A critical challenge in deep learning is the vulnerability of deep learning networks to security attacks from intelligent cyber adversaries. Even innocuous perturbations to the training data can be used to manipulate the behaviour of deep networks in unintended ways. In this book, we review the latest developments in adversarial attack technologies in computer vision; natural language processing; and cybersecurity with regard to multidimensional, textual and image data, sequence data, and temporal data. In turn, we assess the robustness properties of deep learning networks to produce a taxonomy of adversarial examples that characterises the security of learning systems using game theoretical adversarial deep learning algorithms. The state-of-the-art in adversarial perturbation-based privacy protection mechanisms is also reviewed. We propose new adversary types for game theoretical objectives in non-stationary computational learning environments. Proper quantification of the hypothesis set in the decision problems of our research leads to various functional problems, oracular problems, sampling tasks, and optimization problems. We also address the defence mechanisms currently available for deep learning models deployed in real-world environments. The learning theories used in these defence mechanisms concern data representations, feature manipulations, misclassifications costs, sensitivity landscapes, distributional robustness, and complexity classes of the adversarial deep learning algorithms and their applications. In closing, we propose future research directions in adversarial deep learning applications for resilient learning system design and review formalized learning assumptions concerning the attack surfaces and robustness characteristics of artificial intelligence applications so as to deconstruct the contemporary adversarial deep learning designs. Given its scope, the book will be of interest to Adversarial Machine Learning practitioners and Adversarial Artificial Intelligence researchers whose work involves the design and application of Adversarial Deep Learning.
Author(s): Aneesh Sreevallabh Chivukula , Xinghao Yang, Bo Liu, Wei Liu, Wanlei Zhou
Publisher: Springer
Year: 2023
Language: English
Pages: 302
1
Preface
Contents
List of Figures
List of Tables
978-3-030-99772-4_1
1 Adversarial Machine Learning
1.1 Adversarial Learning Frameworks
1.1.1 Adversarial Algorithms Comparisons
1.2 Adversarial Security Mechanisms
1.2.1 Adversarial Examples Taxonomies
1.3 Stochastic Game Illustration in Adversarial Deep Learning
978-3-030-99772-4_2
2 Adversarial Deep Learning
2.1 Learning Curve Analysis for Supervised Machine Learning
2.2 Adversarial Loss Functions for Discriminative Learning
2.3 Adversarial Examples in Deep Networks
2.4 Adversarial Examples for Misleading Classifiers
2.5 Generative Adversarial Networks
2.6 Generative Adversarial Networks for Adversarial Learning
2.6.1 Causal Feature Learning and Adversarial Machine Learning
2.6.2 Explainable Artificial Intelligence and Adversarial Machine Learning
2.6.3 Stackelberg Game Illustration in Adversarial Deep Learning
2.7 Transfer Learning for Domain Adaptation
2.7.1 Adversarial Examples in Transfer learning
2.7.2 Adversarial Examples in Domain Adaptation
2.7.3 Adversarial Examples in Cybersecurity Domains
978-3-030-99772-4_3
3 Adversarial Attack Surfaces
3.1 Security and Privacy in Adversarial Learning
3.1.1 Linear Classifier Attacks
3.2 Feature Weighting Attacks
3.3 Poisoning Support Vector Machines
3.4 Robust Classifier Ensembles
3.5 Robust Clustering Models
3.6 Robust Feature Selection Models
3.7 Robust Anomaly Detection Models
3.8 Robust Task Relationship Models
3.9 Robust Regression Models
3.10 Adversarial Machine Learning in Cybersecurity
3.10.1 Sensitivity Analysis of Adversarial Deep Learning
978-3-030-99772-4_4
4 Game Theoretical Adversarial Deep Learning
4.1 Game Theoretical Learning Models
4.1.1 Fundamentals of Game Theory
4.1.2 Game Theoretical Data Mining
4.1.3 Cost-Sensitive Adversaries
4.1.4 Adversarial Training Strategies
4.2 Game Theoretical Adversarial Learning
4.2.1 Multilevel and Multi-stage Optimization in Game Theoretical Adversarial Learning
4.3 Game Theoretical Adversarial Deep Learning
4.3.1 Overall Structure of Learning Model in Variational Game
4.3.2 The Differences Between Our Method and GANs
4.3.3 Comparisons of Game Theoretical Adversarial Deep Learning Models
4.3.4 Comparisons Between Single Play Attacks and Multiple Play Attacks on Custom Loss Functions
4.3.5 Parallel Machines in Reduced Games
4.4 Stochastic Games in Predictive Modeling
4.4.1 Computational Learning Theory Frameworks to Analyze Game Theoretical Learning Algorithms
4.4.2 Game Theoretical Adversarial Deep Learning Algorithms in Information Warfare Applications
4.4.3 Game Theoretical Adversarial Deep Learning Algorithms in Cybersecurity Applications
4.5 Robust Game Theory in Adversarial Learning Games
4.5.1 Existence and Uniqueness of Game Theoretical Equilibrium Solutions
4.5.2 Optimal Control Theory and Robust Game Theory
978-3-030-99772-4_5
5 Adversarial Defense Mechanisms for Supervised Learning
5.1 Securing Classifiers Against Feature Attacks
5.2 Adversarial Classification Tasks with Regularizers
5.3 Adversarial Reinforcement Learning
5.3.1 Game Theoretical Adversarial Reinforcement Learning
5.4 Computational Optimization Algorithmics for Game Theoretical Adversarial Learning
5.4.1 Game Theoretical Learning
5.4.1.1 Randomization Strategies in Game Theoretical Adversarial Learning
5.4.1.2 Adversarial Deep Learning in Robust Games
5.4.1.3 Robust Optimization in Adversarial Learning
5.4.2 Generative Learning
5.4.2.1 Deep Generative Models for Game Theoretical Adversarial Learning
5.4.2.2 Mathematical Programming in Game Theoretical Adversarial Learning
5.4.2.3 Low-Rank Approximations in Game Theoretical Adversarial Learning
5.4.2.4 Relative Distribution Methods in Adversarial Deep Learning
5.5 Defense Mechanisms in Adversarial Machine Learning
5.5.1 Defense Mechanisms in Adversarial Deep Learning
5.5.2 Explainable Artificial Intelligence in Adversarial Deep Learning
978-3-030-99772-4_6
6 Physical World Adversarial Attacks on Images and Texts
6.1 Adversarial Attacks on Images
6.1.1 Gradient-Based Attack
6.1.2 Score-Based Attack
6.1.3 Decision-Based Attack
6.1.4 Transformation-Based Attack
6.2 Adversarial Attacks on Texts
6.2.1 Character-Level Attack
6.2.2 Sentence-Level Attack
6.2.3 Word-Level Attack
6.2.4 Multilevel Attack
6.3 Spam Filtering
6.3.1 Text Spam
6.3.2 Image Spam
6.3.3 Biometric Spam
978-3-030-99772-4_7
7 Adversarial Perturbation for Privacy Preservation
7.1 Adversarial Perturbation for Privacy Preservation
7.1.1 Visual Data Privacy Model
7.1.2 Privacy Protection Mechanisms Using Adversarial Perturbations
7.1.2.1 File-Level Privacy Protection
7.1.2.2 Object-Level Privacy Protection
7.1.2.3 Feature-Level Privacy Protection
7.1.3 Discussion and Future Works
1 (1)
References
References