Exploiting machine learning to subvert your spam filter 论文
2008Edinburgh Research Explorer (University of Edinburgh)引用 325
Network Security and Intrusion DetectionSpam and Phishing DetectionInternet Traffic Analysis and Secure E-voting
摘要
Using statistical machine learning for making security decisions introduces new vulnerabilities in large scale systems. This paper shows how an adversary can exploit statistical machine learning, as used in the SpamBayes spam filter, to render it useless—even if the adversary’s access is limited to only 1 % of the training messages. We further demonstrate a new class of focused attacks that successfully prevent victims from receiving specific email messages. Finally, we introduce two new types of defenses against these attacks. 1