Pattern classification systems are commonly used in adversarial applications, like biometric authentication, network intrusion detection, and spam filtering, in which data can be purposely manipulated by humans to undermine their operation. As this adversarial scenario is not taken into account by classical design methods, pattern classification systems may exhibit vulnerabilities, whose exploitation may severely affect their performance, and consequently limit their practical utility. In this paper, we address one of the main open issues: evaluating at design phase the security of pattern classifiers, namely, the performance degradation under potential attacks they may incur during operation. We propose a framework for empirical evaluation of classifier security that formalizes and generalizes the main ideas proposed in the literature, and give examples of its use in three real applications. Reported results show that security evaluation can provide a more complete understanding of the classifier’s behavior in adversarial environments, and lead to better design choice

Deepak, Immani

Ghosh, Ria M

International Journal of Innovative Technology and Research (IJITR)

      Immani Deepak * et al.  (IJITR) INTERNATIONAL JOURNAL OF INNOVATIVE TECHNOLOGY AND RESEARCH Volume No.5, Issue No.6, October - November 2017, 7705-7709.  2320 –5547 @ 2013-2017 http://www.ijitr.com All rights Reserved. Page | 7705 Security Evaluation Of Pattern Classifiers Under Attack IMMANI DEEPAK B. Tech Final Year, Department Of Computer Science ., Andhra University, Andhra Pradesh RIA M GHOSH B. Tech Final Year, Department Of Electronics And Communication  Engineering, Andhra University, Andhra Pradesh Abstract: Pattern classification systems are commonly used in adversarial applications, like biometric authentication, network intrusion detection, and spam filtering, in which data can be purposely manipulated by humans to undermine their operation. As this adversarial scenario is not taken into account by classical design methods, pattern classification systems may exhibit vulnerabilities, whose exploitation may severely affect their performance, and consequently limit their practical utility. In this paper, we address one of the main open issues: evaluating at design phase the security of pattern classifiers, namely, the performance degradation under potential attacks they may incur during operation. We propose a framework for empirical evaluation of classifier security that formalizes and generalizes the main ideas proposed in the literature, and give examples of its use in three real applications. Reported results show that security evaluation can provide a more complete understanding of the classifier’s behavior in adversarial environments, and lead to better design choices  Keywords: Data Mining; Java Technology; UML Diagrams; Data Flow Diagram; I. INTRODUCTION Generally, data mining (sometimes called data or knowledge discovery) is the process of analyzing data from different perspectives and summarizing it into useful information - information that can be used to increase revenue, cuts costs, or both. Data mining software is one of a number of analytical tools for analyzing data. It allows users to analyze data from many different dimensions or angles, categorize it, and summarize the relationships identified. Technically, data mining is the process of finding correlations or patterns among dozens of fields in large relational databases.   While large-scale information technology has been evolving separate transaction and analytical systems, data mining provides the link between the two. Data mining software analyzes relationships and patterns in stored transaction data based on open-ended user queries. Several types of analytical software are available: statistical, machine learning, and neural networks. Generally, any of four types of relationships are sought as Classes, Clusters, Associations, Sequential patterns. Data mining consists of five major elements: Extract, transform, and load transaction data onto the data warehouse system. Store and manage the data in a multidimensional database system. Provide data access to business analysts and information technology professionals. Analyze the data by application software. Present the data in a useful format, such as a graph or table. Different levels of analysis are available artificial neural networks, Genetic algorithms, Decision trees, nearest neighbor method, Rule induction, Data visualization. Characteristics of Data Mining are Large quantities of data, Noisy, incomplete data, Complex data structure, Heterogeneous data stored in legacy systems. Benefits of Data Mining: 1) It’s one of the most effective services that are available today. With the help of data mining, one can discover precious information about the customers and their behavior for a specific set of products and evaluate and analyze, store, mine and load data related to them 2) An analytical CRM model and strategic business related decisions can be made with the help of data mining as it helps in providing a complete synopsis of customers 3) An endless number of organizations have installed data mining projects and it has helped them see their own companies make an unprecedented improvement in their marketing strategies (Campaigns) 4) Data mining is generally used by organizations with a solid customer focus. For its flexible nature as far as applicability is concerned is being used vehemently in applications to foresee crucial data including industry analysis and consumer buying behaviors 5) Fast paced and prompt access to data along with economic processing techniques have made data mining one of the most suitable services that a company seek II. LITERATURE SURVEY A very effective means to evade signature-based intrusion detection systems (IDS) is to employ polymorphic techniques to generate attack       Immani Deepak * et al.  (IJITR) INTERNATIONAL JOURNAL OF INNOVATIVE TECHNOLOGY AND RESEARCH Volume No.5, Issue No.6, October - November 2017, 7705-7709.  2320 –5547 @ 2013-2017 http://www.ijitr.com All rights Reserved. Page | 7706 instances that do not share a fixed signature. Anomaly-based intrusion detection systems provide good defense because existing polymorphic techniques can make the attack instances look different from each other, but cannot make them look like normal. In this paper we introduce a new class of polymorphic attacks, called polymorphic blending attacks, that can effectively evade byte frequency-based network anomaly IDS by carefully matching the statistics of the mutated attack instances to the normal profiles. The proposed polymorphic blending attacks can be viewed as a subclass of the mimicry attacks. We take a systematic approach to the problem and formally describe the algorithms and steps required to carry out such attacks. We not only show that such attacks are feasible but also analyze the hardness of evasion under different circumstances. SOFTWARE ENVIRONMENT Java Technology Java technology is both a programming language and a platform. The Java Programming Language The Java programming language is a high-level language that can be characterized by all of the following buzzwords:  Simple  Architecture neutral  Object oriented  Portable  Distributed  High performance  Interpreted  Multithreaded  Robust  Dynamic  Secure  With most programming languages, you either compile or interpret a program so that you can run it on your computer. The Java programming language is unusual in that a program is both compiled and interpreted. With the compiler, first you translate a program into an intermediate language called Java byte codes the platform-independent codes interpreted by the interpreter on the Java platform. The interpreter parses and runs each Java byte code instruction on the computer. Compilation happens just once; interpretation occurs each time the program is executed. The following figure illustrates how this works. III. EXISTING SYSTEM In particular, three main open issues can be identified: (i) analyzing the vulnerabilities of classification algorithms, and the corresponding attacks. (ii) developing novel methods to assess classifier security against these attacks, which is not possible using classical performance evaluation methods . (iii) developing novel design methods to guarantee classifier security in adversarial environments .  DISADVANTAGES OF EXISTING SYSTEM 1. Poor analyzing the vulnerabilities of classification algorithms, and the corresponding attacks. 2.A malicious webmaster may manipulate search engine rankings to artificially promote her1 website.  IV. PROPOSED SYSTEM In this work we address issues  above by developing a framework for the empirical evaluation of classifier security at design phase that extends the model selection and performance evaluation steps of the classical design cycle .We summarize previous work, and point out three main ideas that emerge from it. We then formalize and generalize them in our framework ADVANTAGES OF PROPOSED SYSTEM 1.Prevents developing novel methods to assess classifier security against these attack. 2.The presence of an intelligent and adaptive adversary makes the classification problem highly non-stationary. SYSTEM REQUIREMENTS HARDWARE REQUIREMENTS  System  :    Pentium IV 2.4 GHz.  Hard Disk :   40 GB.  Floppy Drive :   1.44 Mb.  Monitor  :   15 VGA Colour.  Mouse  :   Logitech.  Ram  :   512 Mb. SOFTWARE REQUIREMENTS  Operating system     :  Windows XP/7  Coding Language     :  JAVA/J2EE  IDE      :  Netbeans 7.4  Database     :  MYSQL V. SYSTEM DESIGN SYSTEM ARCHITECTURE   DATA FLOW DIAGRAM The DFD is also called as bubble chart. It is a simple graphical formalism that can be used to represent a system in terms of input data to the system, various processing carried out on this data,       Immani Deepak * et al.  (IJITR) INTERNATIONAL JOURNAL OF INNOVATIVE TECHNOLOGY AND RESEARCH Volume No.5, Issue No.6, October - November 2017, 7705-7709.  2320 –5547 @ 2013-2017 http://www.ijitr.com All rights Reserved. Page | 7707 and the output data is generated by this system. The data flow diagram (DFD) is one of the most important modeling tools. It is used to model the system components. These components are the system process, the data used by the process, an external entity that interacts with the system and the information flows in the system. DFD shows how the information moves through the system and how it is modified by a series of transformations. It is a graphical technique that depicts information flow and the transformations that are applied as data moves from input to output. DFD is also known as bubble chart. A DFD may be used to represent a system at any level of abstraction. DFD may be partitioned into levels that represent increasing information flow and functional detail.  UML DIAGRAMS UML stands for Unified Modeling Language. UML is a standardized general-purpose modeling language in the field of object-oriented software engineering. The standard is managed, and was created by, the Object Management Group. The goal is for UML to become a common language for creating models of object oriented computer software. In its current form UML is comprised of two major components: a Meta-model and a notation. In the future, some form of method or process may also be added to; or associated with, UML.  ACTIVITY DIAGRAM Activity diagrams are graphical representations of workflows of stepwise activities and actions with support for choice, iteration and concurrency. In the Unified Modeling Language, activity diagrams can be used to describe the business and operational step-by-step workflows of components in a system. An activity diagram shows the overall flow of control.   VI. IMPLEMENTATION Attack Scenario and Model of the Adversary Although the definition of attack scenarios is ultimately an application-specific issue, it is possible to give general guidelines that can help the designer of a pattern recognition system. Here we propose to specify the attack scenario in terms of a conceptual model of the adversary that encompasses, unifies, and extends different ideas from previous work. Pattern Classification Multimodal biometric systems for personal identity recognition have received great interest in the past few years. It has been shown that combining information coming from different biometric traits can overcome the limits and the weaknesses inherent in every individual biometric, resulting in a higher accuracy. In this application example, we show how the designer of a multimodal system can verify if this hypothesis holds, before deploying the system, by simulating spoofing attacks against each of the matchers. Adversarial classification: Assume that a classifier has to discriminate between legitimate and spam emails on the basis of their textual content, and that the bag-of-words feature representation has been chosen, with binary features denoting the occurrence of a given set of words Security modules: Intrusion detection systems analyze network traffic to prevent and detect malicious activities like intrusion attempts, ROC curves of the considered multimodal biometric system under a simulated spoof attack against the fingerprint or the face matcher. Port scans, and denial-of-service attacks. When suspected malicious traffic is detected, an alarm is raised by the IDS and subsequently handled by the system administrator. Two main kinds of IDSs exist: misuse detectors and anomaly-based ones. Misuse detectors match the analyzed network traffic against a database of signatures of known malicious activities.  SCREEN SHORTS       Immani Deepak * et al.  (IJITR) INTERNATIONAL JOURNAL OF INNOVATIVE TECHNOLOGY AND RESEARCH Volume No.5, Issue No.6, October - November 2017, 7705-7709.  2320 –5547 @ 2013-2017 http://www.ijitr.com All rights Reserved. Page | 7708                        SYSTEM TESTING The purpose of testing is to discover errors. Testing is the process of trying to discover every conceivable fault or weakness in a work product. It provides a way to check the functionality of components, sub assemblies, assemblies and/or a finished product It is the process of exercising software with the intent of ensuring that the Software system meets its requirements and user expectations and does not fail in an unacceptable manner. There are various types of test. Each test type addresses a specific testing requirement.  unit testing  integration testing  function testing  acceptance testing  white box testing  block box testing VII. CONCLUSION In this paper we focused on empirical security evaluation of pattern classifiers that have to be       Immani Deepak * et al.  (IJITR) INTERNATIONAL JOURNAL OF INNOVATIVE TECHNOLOGY AND RESEARCH Volume No.5, Issue No.6, October - November 2017, 7705-7709.  2320 –5547 @ 2013-2017 http://www.ijitr.com All rights Reserved. Page | 7709 deployed in adversarial environments, and proposed how to revise the classical performance evaluation design step, which is not suitable for this purpose. Our main contribution is a framework for empirical security evaluation that formalizes and generalizes ideas from previous work, and can be applied to different classifiers, learning algorithms, and classification tasks. It is grounded on a formal model of the adversary, and on a model of data distribution that can represent all the attacks considered in previous work; provides a systematic method for the generation of training and testing sets that enables security evaluation; and can accommodate application-specific techniques for attack simulation. This is a clear advancement with respect to previous work, since without a general framework most of the proposed techniques (often tailored to a given classifier model, attack, and application) could not be directly applied to other problems. An intrinsic limitation of our work is that security evaluation is carried out empirically, and it is thus data dependent; on the other hand, model-driven analyses [12], [17], [38] require a full analytical model of the problem and of the adversary’s behavior, that may be very difficult to develop for real-world applications. Another intrinsic limitation is due to fact that our method is not application-specific, and, therefore, provides only high-level guidelines for simulating attacks. Indeed, detailed guidelines require one to take into account application-specific constraints and adversary models. Our future work will be devoted to develop techniques for simulating attacks for different applications. Although the design of secure classifiers is a distinct problem than security evaluation, our framework could be also exploited to this end. For instance, simulated attack samples can be included into the training data to improve security of discriminative classifiers (e.g., SVMs), while the proposed data model can be exploited to design more secure generative classifiers. We obtained encouraging preliminary results on this topic  VIII. REFERENCES [1]  R.N. Rodrigues, L.L. Ling, and V. Govindaraju, “Robustness of Multimodal Biometric Fusion Methods against Spoof Attacks,” J. Visual Languages and Computing, vol. 20, no. 3, pp. 169-179, 2009. [2]  P. Johnson, B. Tan, and S. Schuckers, “Multimodal Fusion Vulnerability to Non-Zero Effort (Spoof) Imposters,” Proc. IEEE Int’l Workshop Information Forensics and Security, pp. 1-5, 2010. [3]  P. Fogla, M. Sharif, R. Perdisci, O. Kolesnikov, and W. Lee, “Polymorphic Blending Attacks,” Proc. 15th Conf. USENIX Security Symp., 2006. [4]  G.L. Wittel and S.F. Wu, “On Attacking Statistical Spam Filters,” Proc. First Conf. Email and Anti-Spam, 2004.  [5]  D. Lowd and C. Meek, “Good Word Attacks on Statistical Spam Filters,” Proc. Second Conf. Email and Anti-Spam, 2005. [6]  B. Biggio, G. Fumera, and F. Roli, “Multiple Classifier Systems for Adversarial Classification Tasks,” Proc. Eighth Int’l Workshop Multiple Classifier Systems, pp. 132-141, 2009. [7]  M. Br€uckner, C. Kanzow, and T. Scheffer, “Static Prediction Games for Adversarial Learning Problems,” J. Machine Learning Research, vol. 13, pp. 2617-2654, 2012. [8]  A. Adler, “Vulnerabilities in Biometric Encryption Systems,” Proc. Fifth Int’l Conf. Audio- and Video-Based Biometric Person Authentication, pp. 1100-1109, 2005. [9]  B. Efron and R.J. Tibshirani, An Introduction to the Bootstrap. Chapman & Hall, 1993.  [10]  H. Drucker, D. Wu, and V.N. Vapnik, “Support Vector Machines for Spam Categorization,” IEEE Trans. Neural Networks, vol. 10, no. 5, pp. 1048-1054, Sept. 1999. AUTHOR’s PROFILE IMMANI DEEPAK, BTECH FINAL YEAR, Department Of Electronics And Communication  Engineering, Andhra University, Andhra Pradesh RIA M GHOSH  , BTECH FINAL YEAR, Department Of Electronics And Communication  Engineering, Andhra University, Andhra Pradesh  

SECURITY EVALUATION OF PATTERN CLASSIFIERS UNDER ATTACK

http://www.ijitr.com/index.php/ojs/article/download/2059/pdf

SECURITY EVALUATION OF PATTERN CLASSIFIERS UNDER ATTACK

Abstract

Similar works

Full text

Available Versions

International Journal of Innovative Technology and Research (IJITR)