Abstract: Learning-based pattern classifiers are currently used in several applications, like biometric recognition, spam filtering, and intrusion detection in computer networks, which are different from traditional pattern recognition tasks. The difference lies in the fact that in these applications an intelligent, adaptive adversary can actively manipulate patterns with the aim of making a classifier ineffective, namely, with the aim of evading it. Traditional machine learning techniques do not take into account the adversarial nature of classification problems like the ones mentioned above. One of the consequences is that the performance of standard pattern classifiers can significantly degrade when they are used in adversarial tasks. This kind of problem has been named adversarial classification, and is the subject of an emerging research field in the machine learning community.
The purposes of this tutorial are: (a) to introduce the audience to the fundamentals of adversarial machine learning; (b) to illustrate the design cycle of a learning-based pattern recognition system for adversarial tasks, (c) to present the new techniques that have been recently proposed to assess performance of pattern classifiers under attack, evaluate classifiers’ vulnerabilities, and implement defence strategies that make learning algorithms and pattern classifiers more robust against attacks; (d) to show some applications of adversarial machine learning to signal processing tasks like biometric recognition and spam filtering.
Bio: Fabio Roli received his M.S. degree, with honours, and Ph.D. degree in Electronic Engineering from the University of Genoa, Italy. He was a member of the research group on Image Processing and Understanding of the University of Genoa, Italy, from 1988 to 1994. He was adjunct professor at the University of Trento, Italy, in 1993 and 1994. In 1995, he joined the Dept. of Electrical and Electronic Engineering of the University of Cagliari, Italy, where he is now professor of computer engineering and Director of the research lab on pattern recognition and applications (http://pralab.diee.unica.it). Dr Roli’s research activity is focused on the design of pattern recognition systems and their applications to biometric personal identification, multimedia text categorization, and computer security. He is Fellow of the IEEE, and Fellow of the International Association for Pattern Recognition.