Adversarial ML
Author
Bhavya Shah
Last Updated
před 5 lety
License
Creative Commons CC BY 4.0
Abstract
About Adversarial Machine Learning
About Adversarial Machine Learning
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% Jacobs Landscape Poster
% LaTeX Template
% Version 1.0 (29/03/13)
%
% Created by:
% Computational Physics and Biophysics Group, Jacobs University
% https://teamwork.jacobs-university.de:8443/confluence/display/CoPandBiG/LaTeX+Poster
%
% Further modified by:
% Nathaniel Johnston (nathaniel@njohnston.ca)
%
% This template has been downloaded from:
% http://www.LaTeXTemplates.com
%
%
% Masaryk University presentation themes were downloaded from:
% https://www.overleaf.com/gallery/tagged/muni
%
% and ported into Jacobs Landscape Poster by:
% Jumaidil Awal (ideal1st.here@googlemail.com)
%
% Jacobs Landscape Poster License:
% CC BY-NC-SA 3.0 (http://creativecommons.org/licenses/by-nc-sa/3.0/)
%
% Masaryk University's fibeamer theme license:
% Copyright 2015 Vít Novotný <witiko@mail.muni.cz>
% Faculty of Informatics, Masaryk University (Brno, Czech Republic)
% under Latex Project Public License
%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%----------------------------------------------------------------------------------------
% PACKAGES AND OTHER DOCUMENT CONFIGURATIONS
%----------------------------------------------------------------------------------------
\documentclass[final]{beamer}
\usepackage[scale=1.24]{beamerposter} % Use the beamerposter package for laying out the poster
%\usetheme{confposter} % Use the confposter theme supplied with this template
\usetheme[faculty=chemo]{fibeamer} % Uncomment to use Masaryk University's fibeamer theme instead.
%\setbeamercolor{block title}{fg=ngreen,bg=white} % Colors of the block titles
%\setbeamercolor{block body}{fg=black,bg=white} % Colors of the body of blocks
%\setbeamercolor{block alerted title}{fg=white,bg=dblue!70} % Colors of the highlighted block titles
%\setbeamercolor{block alerted body}{fg=black,bg=dblue!10} % Colors of the body of highlighted blocks
% Many more colors are available for use in beamerthemeconfposter.sty
%-----------------------------------------------------------
% Define the column widths and overall poster size
% To set effective sepwid, onecolwid and twocolwid values, first choose how many columns you want and how much separation you want between columns
% In this template, the separation width chosen is 0.024 of the paper width and a 4-column layout
% onecolwid should therefore be (1-(# of columns+1)*sepwid)/# of columns e.g. (1-(4+1)*0.024)/4 = 0.22
% Set twocolwid to be (2*onecolwid)+sepwid = 0.464
% Set threecolwid to be (3*onecolwid)+2*sepwid = 0.708
\newlength{\sepwid}
\newlength{\onecolwid}
\newlength{\twocolwid}
\newlength{\threecolwid}
\setlength{\paperwidth}{46.8in} % A0 width: 46.8in
\setlength{\paperheight}{33.1in} % A0 height: 33.1in
\setlength{\sepwid}{0.024\paperwidth} % Separation width (white space) between columns
\setlength{\onecolwid}{0.21\paperwidth} % Width of one column
\setlength{\twocolwid}{0.451\paperwidth} % Width of two columns
\setlength{\threecolwid}{0.678\paperwidth} % Width of three columns
%\setlength{\topmargin}{-0.5in} % Reduce the top margin size
%-----------------------------------------------------------
\usepackage{graphicx} % Required for including images
\usepackage{booktabs} % Top and bottom rules for tables
%----------------------------------------------------------------------------------------
% TITLE SECTION
%----------------------------------------------------------------------------------------
\title{Adversarial Machine LLearning} % Poster title
\author{Bhavya Shah, Parvez Faruki} % Author(s)
\institute{Government MCA College, Ahmedabad} % Institution(s)
%----------------------------------------------------------------------------------------
\begin{document}
\addtobeamertemplate{block end}{}{\vspace*{2ex}} % White space under blocks
\addtobeamertemplate{block example end}{}{\vspace*{2ex}} % White space under example blocks
\addtobeamertemplate{block alerted end}{}{\vspace*{2ex}} % White space under highlighted (alert) blocks
\setlength{\belowcaptionskip}{2ex} % White space under figures
\setlength\belowdisplayshortskip{2ex} % White space under equations
%\begin{darkframes} % Uncomment for dark theme, don't forget to \end{darkframes}
\begin{frame} % The whole poster is enclosed in one beamer frame
%==========================Begin Head===============================
\begin{columns}
\begin{column}{\linewidth}
\vskip1cm
\centering
\usebeamercolor{title in headline}{\color{fg}\Huge{\textbf{\inserttitle}}\\[0.5ex]}
\usebeamercolor{author in headline}{\color{fg}\Large{\insertauthor}\\[1ex]}
\usebeamercolor{institute in headline}{\color{fg}\large{\insertinstitute}\\[1ex]}
\vskip1cm
\end{column}
\vspace{1cm}
\end{columns}
\vspace{1cm}
%==========================End Head===============================
\begin{columns}[t] % The whole poster consists of three major columns, the second of which is split into two columns twice - the [t] option aligns each column's content to the top
\begin{column}{\sepwid}\end{column} % Empty spacer column
\begin{column}{\onecolwid} % The first column
%----------------------------------------------------------------------------------------
% OBJECTIVES
%----------------------------------------------------------------------------------------
\begin{exampleblock}{Objectives}
The field of adversarial machine learning is also useful for identification of vulnerabilities in a machine learning approach in presence of adversarial settings
\begin{itemize}
\item Illustrate the design cycle of a learning-based pattern recognition system for adversarial tasks.
\item Performance of pattern classifiers and deep learning algorithms under attack, evaluate their vulnerabilities.
\item Pattern recognition tasks like object recognition in images, biometric identity recognition, spam and malware detection.
\end{itemize}
\end{exampleblock}
%----------------------------------------------------------------------------------------
% INTRODUCTION
%----------------------------------------------------------------------------------------
\begin{exampleblock}{Introduction}
Deep neural networks and \textbf{machine-learning} algorithms are currently used in several applications, ranging from computer vision to computer security.
Many areas of machine learning are \textbf{adversarial} in nature because they are safety critical, such as autonomous driving. An adversary can be a cyber attacker or malware author attacking the model by causing congestion among users, or may create accidental situations, or may even model expose vulnerabilities in the prediction module by creating undesired situation. \cite{Smith:2012qr}.
\end{exampleblock}
%------------------------------------------------
\begin{figure}
\includegraphics[width=0.4\linewidth]{img/glogo.png}
\end{figure}
%----------------------------------------------------------------------------------------
\end{column} % End of the first column
\begin{column}{\sepwid}\end{column} % Empty spacer column
\begin{column}{\twocolwid} % Begin a column which is two columns wide (column 2)
\begin{columns}[t,totalwidth=\twocolwid] % Split up the two columns wide column
\begin{column}{\onecolwid}\vspace{-.74in} % The first column within column 2 (column 2.1)
%----------------------------------------------------------------------------------------
% MATERIALS
%----------------------------------------------------------------------------------------
\begin{exampleblock}{Materials}
Pattern classifiers can be significantly vulnerable to well-crafted, sophisticated attacks exploiting knowledge of the learning algorithms. Being increasingly adopted for security and privacy tasks, it is very likely that such techniques will be soon targeted by specific attacks, crafted by skilled attackers. Larger number of potential attack scenarios, respectively referred to as evasion and poisoning attacks.
\end{exampleblock}
\begin{exampleblock}{Mathematical Section}
\textbf{Poisoning attacks} include those systems that exploit feedback from the end users to validate their decisions.PDFRate an online tool for detecting malware in PDF files.
\textbf{Evasion attacks} consist of manipulating input data at test time to cause misclassifications. Which manipulation of malware code to have the corresponding sample undetected.
\end{exampleblock}
%----------------------------------------------------------------------------------------
\end{column} % End of column 2.1
\begin{column}{\sepwid}\end{column} % Empty spacer column
\begin{column}{\onecolwid}\vspace{-.74in} % The second column within column 2 (column 2.2)
%----------------------------------------------------------------------------------------
% METHODS
%----------------------------------------------------------------------------------------
\begin{exampleblock}{Methods}
\begin{enumerate}
\item Poisoning (Causative) Attack : Attack on training phase. Attackers attempt to learn, influence, or corrupt the ML model itself.
\begin{figure}
\includegraphics[width=1\linewidth]{img/poisoning.png}
\end{figure}
\item Evasion (Exploratory) Attack : Attack on testing phase. Do not tamper with ML model, but instead cause it to produce adversary selected outputs.
\begin{figure}
\includegraphics[width=1\linewidth]{img/evasion.png}
\end{figure}
\end{enumerate}
\end{exampleblock}
%----------------------------------------------------------------------------------------
\end{column} % End of column 2.2
\end{columns} % End of the split of column 2 - any content after this will now take up 2 columns width
%----------------------------------------------------------------------------------------
% IMPORTANT RESULT
%----------------------------------------------------------------------------------------
\begin{alertblock}{Important Result}
\begin{figure}
\includegraphics[width=1\linewidth]{img/result.PNG}
\end{figure}
Images that can be misclassified by deep-learning algorithms while being only imperceptibly distorted. evasion attacks are thus already a relevant threat in real-world application settings.
\end{alertblock}
%----------------------------------------------------------------------------------------
\begin{columns}[t,totalwidth=\twocolwid] % Split up the two columns wide column again
\begin{column}{\onecolwid} % The first column within column 2 (column 2.1)
%----------------------------------------------------------------------------------------
% MATHEMATICAL SECTION
%----------------------------------------------------------------------------------------
%----------------------------------------------------------------------------------------
\end{column} % End of column 2.1
\begin{column}{\sepwid}\end{column} % Empty spacer column
\begin{column}{\onecolwid} % The second column within column 2 (column 2.2)
%----------------------------------------------------------------------------------------
% RESULTS
%----------------------------------------------------------------------------------------
\begin{exampleblock}{Results}
\begin{figure}
\includegraphics[width=0.8\linewidth]{img/placeholder.jpg}
\caption{Figure caption}
\end{figure}
Nunc tempus venenatis facilisis. Curabitur suscipit consequat eros non porttitor. Sed a massa dolor, id ornare enim:
\begin{table}
\vspace{2ex}
\begin{tabular}{l l l}
\toprule
\textbf{Treatments} & \textbf{Response 1} & \textbf{Response 2}\\
\midrule
Treatment 1 & 0.0003262 & 0.562 \\
Treatment 2 & 0.0015681 & 0.910 \\
Treatment 3 & 0.0009271 & 0.296 \\
\bottomrule
\end{tabular}
\caption{Table caption}
\end{table}
\end{exampleblock}
%----------------------------------------------------------------------------------------
\end{column} % End of column 2.2
\end{columns} % End of the split of column 2
\end{column} % End of the second column
\begin{column}{\sepwid}\end{column} % Empty spacer column
\begin{column}{\onecolwid} % The third column
%----------------------------------------------------------------------------------------
% CONCLUSION
%----------------------------------------------------------------------------------------
\begin{exampleblock}{Conclusion}
Nunc tempus venenatis facilisis. \textbf{Curabitur suscipit} consequat eros non porttitor. Sed a massa dolor, id ornare enim. Fusce quis massa dictum tortor \textbf{tincidunt mattis}. Donec quam est, lobortis quis pretium at, laoreet scelerisque lacus. Nam quis odio enim, in molestie libero. Vivamus cursus mi at \textit{nulla elementum sollicitudin}.
\end{exampleblock}
%----------------------------------------------------------------------------------------
% ADDITIONAL INFORMATION
%----------------------------------------------------------------------------------------
\begin{exampleblock}{Additional Information}
Maecenas ultricies feugiat velit non mattis. Fusce tempus arcu id ligula varius dictum.
\begin{itemize}
\item Curabitur pellentesque dignissim
\item Eu facilisis est tempus quis
\item Duis porta consequat lorem
\item Duis porta consequat lorem
\end{itemize}
\end{exampleblock}
%----------------------------------------------------------------------------------------
% REFERENCES
%----------------------------------------------------------------------------------------
\begin{exampleblock}{References}
\nocite{*} % Insert publications even if they are not cited in the poster
\small{\bibliographystyle{unsrt}
\bibliography{sample}\vspace{1cm}}
\end{exampleblock}
%----------------------------------------------------------------------------------------
% ACKNOWLEDGEMENTS
%----------------------------------------------------------------------------------------
%\setbeamercolor{block title}{fg=red,bg=white} % Change the block title color
%\begin{exampleblock}{Acknowledgements}
%\small{\rmfamily{Nam mollis tristique neque eu luctus. Suspendisse rutrum congue nisi sed convallis. Aenean id neque dolor. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas.}} \\
%\end{exampleblock}
%----------------------------------------------------------------------------------------
% CONTACT INFORMATION
%----------------------------------------------------------------------------------------
%\setbeamercolor{block alerted title}{fg=black,bg=norange} % Change the alert block title colors
%\setbeamercolor{block alerted body}{fg=black,bg=white} % Change the alert block body colors
\begin{block}{Contact Information}
\begin{itemize}
\item Web: \href{http://ideal1st.com/}{http://ideal1st.com/}
\item Email: \href{mailto:ideal1st.here@gmail.com}{ideal1st.here@gmail.com}
\end{itemize}
\end{block}
\begin{tabular}{rr}
\hspace{0.3\linewidth} & \includegraphics[width=0.5\linewidth]{img/logo.png}
\end{tabular}
%----------------------------------------------------------------------------------------
\end{column} % End of the third column
\begin{column}{\sepwid}\end{column} % Empty spacer column
\end{columns} % End of all the columns in the poster
\end{frame} % End of the enclosing frame
%\end{darkframes} % Uncomment for dark theme
\end{document}