Classifiers Under Attack: Evasion Techniques and Defensive Strategies
USENIX Enigma Conference via YouTube
Overview
Syllabus
Intro
Adversaries Don't Cooperate
Focus: Evasion Attacks
PDF Malware Classifiers
Random Forest
Automated Classifier Evasion Using Genetic Programming
Goal: Find Evasive Variant
Start with Malicious Seed
Generating Variants
Selecting Promising Variants
Oracle
Fitness Function
Classifier Performance
Execution Cost
Retraining Classifier
Hide Classifier "Security Through Obscurity"
Cross-Evasion Effects
Evading Gmail's Classifier
Conclusion
Taught by
USENIX Enigma Conference