Visible to the public Biblio

Filters: Keyword is domain adaption  [Clear All Filters]
2021-08-17
Jin, Kun, Liu, Chaoyue, Xia, Cathy.  2020.  OTDA: a Unsupervised Optimal Transport framework with Discriminant Analysis for Keystroke Inference. 2020 IEEE Conference on Communications and Network Security (CNS). :1—9.
Keystroke Inference has been a hot topic since it poses a severe threat to our privacy from typing. Existing learning-based Keystroke Inference suffers the domain adaptation problem because the training data (from attacker) and the test data (from victim) are generally collected in different environments. Recently, Optimal Transport (OT) is applied to address this problem, but suffers the “ground metric” limitation. In this work, we propose a novel method, OTDA, by incorporating Discriminant Analysis into OT through an iterative learning process to address the ground metric limitation. By embedding OTDA into a vibration-based Keystroke Inference platform, we conduct extensive studies about domain adaptation with different factors, such as people, keyboard position, etc.. Our experiment results show that OTDA can achieve significant performance improvement on classification accuracy, i.e., outperforming baseline by 15% to 30%, state-of-the-art OT and other domain adaptation methods by 10% to 20%.
2018-03-19
Ditzler, G., Prater, A..  2017.  Fine Tuning Lasso in an Adversarial Environment against Gradient Attacks. 2017 IEEE Symposium Series on Computational Intelligence (SSCI). :1–7.

Machine learning and data mining algorithms typically assume that the training and testing data are sampled from the same fixed probability distribution; however, this violation is often violated in practice. The field of domain adaptation addresses the situation where this assumption of a fixed probability between the two domains is violated; however, the difference between the two domains (training/source and testing/target) may not be known a priori. There has been a recent thrust in addressing the problem of learning in the presence of an adversary, which we formulate as a problem of domain adaption to build a more robust classifier. This is because the overall security of classifiers and their preprocessing stages have been called into question with the recent findings of adversaries in a learning setting. Adversarial training (and testing) data pose a serious threat to scenarios where an attacker has the opportunity to ``poison'' the training or ``evade'' on the testing data set(s) in order to achieve something that is not in the best interest of the classifier. Recent work has begun to show the impact of adversarial data on several classifiers; however, the impact of the adversary on aspects related to preprocessing of data (i.e., dimensionality reduction or feature selection) has widely been ignored in the revamp of adversarial learning research. Furthermore, variable selection, which is a vital component to any data analysis, has been shown to be particularly susceptible under an attacker that has knowledge of the task. In this work, we explore avenues for learning resilient classification models in the adversarial learning setting by considering the effects of adversarial data and how to mitigate its effects through optimization. Our model forms a single convex optimization problem that uses the labeled training data from the source domain and known- weaknesses of the model for an adversarial component. We benchmark the proposed approach on synthetic data and show the trade-off between classification accuracy and skew-insensitive statistics.