Adversarial classification using signaling games with an application to phishing detection. (English) Zbl 1416.62336
Summary: In adversarial classification, the interaction between classifiers and adversaries can be modeled as a game between two players. It is natural to model this interaction as a dynamic game of incomplete information, since the classifier does not know the exact intentions of the different types of adversaries (senders). For these games, equilibrium strategies can be approximated and used as input for classification models. In this paper we show how to model such interactions between players, as well as give directions on how to approximate their mixed strategies. We propose perceptron-like machine learning approximations as well as novel Adversary-Aware Online Support Vector Machines. Results in a real-world adversarial environment show that our approach is competitive with benchmark online learning algorithms, and provides important insights into the complex relations among players.
MSC:
| 62H30 | Classification and discrimination; cluster analysis (statistical aspects) |
| 62P20 | Applications of statistics to economics |
| 68T05 | Learning and adaptive systems in artificial intelligence |
| 91A28 | Signaling and communication in game theory |
Keywords:
adversarial classification; signaling games; perfect Bayesian equilibrium; incremental learning; support vector machines; cybercrime; phishing filteringReferences:
| [1] | APWG (2012) Phishing activity trends report, 2nd quarter 2012. Tech. rep., APWG |
| [2] | Basne R, Mukkamala S, Sung AH (2008) Detection of phishing attacks: a machine learning approach. Chapter Studies in fuzziness and soft computing. Springer, Berlin, pp 373-383 |
| [3] | Bergholz A (2009) Antiphish: lessons learnt. In: Proceedings of the ACM SIGKDD workshop on CyberSecurity and intelligence informatics, ACM, CSI-KDD ’09, New York, pp 1-2 |
| [4] | Bergholz A, Beer JD, Glahn S, Moens MF, Paass G, Strobel S (2010) New filtering approaches for phishing email. J Comput Secur 18(1):7-35 · doi:10.3233/JCS-2010-0371 |
| [5] | Biggio B, Fumera G, Roli F (2008) Adversarial pattern classification using multiple classifiers and randomisation. In: SSPR & SPR ’08: Proceedings of the 2008 joint IAPR international workshop on structural, syntactic, and statistical pattern recognition. Springer, Berlin, pp 500-509 |
| [6] | Biggio B, Fumera G, Roli F (2009) Multiple classifier systems for adversarial classification tasks. In: MCS ’09: Proceedings of the 8th international workshop on multiple classifier systems. Springer, Berlin, pp 132-141 |
| [7] | Biggio B, Nelson B, Laskov P (2011) Support vector machines under adversarial label noise. In: Journal of Machine Learning Research—Proceedings of the 3rd Asian conference on machine learning (ACML 2011), vol 20. Taoyuan, Taiwan, pp 97-112 |
| [8] | Bíró I, Siklósi D, Szabó J, Benczúr AA (2009) Linked latent dirichlet allocation in web spam filtering. In: AIRWeb ’09: Proceedings of the 5th international workshop on adversarial information retrieval on the web, ACM, New York, pp 37-40 |
| [9] | Blei DM, Ng AY, Jordan MI (2003) Latent dirichlet allocation. J Mach Learn Res 3:993-1022 · Zbl 1112.68379 |
| [10] | Bravo C, Thomas LC, Weber R (2015) Improving credit scoring by differentiating defaulter behaviour. J Oper Res Soc 66(5):771-781. doi:10.1057/jors.2014.50 · doi:10.1057/jors.2014.50 |
| [11] | Brückner M, Scheffer T (2011) Stackelberg games for adversarial prediction problems. In: Proceedings of the 17th ACM SIGKDD international conference on Knowledge discovery and data mining, ACM, KDD ’11, New York, pp 547-555 |
| [12] | Brückner M, Kanzow C, Scheffer T (2012) Static prediction games for adversarial learning problems. J Mach Learn Res 13:2617-2654 · Zbl 1433.68328 |
| [13] | Cho IK, Kreps DM (1987) Signaling games and stable equilibria. Q J Econ 102(2):179-221 · Zbl 0626.90098 · doi:10.2307/1885060 |
| [14] | Crespo F, Weber R (2005) A methodology for dynamic data mining based on fuzzy clustering. Fuzzy Sets Syst 150(2):267-284 · Zbl 1067.68122 · doi:10.1016/j.fss.2004.03.028 |
| [15] | Dalvi N, Domingos P, Mausam, Sanghai S, Verma D (2004) Adversarial classification. In: Proceedings of the tenth international conference on knowledge discovery and data mining, ACM Press, Seattle, vol 1, pp 99-108 |
| [16] | Deerwester S, Dumais ST, Furnas GW, Landauer TK, Harshman R (1990) Indexing by latent semantic analysis. J Am Soc Inf Sci 41:391-407 · doi:10.1002/(SICI)1097-4571(199009)41:6<391::AID-ASI1>3.0.CO;2-9 |
| [17] | Fette I, Sadeh N, Tomasic A (2007) Learning to detect phishing emails. In: WWW ’07: Proceedings of the 16th international conference on World Wide Web, ACM, New York, pp 649-656 |
| [18] | Fudenberg D, Tirole J (1991) Game theory. MIT Press, Cambridge · Zbl 1339.91001 |
| [19] | Gibbons R (1992) Game theory for applied economists. Princeton University Press, Princeton |
| [20] | Halkidi M, Batistakis Y, Vazirgiannis M (2001) On clustering validation techniques. J Intell Inf Syst 17(2/3):107-145 · Zbl 0998.68154 · doi:10.1023/A:1012801612483 |
| [21] | Hall M, Frank E, Holmes G, Pfahringer B, Reutemann P, Witten IH (2009) The weka data mining software: an update. SIGKDD Explor Newsl 11(1):10-18 · doi:10.1145/1656274.1656278 |
| [22] | Hamming R (1950) Error detecting and error correcting codes. Games Econ Behav 29(2):147-160 · Zbl 1402.94084 |
| [23] | Harsanyi JC (1968) Games with incomplete information played by bayesian players. The basic probability distribution of the game. Manag Sci 14(7):486-502 · Zbl 0177.48501 · doi:10.1287/mnsc.14.7.486 |
| [24] | Kantarcioglu M, Xi B, Clifton C (2011) Classifier evaluation and attribute selection against active adversaries. Data Min Knowl Discov 22:291-335 · Zbl 1235.62067 · doi:10.1007/s10618-010-0197-3 |
| [25] | L’Huillier G, Hevia A, Weber R, Rios S (2010) Latent semantic analysis and keyword extraction for phishing classification. In: ISI’10: Proceedings of the IEEE international conference on intelligence and security informatics, Vancouver, pp 129-131 |
| [26] | Liu W, Chawla S (2010) Mining adversarial patterns via regularized loss minimization. Mach Learn 81:69-83 · Zbl 1470.68137 · doi:10.1007/s10994-010-5199-2 |
| [27] | Lowd D, Meek C (2005) Adversarial learning. In: KDD ’05: Proceedings of the eleventh ACM SIGKDD international conference on Knowledge discovery in data mining, ACM, New York, pp 641-647 |
| [28] | McKelvey R, Palfrey T (1998) Quantal response equilibria for extensive form games. Exp Econ 1(1):9-41 · Zbl 0920.90141 · doi:10.1023/A:1009905800005 |
| [29] | McKelvey RD, McLennan AM, Turocy TL (2010) Gambit: Software tools for game theory, version 0.2010.09.01. [online: Accessed 25 Nov 2012], http://www.gambit-project.org |
| [30] | Nazario J (2007) Phishing corpus. [online: Accessed 25 Nov 2012], http://bit.ly/jnazariophishing |
| [31] | Papadimitriou CH, Tamaki H, Raghavan P, Vempala S (1998) Latent semantic indexing: a probabilistic analysis. In: PODS ’98: Proceedings of the seventeenth ACM SIGACT-SIGMOD-SIGART symposium on Principles of database systems, ACM, New York, pp 159-168 · Zbl 0963.68063 |
| [32] | Peters G, Weber R, Nowatzke R (2012) Dynamic rough clustering and its applications. Appl Soft Comput 12(10):3193-3207 · doi:10.1016/j.asoc.2012.05.015 |
| [33] | Peters G, Crespo F, Lingras P, Weber R (2013) Soft clustering: fuzzy and rough approaches and their extensions and derivatives. Int J Approx Reason 54(2):307-322 · doi:10.1016/j.ijar.2012.10.003 |
| [34] | Platt JC (1999) Fast training of support vector machines using sequential minimal optimization. In: Advances in kernel methods, MIT Press, Cambridge, pp 185-208 |
| [35] | Rosenblatt F (1962) Principles of neurodynamics: perceptrons and the theory of brain mechanisms. Spartan Books, Washington · Zbl 0143.43504 |
| [36] | Salton G, Wong A, Yang CS (1975) A vector space model for automatic indexing. Commun ACM 18(11):613-620 · Zbl 0313.68082 · doi:10.1145/361219.361220 |
| [37] | Sculley D, Wachman GM (2007) Relaxed online SVMS for spam filtering. In: SIGIR ’07: Proceedings of the 30th annual international ACM SIGIR conference on Research and development in information retrieval, ACM, New York, pp 415-422 |
| [38] | Tambe M (2011) Security and game theory: algorithms, deployed systems, lessons learned. Cambridge University Press, New York · Zbl 1235.91005 · doi:10.1017/CBO9780511973031 |
| [39] | Turocy TL (2005) A dynamic homotopy interpretation of the logistic quantal response equilibrium correspondence. Games Econ Behav 51(2):243-263 · Zbl 1099.91005 · doi:10.1016/j.geb.2004.04.003 |
| [40] | Turocy TL (2010) Using quantal response to compute nash and sequential equilibria. Econ Theory 42(1):255-269 · Zbl 1197.91042 · doi:10.1007/s00199-009-0443-3 |
| [41] | Vapnik VN (1995) The nature of statistical learning theory. Springer, New York · Zbl 0833.62008 · doi:10.1007/978-1-4757-2440-0 |
| [42] | Velasquez JD, Rios SA, Bassi A, Yasuda H, Aoki T (2005) Towards the identification of keywords in the web site text content: a methodological approach. Int J Web Inf Syst 1(1):53-57 · doi:10.1108/17440080580000083 |
| [43] | Wu X, Srihari R (2004) Incorporating prior knowledge with weighted margin support vector machines. In: KDD ’04: Proceedings of the tenth ACM SIGKDD international conference on Knowledge discovery and data mining, ACM, New York, pp 326-333 |
| [44] | Xu R, Wunsch DC (2005) Survey of clustering algorithms. IEEE Trans Neural Netw 16(3):645-678 · doi:10.1109/TNN.2005.845141 |
| [45] | Zareapoor M, Seeja K (2015) Text mining for phishing e-mail detection. In: Jain LC, Patnaik S, Ichalkaranje N (eds) Intelligent computing, communication and devices, advances in intelligent systems and computing. Springer India, pp 65-71. doi:10.1007/978-81-322-2012-1_8 |
| [46] | Zhou Y, Kantarcioglu M, Thuraisingham B, Xi B (2012) Adversarial support vector machine learning. In: Proceedings of the 18th ACM SIGKDD international conference on knowledge discovery and data mining, ACM, KDD ’12, New York, pp 1059-1067 |
This reference list is based on information provided by the publisher or from digital mathematics libraries. Its items are heuristically matched to zbMATH identifiers and may contain data conversion errors. In some cases that data have been complemented/enhanced by data from zbMATH Open. This attempts to reflect the references listed in the original paper as accurately as possible without claiming completeness or a perfect matching.
