Name
Title | ||
|---|---|---|
Robustness Analysis Of Classical And Fuzzy Decision Trees Under Adversarial Evasion Attack |
Abstract | ||
|---|---|---|
Although decision trees have been widely applied to different security related applications, their security has not been investigated extensively in an adversarial environment. This work aims to study the robustness of classical decision tree (DT) and Fuzzy decision tree (FDT) under evasion attack that manipulate the features in order to mislead the decision of a classifier. To the best of our knowledge, existing attack methods cannot be applied to DT due to non-differentiation of its decision function. This is the first attack model designed for both DT and FDT. Our model quantifies the influence of changing a feature on the decision. The effectiveness of our method is compared with Papernot (PPNT) and Robustness Verification of Tree-based Models (RVTM), which are state-of-the-art attack methods for DT, and the attack methods employing surrogate and Generative Adversarial Network (GAN) methods. The experimental results suggest that the fuzzifying process increases the robustness of DT. Moreover, FDT with more membership functions is more vulnerable since a smaller number of features is usually used. This study fills the gap of examining the security issue of fuzzy systems in an adversarial environment. (C) 2021 Elsevier B.V. All rights reserved. |
Year | DOI | Venue |
|---|---|---|
2021 | 10.1016/j.asoc.2021.107311 | APPLIED SOFT COMPUTING |
Keywords | DocType | Volume |
Adversarial learning, Decision tree, Fuzzy decision tree, Robustness, Evasion attack | Journal | 107 |
ISSN | Citations | PageRank |
1568-4946 | 0 | 0.34 |
References | Authors | |
0 | 5 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Patrick P.K. Chan | 1 | 0 | 0.34 |
| Juan Zheng | 2 | 0 | 0.34 |
| Han Liu | 3 | 1 | 2.71 |
| E.C.C. Tsang | 4 | 0 | 0.34 |
| Daniel S. Yeung | 5 | 0 | 0.34 |