Foundations and Trends® in Communications and Information Theory > Vol 18 > Issue 1

Theoretical Foundations of Adversarial Binary Detection

Mauro Barni, Department of Information Engineering and Mathematics, University of Siena, Italy, barni@dii.unisi.it Benedetta Tondi, Department of Information Engineering and Mathematics, University of Siena, Italy, benedettatondi@gmail.com
 
Suggested Citation
Mauro Barni and Benedetta Tondi (2020), "Theoretical Foundations of Adversarial Binary Detection", Foundations and TrendsĀ® in Communications and Information Theory: Vol. 18: No. 1, pp 1-172. http://dx.doi.org/10.1561/0100000102

Publication Date: 20 Dec 2020
© 2021 Mauro Barni and Benedetta Tondi
 
Subjects
Signal Processing for Security and Forensic Analysis,  Statistical signal processing: classification and detection
 

Free Preview:

Download extract

Share

Download article
In this article:
1. Introduction
2. Background Notions and Tools
3. Binary Detection Game with Known Sources
4. Limit Performance and Source Distinguishability
5. Binary Detection Game with Training Data
6. Binary Detection Games with Corrupted Training
7. Summary and Outlook
Acknowledgements
Appendices
A. Regularity Properties of the Admissibility Set
B. Asymptotic Behavior of the Indistinguishability Regions
C. Security Margin Computation as a Minimum Cost Flow Problem
References 

Abstract

The present monograph focuses on the detection problem in adversarial setting. When framed in an adversarial setting, classical detection theory can not be applied any more, since, in order to make a correct decision, the presence of an adversary must be taken into account when designing the detector. In particular, the interplay between the Defender (), wishing to carry out the detection task, and the Attacker (), aiming at impeding it, must be investigated. The purpose of this monograph is to lay out the foundations of a general theory of adversarial detection, taking into account the impact that the presence of the adversary has on the design of the optimal detector. We do so by casting the adversarial detection problem into a game theoretical framework, which is then studied by relying on typical methods of information theory. As a final result, the theory allows to state the conditions under which both the false positive and false negative error probabilities tend to zero exponentially fast, and to relate the error exponents of the two kinds of errors to the distortion the attacker can introduce into the test sequence.

DOI:10.1561/0100000102
ISBN: 978-1-68083-764-3
189 pp. $99.00
Buy book (pb)
 
ISBN: 978-1-68083-765-0
189 pp. $280.00
Buy E-book (.pdf)
Table of contents:
1. Introduction
2. Background Notions and Tools
3. Binary Detection Game with Known Sources
4. Limit Performance and Source Distinguishability
5. Binary Detection Game with Training Data
6. Binary Detection Games with Corrupted Training
7. Summary and Outlook
Acknowledgements
Appendices
A. Regularity Properties of the Admissibility Set
B. Asymptotic Behavior of the Indistinguishability Regions
C. Security Margin Computation as a Minimum Cost Flow Problem
References

Theoretical Foundations of Adversarial Binary Detection

Binary detection is a ubiquitous problem in virtually all branches of science and technology. In many cases, binary detection must be carried out in a setting wherein the presence of an adversary aiming at inducing a wrong decision cannot be ruled out. Applications include network monitoring, spam filtering, multimedia forensics, video surveillance and biometric authentication to name but a few. In these cases, the attack is carried out at the time of testing. With the advent of widespread machine learning tools, the attacker can act during the learning phase, making it harder to detect. The main idea behind adversarial detection theory is to cast the detection problem into a game-theoretic framework. This allows the goals and the actions available to the two contenders to be rigorously defined.

In this monograph, the authors address several variants of a general adversarial binary detection problem, depending on the knowledge available to the Defender and the Attacker of the statistical characterization of a system. They lead the reader through the considerations and solutions under two hypotheses, using a framework that can be adopted in many applications.

This monograph, aimed at students, researchers and practitioners working in the application areas who want an accessible introduction to the theory behind Adversarial Binary Detection and the possible solutions to their particular problem.

 
CIT-102