Adversarial classification: An adversarial risk analysis approach

Classification techniques are widely used in security settings in which data can be deliberately manipulated by an adversary trying to evade detection and achieve some benefit. However, traditional classification systems are not robust to such data modifications. Most attempts to enhance classification algorithms in adversarial environments have focused on game theoretical ideas under strong underlying common knowledge assumptions, which are not actually realistic in security domains. We provide an alternative framework to such problems based on adversarial risk analysis which we illustrate with examples. Computational, implementation and robustness issues are discussed.
R.N. acknowledges support the Spanish Ministry for his grant FPU15-03636. The work of D.R.I. is supported by the Spanish Ministry program MTM2017-86875-C3-1-R and the AXA-ICMAT Chair on Adversarial Risk Analysis. This work has also been partially supported by the Spanish Ministry of Economy through the Severo Ochoa Program for Centers of Excellence in R&D (SEV-2015-0554), the project MTM2015-72907-EXP and the EU's Horizon 2020 project 740920 CYBECO (Supporting Cyberinsurance from a Behavioural Choice Perspective). F.R. acknowledges the contribution of the Comunidad de Madrid through its Chair of Excellence programme. We are grateful for the suggestions of the referees.