Assessing and Enhancing Adversarial Robustness of Predictive Analytics: An Empirically Tested Design Framework
研究利用技术威胁规避理论,提出评估和增强预测分析对抗鲁棒性的框架,并开发了ARText系统,在垃圾评论和垃圾邮件检测任务中验证了其有效性。
As predictive analytics increasingly applies supervised machine learning (SML) models to inform mission-critical decision-making, adversaries become incentivized to exploit the vulnerabilities of these SML models and mislead predictive analytics into erroneous decisions. Due to the limited understanding and awareness of such adversarial attacks, the predictive analytics knowledge and deployment need a principled technique for adversarial robustness assessment and enhancement. In this research, we leverage the technology threat avoidance theory as the kernel theory and propose a research framework for assessing and enhancing the adversarial robustness of predictive analytics applications. We instantiate the proposed framework by developing a robust text classification system, the ARText system. The proposed system is rigorously evaluated in comparison with benchmark methods on two tasks extensively enabled by SML: spam review detection and spam email detection, which then confirmed the utility and effectiveness of our ARText system. Results from numerous experiments revealed that our proposed framework could significantly enhance the adversarial robustness of predictive analytics applications.