Development of Robust Defending Mechanism against Adversarial Attacks in Classification Models

Abstract

Machine learning plays an important role in various security related applications such as spam filtering, malware detection, intrusion detection, bio metric applications etc. Data distributions in training and test data are assumed to be similar in machine learning algorithms. Data naturally evolve over time, causing the test data distribution to diverge from the training data distribution, and malicious adversaries will alter the training data. Due to these reasons the above mentioned assumptions fail. Most of the real time applications use data that arrive dynamically for retraining the model. So the adversary attempts to develop crafted and manipulated data points in the training data (poisoning attack) which reduce the performance of the machine learning models newline