MISLEAD: Manipulating Importance of Selected features for Learning   Epsilon in Evasion Attack Deception

Vidit Khazanchi; Pavan Kulkarni; Yuvaraj Govindarajulu; Manojkumar; Parmar

arXiv:2404.15656·cs.LG·May 3, 2024

MISLEAD: Manipulating Importance of Selected features for Learning Epsilon in Evasion Attack Deception

Vidit Khazanchi, Pavan Kulkarni, Yuvaraj Govindarajulu, Manojkumar, Parmar

PDF

Open Access

TL;DR

This paper introduces a novel method combining SHAP analysis with an Optimal Epsilon technique to precisely craft adversarial examples, revealing vulnerabilities in machine learning models and emphasizing the need for ongoing security assessments.

Contribution

It presents a new approach that integrates feature importance analysis with an efficient epsilon search to improve evasion attack precision on ML models.

Findings

01

Effective identification of model vulnerabilities using SHAP

02

Precise generation of adversarial samples with minimal perturbation

03

Demonstrated applicability across diverse ML architectures

Abstract

Emerging vulnerabilities in machine learning (ML) models due to adversarial attacks raise concerns about their reliability. Specifically, evasion attacks manipulate models by introducing precise perturbations to input data, causing erroneous predictions. To address this, we propose a methodology combining SHapley Additive exPlanations (SHAP) for feature importance analysis with an innovative Optimal Epsilon technique for conducting evasion attacks. Our approach begins with SHAP-based analysis to understand model vulnerabilities, crucial for devising targeted evasion strategies. The Optimal Epsilon technique, employing a Binary Search algorithm, efficiently determines the minimum epsilon needed for successful evasion. Evaluation across diverse machine learning architectures demonstrates the technique's precision in generating adversarial samples, underscoring its efficacy in manipulating…

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsInformation and Cyber Security · Network Security and Intrusion Detection · Adversarial Robustness in Machine Learning