Taxonomy and Recent Advance of Game Theoretical Approaches in Adversarial Machine Learning: A Survey-Reference-Cited by-同舟云学术

Taxonomy and Recent Advance of Game Theoretical Approaches in Adversarial Machine Learning: A Survey

Published:2023-05-26 Issue: Volume: Page:
ISSN:1550-4859
Container-title:ACM Transactions on Sensor Networks
language:en
Short-container-title:ACM Trans. Sen. Netw.

Author:

Gao Lijun¹,Yan Zheng¹,Liang Xueqin¹,Xu Xi²,Wang Jie¹,Ding Wenxiu¹,Yang Laurence Tianruo³

Affiliation:

1. The State Key Lab of ISN, School of Cyber Engineering, Xidian University, China

2. School of Computer Science and Technology, Xi’an Jiaotong University, China

3. Department of Computer Science, St. Francis Xavier University, Canada

Abstract

Carefully perturbing adversarial inputs degrades the performance of traditional machine learning (ML) models. Adversarial machine learning (AML) that takes adversaries into account during training and learning emerges as a valid technique to defend against attacks. Due to the complexity and uncertainty of adversaries’ attack strategies, researchers utilize game theory to study the interactions between an adversary and an ML system designer. By configuring different game rules and analyzing game outcomes in an adversarial game, it is possible to effectively predict attack strategies and to produce optimal defense strategies for the system designer. However, the literature still lacks a holistic review of adversarial games in AML. In this paper, we extend the scope of previous surveys and provide a thorough overview of existing game theoretical approaches in AML for adaptively defending against adversarial attacks. For evaluating these approaches, we propose a set of metrics to discuss their merits and drawbacks. Finally, based on our literature review and analysis, we raise several open problems and suggest interesting research directions worthy of special investigation.

Publisher

Association for Computing Machinery (ACM)

Subject

Computer Networks and Communications

Link

https://dl.acm.org/doi/pdf/10.1145/3600094

Reference136 articles.

1. Adversarial attacks and defenses in Speaker Recognition Systems: A survey

2. Anish Athalye , Nicholas Carlini , and David Wagner . 2018 . Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples . In Proceedings of the 35th International Conference on Machine Learning(Proceedings of Machine Learning Research, Vol. 80) , Jennifer Dy and Andreas Krause (Eds.). PMLR, 274–283. Anish Athalye, Nicholas Carlini, and David Wagner. 2018. Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples. In Proceedings of the 35th International Conference on Machine Learning(Proceedings of Machine Learning Research, Vol. 80), Jennifer Dy and Andreas Krause (Eds.). PMLR, 274–283.

3. Ho Bae Jaehee Jang Dahuin Jung Hyemi Jang Heonseok Ha and Sungroh Yoon. 2018. Security and Privacy Issues in Deep Learning. CoRR abs/1807.11655(2018). arXiv:1807.11655 Ho Bae Jaehee Jang Dahuin Jung Hyemi Jang Heonseok Ha and Sungroh Yoon. 2018. Security and Privacy Issues in Deep Learning. CoRR abs/1807.11655(2018). arXiv:1807.11655

4. Eugene Bagdasaryan , Andreas Veit , Yiqing Hua , Deborah Estrin , and Vitaly Shmatikov . 2020 . How To Backdoor Federated Learning . In Proceedings of the Twenty Third International Conference on Artificial Intelligence and Statistics(Proceedings of Machine Learning Research, Vol. 108) , Silvia Chiappa and Roberto Calandra (Eds.). PMLR, 2938–2948. Eugene Bagdasaryan, Andreas Veit, Yiqing Hua, Deborah Estrin, and Vitaly Shmatikov. 2020. How To Backdoor Federated Learning. In Proceedings of the Twenty Third International Conference on Artificial Intelligence and Statistics(Proceedings of Machine Learning Research, Vol. 108), Silvia Chiappa and Roberto Calandra (Eds.). PMLR, 2938–2948.