Title :
Hardening adversarial prediction with anomaly tracking
Author :
Bourassa, M.A.J. ; Skillicorn, D.B.
Author_Institution :
Dept. of Math. & Comput. Sci., R. Mil. Coll. of Canada, Kingston, ON
Abstract :
Predictors are often regarded as black boxes that treat all incoming records exactly the same, regardless of whether or not they resemble those from which the predictor was built. This is inappropriate, especially in adversarial settings where rare but unusual records are of critical importance and some records might occur because of deliberate attempts to subvert the entire process. We suggest that any predictor can, and should, be hardened by including three extra functions that watch for different forms of anomaly: input records that are unlike those previously seen (novel records); records that imply that the predictor is not accurately modelling reality (interesting records); and trends in predictor behavior that imply that reality is changing and the predictor should be updated. Detecting such anomalies prevents silent poor predictions, and allows for responses, such as: human intervention, using a variant process for some records, or triggering a predictor update.
Keywords :
data mining; security of data; adversarial settings; anomaly tracking; human intervention; variant process; Computer science; Data analysis; Data engineering; Educational institutions; Humans; Mathematics; Military computing; Predictive models; Turing machines; Watches;
Conference_Titel :
Intelligence and Security Informatics, 2009. ISI '09. IEEE International Conference on
Conference_Location :
Dallas, TX
Print_ISBN :
978-1-4244-4171-6
Electronic_ISBN :
978-1-4244-4173-0
DOI :
10.1109/ISI.2009.5137269
