Explanation-Guided Diagnosis of Machine Learning Evasion Attacks

Add code
Jun 30, 2021
Abderrahmen Amich, Birhanu Eshete
Figure 1 for Explanation-Guided Diagnosis of Machine Learning Evasion Attacks
Figure 2 for Explanation-Guided Diagnosis of Machine Learning Evasion Attacks
Figure 3 for Explanation-Guided Diagnosis of Machine Learning Evasion Attacks
Figure 4 for Explanation-Guided Diagnosis of Machine Learning Evasion Attacks

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon

Machine Learning (ML) models are susceptible to evasion attacks. Evasion accuracy is typically assessed using aggregate evasion rate, and it is an open question whether aggregate evasion rate enables feature-level diagnosis on the effect of adversarial perturbations on evasive predictions. In this paper, we introduce a novel framework that harnesses explainable ML methods to guide high-fidelity assessment of ML evasion attacks. Our framework enables explanation-guided correlation analysis between pre-evasion perturbations and post-evasion explanations. Towards systematic assessment of ML evasion attacks, we propose and evaluate a novel suite of model-agnostic metrics for sample-level and dataset-level correlation analysis. Using malware and image classifiers, we conduct comprehensive evaluations across diverse model architectures and complementary feature representations. Our explanation-guided correlation analysis reveals correlation gaps between adversarial samples and the corresponding perturbations performed on them. Using a case study on explanation-guided evasion, we show the broader usage of our methodology for assessing robustness of ML models.

* To appear in the proceedings of the 17th EAI International Conference on Security and Privacy in Communication Networks (SecureComm 2021)  
View paper onarxiv icon

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon