ABSTRACT:
As predictive analytics increasingly applies supervised machine learning (SML) models to inform mission-critical decision-making, adversaries become incentivized to exploit the vulnerabilities of these SML models and mislead predictive analytics into erroneous decisions. Due to the limited understanding and awareness of such adversarial attacks, the predictive analytics knowledge and deployment need a principled technique for adversarial robustness assessment and enhancement. In this research, we leverage the technology threat avoidance theory as the kernel theory and propose a research framework for assessing and enhancing the adversarial robustness of predictive analytics applications. We instantiate the proposed framework by developing a robust text classification system, the ARText system. The proposed system is rigorously evaluated in comparison with benchmark methods on two tasks extensively enabled by SML: spam review detection and spam email detection, which then confirmed the utility and effectiveness of our ARText system. Results from numerous experiments revealed that our proposed framework could significantly enhance the adversarial robustness of predictive analytics applications.
Key words and phrases: Predictive analytics, adversarial robustness, text mining, artificial intelligence security, supervised machine learning, design frameworks