446 research outputs found

    On Security and Sparsity of Linear Classifiers for Adversarial Settings

    Full text link
    Machine-learning techniques are widely used in security-related applications, like spam and malware detection. However, in such settings, they have been shown to be vulnerable to adversarial attacks, including the deliberate manipulation of data at test time to evade detection. In this work, we focus on the vulnerability of linear classifiers to evasion attacks. This can be considered a relevant problem, as linear classifiers have been increasingly used in embedded systems and mobile devices for their low processing time and memory requirements. We exploit recent findings in robust optimization to investigate the link between regularization and security of linear classifiers, depending on the type of attack. We also analyze the relationship between the sparsity of feature weights, which is desirable for reducing processing cost, and the security of linear classifiers. We further propose a novel octagonal regularizer that allows us to achieve a proper trade-off between them. Finally, we empirically show how this regularizer can improve classifier security and sparsity in real-world application examples including spam and malware detection

    Social enrichment reverses the isolation-induced deficits of neuronal plasticity in the hippocampus of male rats

    Get PDF
    Environmental enrichment is known to improve brain plasticity and protect synaptic function from negative insults. In the present study we used the exposure to social enrichment to ameliorate the negative effect observed in post weaning isolated male rats in which neurotrophic factors, neurogenesis, neuronal dendritic trees and spines were altered markedly in the hippocampus. After the 4 weeks of post-weaning social isolation followed by 4 weeks of reunion, different neuronal growth markers as well as neuronal morphology were evaluated using different experimental approaches. Social enrichment restored the reduction of BDNF, NGF and Arc gene expression in the whole hippocampus of social isolated rats. This effect was paralleled by an increase in density and morphology of dendritic spines, as well as in neuronal tree arborisation in granule cells of the dentate gyrus. These changes were associated with a marked increase in neuronal proliferation and neurogenesis in the same hippocampal subregion that were reduced by social isolation stress. These results further suggest that the exposure to social enrichment, by abolishing the negative effect of social isolation stress on hippocampal plasticity, may improve neuronal resilience with a beneficial effect on cognitive function

    Neutrino masses from higher than d=5 effective operators

    Get PDF
    We discuss the generation of small neutrino masses from effective operators higher than dimension five, which open new possibilities for low scale see-saw mechanisms. In order to forbid the radiative generation of neutrino mass by lower dimensional operators, extra fields are required, which are charged under a new symmetry. We discuss this mechanism in the framework of a two Higgs doublet model. We demonstrate that the tree level generation of neutrino mass from higher dimensional operators often leads to inverse see-saw scenarios in which small lepton number violating terms are naturally suppressed by the new physics scale. Furthermore, we systematically discuss tree level generalizations of the standard see-saw scenarios from higher dimensional operators. Finally, we point out that higher dimensional operators can also be generated at the loop level. In this case, we obtain the TeV scale as new physics scale even with order one couplings.Comment: 22 pages, 3 figures, 2 tables. Some references adde

    Bimanual coupling effect during a proprioceptive stimulation

    Get PDF
    Circle-line drawing paradigm is used to study bimanual coupling. In the standard paradigm, subjects are asked to draw circles with one hand and lines with the other hand; the influence of the concomitant tasks results in two "elliptical" figures. Here we tested whether proprioceptive information evoked by muscle vibration inducing a proprioceptive illusion (PI) of movement at central level, was able to affect the contralateral hand drawing circles or lines. A multisite 80 Hz-muscle vibration paradigm was used to induce the illusion of circle- and line-drawing on the right hand of 15 healthy participants. During muscle vibration, subjects had to draw a congruent or an incongruent figure with the left hand. The ovalization induced by PI was compared with Real and Motor Imagery conditions, which already have proved to induce bimanual coupling. We showed that the ovalization of a perceived circle over a line drawing during PI was comparable to that observed in Real and Motor Imagery condition. This finding indicates that PI can induce bimanual coupling, and proprioceptive information can influence the motor programs of the contralateral hand

    Learning Robust Features for Gait Recognition by Maximum Margin Criterion

    Get PDF
    Extended abstract. The full research paper "Learning Robust Features for Gait Recognition by Maximum Margin Criterion" has been accepted for publication at the 23rd IEEE/IAPR International Conference on Pattern Recognition (ICPR 2016), Cancun, Mexico, December 2016

    Is Feature Selection Secure against Training Data Poisoning?

    Get PDF
    Learning in adversarial settings is becoming an important task for application domains where attackers may inject malicious data into the training set to subvert normal operation of data-driven technologies. Feature selection has been widely used in machine learning for security applications to improve generalization and computational efficiency, although it is not clear whether its use may be beneficial or even counterproductive when training data are poisoned by intelligent attackers. In this work, we shed light on this issue by providing a framework to investigate the robustness of popular feature selection methods, including LASSO, ridge regression and the elastic net. Our results on malware detection show that feature selection methods can be significantly compromised under attack (we can reduce LASSO to almost random choices of feature sets by careful insertion of less than 5% poisoned training samples), highlighting the need for specific countermeasures

    Equivalent effective Lagrangians for Scherk-Schwarz compactifications

    Get PDF
    We discuss the general form of the mass terms that can appear in the effective field theories of coordinate-dependent compactifications a la Scherk-Schwarz. As an illustrative example, we consider an interacting five-dimensional theory compactified on the orbifold S^1/Z_2, with a fermion subject to twisted periodicity conditions. We show how the same physics can be described by equivalent effective Lagrangians for periodic fields, related by field redefinitions and differing only in the form of the five-dimensional mass terms. In a suitable limit, these mass terms can be localized at the orbifold fixed points. We also show how to reconstruct the twist parameter from any given mass terms of the allowed form. Finally, after mentioning some possible generalizations of our results, we re-discuss the example of brane-induced supersymmetry breaking in five-dimensional Poincare' supergravity, and comment on its relation with gaugino condensation in M-theory.Comment: 17 pages, 3 figures. Published versio

    Empirical assessment of generating adversarial configurations for software product lines

    Get PDF
    Software product line (SPL) engineering allows the derivation of products tailored to stakeholders’ needs through the setting of a large number of configuration options. Unfortunately, options and their interactions create a huge configuration space which is either intractable or too costly to explore exhaustively. Instead of covering all products, machine learning (ML) approximates the set of acceptable products (e.g., successful builds, passing tests) out of a training set (a sample of configurations). However, ML techniques can make prediction errors yielding non-acceptable products wasting time, energy and other resources. We apply adversarial machine learning techniques to the world of SPLs and craft new configurations faking to be acceptable configurations but that are not and vice-versa. It allows to diagnose prediction errors and take appropriate actions. We develop two adversarial configuration generators on top of state-of-the-art attack algorithms and capable of synthesizing configurations that are both adversarial and conform to logical constraints. We empirically assess our generators within two case studies: an industrial video synthesizer (MOTIV) and an industry-strength, open-source Web-app configurator (JHipster). For the two cases, our attacks yield (up to) a 100% misclassification rate without sacrificing the logical validity of adversarial configurations. This work lays the foundations of a quality assurance framework for ML-based SPLs

    ImageNet-Patch: A dataset for benchmarking machine learning robustness against adversarial patches

    Get PDF
    Adversarial patches are optimized contiguous pixel blocks in an input image that cause a machine-learning model to misclassify it. However, their optimization is computationally demanding, and requires careful hyperparameter tuning, potentially leading to suboptimal robustness evaluations. To overcome these issues, we propose ImageNet-Patch, a dataset to benchmark machine-learning models against adversarial patches. The dataset is built by first optimizing a set of adversarial patches against an ensemble of models, using a state-of-the-art attack that creates transferable patches. The corresponding patches are then randomly rotated and translated, and finally applied to the ImageNet data. We use ImageNet-Patch to benchmark the robustness of 127 models against patch attacks, and also validate the effectiveness of the given patches in the physical domain (i.e., by printing and applying them to real-world objects). We conclude by discussing how our dataset could be used as a benchmark for robustness, and how our methodology can be generalized to other domains. We open source our dataset and evaluation code at https://github.com/pralab/ImageNet-Patch
    • …
    corecore