Curie: A method for protecting SVM Classifier from Poisoning Attack
Ricky Laishram Syracuse University, Syracuse, NY
Vir Virander Phoha Syracuse University, Syracuse, NY
Abstract

Machine learning is used in a number of security related ap- plications such as biometric user authentication, speaker identification etc. A type of causative integrity attack against machine le arning called Poisoning attack works by injecting specially crafted data points in the training data so as to increase the false positive rate of the classifier. In the context of the biometric authentication, this means that more intruders will be classified as valid user, and in case of speaker identifi- cation system, user A will be classified user B. In this paper, we examine poisoning attack against SVM and introduce - Curie - a method to pro- tect the SVM classifier from the poisoning attack. The basic idea of our method is to identify the poisoned data points injected by the adversary and filter them out. Our method is light weight and can be easily in- tegrated into existing systems. Experimental results show that it works very well in filtering out the poisoned data.