Next Article in Journal
Soft Iterative Decoding Algorithms for Rateless Codes in Satellite Systems
Previous Article in Journal
Mapping a Guided Image Filter on the HARP Reconfigurable Architecture Using OpenCL
Article Menu

Export Article

Open AccessArticle

Defacement Detection with Passive Adversaries

1
Dipartimento di Informatica, Università di Torino, Corso Svizzera 185, 10149 Torino, Italy
2
Certimeter Group, Corso Svizzera 185, 10149 Torino, Italy
*
Author to whom correspondence should be addressed.
Algorithms 2019, 12(8), 150; https://doi.org/10.3390/a12080150
Received: 28 May 2019 / Revised: 17 July 2019 / Accepted: 25 July 2019 / Published: 29 July 2019
  |  
PDF [1136 KB, uploaded 29 July 2019]
  |     |  

Abstract

A novel approach to defacement detection is proposed in this paper, addressing explicitly the possible presence of a passive adversary. Defacement detection is an important security measure for Web Sites and Applications, aimed at avoiding unwanted modifications that would result in significant reputational damage. As in many other anomaly detection contexts, the algorithm used to identify possible defacements is obtained via an Adversarial Machine Learning process. We consider an exploratory setting, where the adversary can observe the detector’s alarm-generating behaviour, with the purpose of devising and injecting defacements that will pass undetected. It is then necessary to make to learning process unpredictable, so that the adversary will be unable to replicate it and predict the classifier’s behaviour. We achieve this goal by introducing a secret key—a key that our adversary does not know. The key will influence the learning process in a number of different ways, that are precisely defined in this paper. This includes the subset of examples and features that are actually used, the time of learning and testing, as well as the learning algorithm’s hyper-parameters. This learning methodology is successfully applied in this context, by using the system with both real and artificially modified Web sites. A year-long experimentation is also described, referred to the monitoring of the new Web Site of a major manufacturing company. View Full-Text
Keywords: adversarial learning; anomaly detection; defacement response; Security Incident and Event Management; Security Operations Center adversarial learning; anomaly detection; defacement response; Security Incident and Event Management; Security Operations Center
Figures

Figure 1

This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited (CC BY 4.0).
SciFeed

Share & Cite This Article

MDPI and ACS Style

Bergadano, F.; Carretto, F.; Cogno, F.; Ragno, D. Defacement Detection with Passive Adversaries. Algorithms 2019, 12, 150.

Show more citation formats Show less citations formats

Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Related Articles

Article Metrics

Article Access Statistics

1

Comments

[Return to top]
Algorithms EISSN 1999-4893 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert
Back to Top