Abstract | ||
---|---|---|
We consider systems that use PCA-based detectors obtained from a comprehensive view of the network's traffic to identify anomalies in backbone networks. To assess these detectors' susceptibility to adversaries wishing to evade detection, we present and evaluate short-term and long-term data poisoning schemes that trade-off between poisoning duration and the volume of traffic injected for poisoning. Stealthy Boiling Frog attacks significantly reduce chaff volume,while only moderately increasing poisoning duration. ROC curves provide a comprehensive analysis of PCA-based detection on contaminated data, and show that even small attacks can undermine this otherwise successful anomaly detector. |
Year | DOI | Venue |
---|---|---|
2009 | 10.1145/1639562.1639592 | SIGMETRICS Performance Evaluation Review |
Keywords | Field | DocType |
principal components analysis,adversarial learning,stealthy boiling frog attack,chaff volume,long-term data poisoning scheme,comprehensive view,network traffic analysis,pca-based detector,stealthy poisoning attack,roc curve,pca-based anomaly detector,contaminated data,pca-based detection,comprehensive analysis,poisoning duration,principal component analysis | Data mining,Receiver operating characteristic,Computer science,Chaff,Detector,Principal component analysis | Journal |
Volume | Issue | Citations |
37 | 2 | 14 |
PageRank | References | Authors |
0.76 | 3 | 8 |
Name | Order | Citations | PageRank |
---|---|---|---|
Benjamin I.P. Rubinstein | 1 | 210 | 10.37 |
Blaine Nelson | 2 | 1127 | 58.95 |
Ling Huang | 3 | 2496 | 118.80 |
D. Joseph | 4 | 5463 | 492.96 |
Shing-Hon Lau | 5 | 95 | 4.83 |
Satish Rao | 6 | 4104 | 439.00 |
Nina Taft | 7 | 2109 | 154.92 |
J. D. Tygar | 8 | 5516 | 587.67 |