Adversarial Machine Learning Attacks and Defense Methods in the Cyber Security Domain

Research output: Contribution to journalReview articlepeer-review

115 Scopus citations

Abstract

In recent years, machine learning algorithms, and more specifically deep learning algorithms, have been widely used in many fields, including cyber security. However, machine learning systems are vulnerable to adversarial attacks, and this limits the application of machine learning, especially in non-stationary, adversarial environments, such as the cyber security domain, where actual adversaries (e.g., malware developers) exist. This article comprehensively summarizes the latest research on adversarial attacks against security solutions based on machine learning techniques and illuminates the risks they pose. First, the adversarial attack methods are characterized based on their stage of occurrence, and the attacker' s goals and capabilities. Then, we categorize the applications of adversarial attack and defense methods in the cyber security domain. Finally, we highlight some characteristics identified in recent research and discuss the impact of recent advancements in other adversarial learning domains on future research directions in the cyber security domain. To the best of our knowledge, this work is the first to discuss the unique challenges of implementing end-to-end adversarial attacks in the cyber security domain, map them in a unified taxonomy, and use the taxonomy to highlight future research directions.

Original languageEnglish
Article number3453158
JournalACM Computing Surveys
Volume54
Issue number5
DOIs
StatePublished - 1 Jun 2021

Keywords

  • adversarial examples
  • Adversarial learning
  • adversarial machine learning
  • cyber security
  • deep learning
  • evasion attacks
  • poisoning attacks

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'Adversarial Machine Learning Attacks and Defense Methods in the Cyber Security Domain'. Together they form a unique fingerprint.

Cite this