Presentation is loading. Please wait.

Presentation is loading. Please wait.

EE515/IS523: Security 101: Think Like an Adversary Evading Anomarly Detection through Variance Injection Attacks on PCA Benjamin I.P. Rubinstein, Blaine.

Published byMichael Williamson Modified over 8 years ago

Similar presentations

Presentation on theme: "EE515/IS523: Security 101: Think Like an Adversary Evading Anomarly Detection through Variance Injection Attacks on PCA Benjamin I.P. Rubinstein, Blaine."— Presentation transcript:

1 EE515/IS523: Security 101: Think Like an Adversary Evading Anomarly Detection through Variance Injection Attacks on PCA Benjamin I.P. Rubinstein, Blaine Nelson, Anthony D. Joseph, Shing-hon Lau, NinaTaft, J. D. Tygar RAID 2008 Presented by: Dong-Jae Shin

2 EE515/IS523: Security 101: Think Like an Adversary Outline Background Machine Learning PCA (Principal Component Analysis) Related Work Motivation Main Idea Evaluation Conclusion Future work 2

3 EE515/IS523: Security 101: Think Like an Adversary Machine Learning Machine learning (ML) Design and develop algorithms by machine using patterns or predictions Benefits Adaptability Scalable Statistical decision-making 3 1. Background http://1.bp.blogspot.com/-tn9GwuoC45w/TvtQvP6_UFI/AAAAAAAAAHI/ECpLGjyH6AI/s1600/machine_learning_course.png

4 EE515/IS523: Security 101: Think Like an Adversary Deriving principal vectors Deriving the principal vector which captures the maximum variance Find next component PCA (Principal Component Analysis) Orthogonal transformation to reduce dimension Most data patterns are captured by the several principal vectors 4 1. Background PCA Data preservation (not perfectly)

5 EE515/IS523: Security 101: Think Like an Adversary PCA (Principal Component Analysis) PCA Example 5 1. Background http://kimhj8574.egloos.com/5632409 Original coordinates PCA New coordinates Projection to 1 st basis (maximum variance) Projection to 2 nd basis (next maximum variance) Maximum variance means good preservation of information Dimension reduction using important bases > More preserved data

6 EE515/IS523: Security 101: Think Like an Adversary Diagnosing Network-Wide Traffic Anomalies, SIGCOMM 2004 Goal Diagnosing network-wide anomalies Problem Detecting anomalies are difficult because of large amount of high- dimensional and noisy data 6 2. Related Work Src.Dest.Data 1.2.3.45.6.7.8DDos ? Src.Dest.Data 4.3.2.15.6.7.8Mail Attack Normal Data Anomaly A pattern in the data that does not conform to the expected behavior

7 EE515/IS523: Security 101: Think Like an Adversary Diagnosing Network-Wide Traffic Anomalies, SIGCOMM 2004 Example of Link Traffic 7 2. Related Work OD flow Origin-Destination flow between PoPs Too much complexity to monitor every links Network anomaly i start b end

8 EE515/IS523: Security 101: Think Like an Adversary Diagnosing Network-Wide Traffic Anomalies, SIGCOMM 2004 Solution Separate normal & anomalous traffic using Volume Anomaly with PCA Information : Volume Anomaly  Simple measure Method : PCA  Simplify vectors 8 Measure Volume Anomaly 2. Related Work Volume Anomaly A sudden positive(+) or negative(-) change in an Origin-Destination flow PoP Node of backbone network Detecting using PCA PCA Anomalous Normal Measured Volume anomaly

9 EE515/IS523: Security 101: Think Like an Adversary Diagnosing Network-Wide Traffic Anomalies, SIGCOMM 2004 9 Traffic vector Residual 2. Related Work Result Comparison between traffic vector of all links and residual vector  Heuristic method can be subverted  Easy to detect, identify, quantify traffic anomalies : Projection vector using PCA Anomaly Detected

10 EE515/IS523: Security 101: Think Like an Adversary Vulnerabilities of PCA PCA-based Detection can be easily poisoned when only using single compromised PoP System uses only Volume Anomaly Machine learning techniques can be deceived in learning phase Adversary can put poisoned data in learning phase to deceive the system 10 3. Motivation Poisoned Data

11 EE515/IS523: Security 101: Think Like an Adversary Chaff Chaff? Original mean : Disturbing equipment for radar countermeasure This paper : Disturbing data against anomaly detection 11 3. Motivation http://www.ordtech-industries.com/2products/Chaff/Chaff.html http://2.bp.blogspot.com/_NyXGIFk_jjk/TFEYxWSNFoI/AAAAAAAAAuo/MFldb0_h7_0/s400/chaff.jpg

12 EE515/IS523: Security 101: Think Like an Adversary Attack Method Chaff Half normal chaff Zero-mean Gaussian distribution Scaled Bernoulli chaff Bernoulli random variables Add-Constant-If-Big Add constant if traffic exceeds a threshold Add-More-If-Bigger Adds more chaff if traffic exceeds a threshold Boiling Frog Attacks Slowly increasing (θ) the chaffs 12 4. Main Idea Various spoiled traffic to deceive machine learning based decision process. False negative rate ↑ θ : Attack parameter c t : Chaff traffic

13 EE515/IS523: Security 101: Think Like an Adversary What they want Detecting is based on rapid change of residual Chaff and Boiling frog attack makes The normal traffic big The residual traffic of anomaly small 13 5. Evaluation

14 EE515/IS523: Security 101: Think Like an Adversary Environments System Abilene’s backbone network with 12 PoPs 15 bi-directional inter-PoP links Sampling 2016 measurements per week 5 minute intervals 14 5. Evaluation Abilene’s backbone network

15 EE515/IS523: Security 101: Think Like an Adversary Evaluation Attacks with chaffs and its FNR 15 5. Evaluation Chaffs (18% Total traffic) using Add- More-If-Bigger method record over 50% of FNR FNR False Negative Rate Rate of evading X-axis : How many chaffs to PoP Y-axis : False Negative Rate

16 EE515/IS523: Security 101: Think Like an Adversary Evaluation Attacks with Boiling Frog and Add-More-If-Bigger 16 5. Evaluation Growth rate : Multiplied factor of θ Boiling Frog method is effective on even small growth rates X-axis : Attack duration (weeks) Y-axis : False Negative Rate

17 EE515/IS523: Security 101: Think Like an Adversary Evaluation Attack Rejection Rate for Boling Frog Attacks 17 5. Evaluation Rate : Multiplied factor of θ Boiling Frog method effectively poison PCA-based system X-axis : Attack duration (weeks) Y-axis : Chaff rejection rate

18 EE515/IS523: Security 101: Think Like an Adversary Conclusion & Future Work Conclusion PCA-based anomaly detectors can be compromised by simple data poisoning strategies Chaffs Boiling frog attacks Increase the chance of evading DDoS attacks detections by sixfold Future Work Counter-measure based on Robust formulations of PCA Poisoning strategies for increasing PCA’s false positive rate 18 6. Conclusion & Future Work 50% of success with 18% of adding traffic, 5% traffic increase

19 EE515/IS523: Security 101: Think Like an Adversary References B. I. P. Rubinstein et. al., “Evading anomaly detection through variance injection attacks on PCA B. I. P. Rubinstein et. al. “Compromising PCA-based anomaly detectors for network-wide traffic” Lakhina, et. al., “Diagnosing network-wide traffic anomalies” 19

Download ppt "EE515/IS523: Security 101: Think Like an Adversary Evading Anomarly Detection through Variance Injection Attacks on PCA Benjamin I.P. Rubinstein, Blaine."

Similar presentations

Applications of one-class classification

Applications of one-class classification
Detecting Spam Zombies by Monitoring Outgoing Messages Zhenhai Duan Department of Computer Science Florida State University.

Detecting Spam Zombies by Monitoring Outgoing Messages Zhenhai Duan Department of Computer Science Florida State University.
Principal Component Analysis Based on L1-Norm Maximization Nojun Kwak IEEE Transactions on Pattern Analysis and Machine Intelligence, 2008.

Principal Component Analysis Based on L1-Norm Maximization Nojun Kwak IEEE Transactions on Pattern Analysis and Machine Intelligence, 2008.
Efficient Constraint Monitoring Using Adaptive Thresholds Srinivas Kashyap, IBM T. J. Watson Research Center Jeyashankar Ramamirtham, Netcore Solutions.

Efficient Constraint Monitoring Using Adaptive Thresholds Srinivas Kashyap, IBM T. J. Watson Research Center Jeyashankar Ramamirtham, Netcore Solutions.
Detectability of Traffic Anomalies in Two Adjacent Networks Augustin Soule, Haakon Ringberg, Fernando Silveira, Jennifer Rexford, Christophe Diot.

Detectability of Traffic Anomalies in Two Adjacent Networks Augustin Soule, Haakon Ringberg, Fernando Silveira, Jennifer Rexford, Christophe Diot.
Principal Component Analysis (PCA) for Clustering Gene Expression Data K. Y. Yeung and W. L. Ruzzo.

Principal Component Analysis (PCA) for Clustering Gene Expression Data K. Y. Yeung and W. L. Ruzzo.
Linear Obfuscation to Combat Symbolic Execution Zhi Wang 1, Jiang Ming 2, Chunfu Jia 1 and Debin Gao 3 1 Nankai University 2 Pennsylvania State University.

Linear Obfuscation to Combat Symbolic Execution Zhi Wang 1, Jiang Ming 2, Chunfu Jia 1 and Debin Gao 3 1 Nankai University 2 Pennsylvania State University.
Worm Origin Identification Using Random Moonwalks Yinglian Xie, V. Sekar, D. A. Maltz, M. K. Reiter, Hui Zhang 2005 IEEE Symposium on Security and Privacy.

Worm Origin Identification Using Random Moonwalks Yinglian Xie, V. Sekar, D. A. Maltz, M. K. Reiter, Hui Zhang 2005 IEEE Symposium on Security and Privacy.
Sensitivity of PCA for Traffic Anomaly Detection Evaluating the robustness of current best practices Haakon Ringberg 1, Augustin Soule 2, Jennifer Rexford.

Sensitivity of PCA for Traffic Anomaly Detection Evaluating the robustness of current best practices Haakon Ringberg 1, Augustin Soule 2, Jennifer Rexford.
A Comprehensive Study on Third Order Statistical Features for Image Splicing Detection Xudong Zhao, Shilin Wang, Shenghong Li and Jianhua Li Shanghai Jiao.

A Comprehensive Study on Third Order Statistical Features for Image Splicing Detection Xudong Zhao, Shilin Wang, Shenghong Li and Jianhua Li Shanghai Jiao.
Polymorphic blending attacks Prahlad Fogla et al USENIX 2006 Presented By Himanshu Pagey.

Polymorphic blending attacks Prahlad Fogla et al USENIX 2006 Presented By Himanshu Pagey.
1 Communication-Efficient Online Detection of Network-Wide Anomalies Ling Huang* XuanLong Nguyen* Minos Garofalakis § Joe Hellerstein* Michael Jordan*

1 Communication-Efficient Online Detection of Network-Wide Anomalies Ling Huang* XuanLong Nguyen* Minos Garofalakis § Joe Hellerstein* Michael Jordan*
BotMiner Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee College of Computing, Georgia Institute of Technology.

BotMiner Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee College of Computing, Georgia Institute of Technology.
Probabilistic Aggregation in Distributed Networks Ling Huang, Ben Zhao, Anthony Joseph and John Kubiatowicz {hling, ravenben, adj,

Probabilistic Aggregation in Distributed Networks Ling Huang, Ben Zhao, Anthony Joseph and John Kubiatowicz {hling, ravenben, adj,
Principal Component Analysis

Principal Component Analysis
Motion Detection And Analysis Michael Knowles Tuesday 13 th January 2004.

Motion Detection And Analysis Michael Knowles Tuesday 13 th January 2004.
1 In-Network PCA and Anomaly Detection Ling Huang* XuanLong Nguyen* Minos Garofalakis § Michael Jordan* Anthony Joseph* Nina Taft § *UC Berkeley § Intel.

1 In-Network PCA and Anomaly Detection Ling Huang* XuanLong Nguyen* Minos Garofalakis § Michael Jordan* Anthony Joseph* Nina Taft § *UC Berkeley § Intel.
Multi-Scale Analysis for Network Traffic Prediction and Anomaly Detection Ling Huang Joint work with Anthony Joseph and Nina Taft January, 2005.

Multi-Scale Analysis for Network Traffic Prediction and Anomaly Detection Ling Huang Joint work with Anthony Joseph and Nina Taft January, 2005.
1 Toward Sophisticated Detection With Distributed Triggers Ling Huang* Minos Garofalakis § Joe Hellerstein* Anthony Joseph* Nina Taft § *UC Berkeley §

1 Toward Sophisticated Detection With Distributed Triggers Ling Huang* Minos Garofalakis § Joe Hellerstein* Anthony Joseph* Nina Taft § *UC Berkeley §
1 Deriving Private Information from Randomized Data Zhengli Huang Wenliang (Kevin) Du Biao Chen Syracuse University.

1 Deriving Private Information from Randomized Data Zhengli Huang Wenliang (Kevin) Du Biao Chen Syracuse University.

Similar presentations

Ads by Google