a reliable tool for medical science?" -Bui...
"Can NLP techniques be utilized as a reliable tool for medical science?" -Bui..."Can NLP techniques be utilized as a reliable tool for medical science?" -Bui...
"Can NLP techniques be utilized as a reliable tool for medical science?" -Bui...
 
Clustering report
Clustering reportClustering report
Clustering report
 
Basic digital image concept
Basic digital image conceptBasic digital image concept
Basic digital image concept
 
An empirical study on algorithmic bias (aiml compsac2020)
An empirical study on algorithmic bias (aiml compsac2020)An empirical study on algorithmic bias (aiml compsac2020)
An empirical study on algorithmic bias (aiml compsac2020)
 
Hybrid pow-pos-based-system against majority attack-in-cryptocurrency system ...
Hybrid pow-pos-based-system against majority attack-in-cryptocurrency system ...Hybrid pow-pos-based-system against majority attack-in-cryptocurrency system ...
Hybrid pow-pos-based-system against majority attack-in-cryptocurrency system ...
 
Shamir secret sharing: Alternative of hashing for authentication
Shamir secret sharing: Alternative of hashing for authenticationShamir secret sharing: Alternative of hashing for authentication
Shamir secret sharing: Alternative of hashing for authentication
 
A Genetic Algorithm Approach to Optimize Dispatching for A Micro-grid Energy ...
A Genetic Algorithm Approach to Optimize Dispatching for A Micro-grid Energy ...A Genetic Algorithm Approach to Optimize Dispatching for A Micro-grid Energy ...
A Genetic Algorithm Approach to Optimize Dispatching for A Micro-grid Energy ...
 
Multi level ransomware analysis MALCON 2019 conference
Multi level ransomware analysis MALCON 2019 conferenceMulti level ransomware analysis MALCON 2019 conference
Multi level ransomware analysis MALCON 2019 conference
 

Recently uploaded

AKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfAKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfankushspencer015
 
Glass Ceramics: Processing and Properties
Glass Ceramics: Processing and PropertiesGlass Ceramics: Processing and Properties
Glass Ceramics: Processing and PropertiesPrabhanshu Chaturvedi
 
result management system report for college project
result management system report for college projectresult management system report for college project
result management system report for college projectTonystark477637
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISrknatarajan
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Christo Ananth
 
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptxBSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptxfenichawla
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordAsst.prof M.Gokilavani
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escortsranjana rawat
 
UNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular ConduitsUNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular Conduitsrknatarajan
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Call Girls in Nagpur High Profile
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Christo Ananth
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Extrusion Processes and Their Limitations
Extrusion Processes and Their LimitationsExtrusion Processes and Their Limitations
Extrusion Processes and Their Limitations120cr0395
 
MANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTING
MANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTINGMANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTING
MANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTINGSIVASHANKAR N
 
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...Call Girls in Nagpur High Profile
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxAsutosh Ranjan
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performancesivaprakash250
 
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsRussian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 

Recently uploaded (20)

AKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdfAKTU Computer Networks notes --- Unit 3.pdf
AKTU Computer Networks notes --- Unit 3.pdf
 
Glass Ceramics: Processing and Properties
Glass Ceramics: Processing and PropertiesGlass Ceramics: Processing and Properties
Glass Ceramics: Processing and Properties
 
result management system report for college project
result management system report for college projectresult management system report for college project
result management system report for college project
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSIS
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
 
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
 
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptxBSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
 
UNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular ConduitsUNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular Conduits
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Extrusion Processes and Their Limitations
Extrusion Processes and Their LimitationsExtrusion Processes and Their Limitations
Extrusion Processes and Their Limitations
 
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINEDJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
 
MANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTING
MANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTINGMANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTING
MANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTING
 
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptx
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performance
 
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsRussian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
 

Detecting Adversarial Data Using Negative Detectors

  • 1. Using Negative Detectors for Identifying Adversarial Data Manipulation Presented by : Kishor Datta Gupta
  • 2. Adversarial Attack (AA) on AI/ML “Manipulation of training data, Machine Learning (ML) model architecture, or manipulate testing data in a way that will result in wrong output from ML”
  • 3. Limitation of AA Defense Strategies • Generate Adversarial Example and Retrain the model • Limitations: Reduce the accuracy of learning model Retrain: • Using PCA, low-pass filtering, JPEG compression, soft thresholding techniques as pre-processing technique. • Limitation: Vulnerable to adaptive attack. Input Reconstruction or Transformation: • Modifying the ML architecture to detect adversarial attack • Limitations: Require Modification of learning models. Model Modification:
  • 4. We need an adaptive defense strategy which don’t modify the learning model and don’t require the adversarial knowledge. Problem Definition Detect adversarial input using only the knowledge of non-adversarial data, Converting it as an Outlier detection problem
  • 5. Relevant Outlier Detection models Type Abbr Algorithm Linear Model MCD Minimum Covariance Determinant (use the mahalanobis distances as the outlier scores) OCSVM One-Class Support Vector Machines LMDD Deviation-based Outlier Detection (LMDD) Proximity-Based LOF Local Outlier Factor COF Connectivity-Based Outlier Factor CBLOF Clustering-Based Local Outlier Factor LOCI LOCI: Fast outlier detection using the local correlation integral HBOS Histogram-based Outlier Score SOD Subspace Outlier Detection ROD Rotation-based Outlier Detection Probabilistic ABOD Angle-Based Outlier Detection COPOD COPOD: Copula-Based Outlier Detection FastABOD Fast Angle-Based Outlier Detection using approximation MAD Median Absolute Deviation (MAD) SOS Stochastic Outlier Selection Outlier Ensembles IForest Isolation Forest FB Feature Bagging LSCP LSCP: Locally Selective Combination of Parallel Outlier Ensembles XGBOD Extreme Boosting Based Outlier Detection (Supervised) LODA Lightweight On-line Detector of Anomalies Neural Networks AutoEncoder Fully connected AutoEncoder (use reconstruction error as the outlier score) VAE Variational AutoEncoder (use reconstruction error as the outlier score) Beta-VAE Variational AutoEncoder (all customized loss term by varying gamma and capacity) SO_GAAL Single-Objective Generative Adversarial Active Learning MO_GAAL Multiple-Objective Generative Adversarial Active Learning
  • 12. Summary We devised an adaptive negative filtering methodology to detect adversarial attacks that does not modify the ML model or information about the ML model. Our strategy can be implemented in any ML-based system without expensive retraining. Adaptive attacks are ineffective in our negative filtering approach. Further works will be needed to conduce comprehensive experiments for testing various attacks using datasets from different domains.
  • 13. Q/A