Application of BadNets in Spam Filters
- URL: http://arxiv.org/abs/2307.09649v1
- Date: Tue, 18 Jul 2023 21:39:39 GMT
- Title: Application of BadNets in Spam Filters
- Authors: Swagnik Roychoudhury, Akshaj Kumar Veldanda
- Abstract summary: We design backdoor attacks in the domain of spam filtering.
We highlight the need for careful consideration and evaluation of the models used in spam filters.
- Score: 1.5755923640031848
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: Spam filters are a crucial component of modern email systems, as they help to
protect users from unwanted and potentially harmful emails. However, the
effectiveness of these filters is dependent on the quality of the machine
learning models that power them. In this paper, we design backdoor attacks in
the domain of spam filtering. By demonstrating the potential vulnerabilities in
the machine learning model supply chain, we highlight the need for careful
consideration and evaluation of the models used in spam filters. Our results
show that the backdoor attacks can be effectively used to identify
vulnerabilities in spam filters and suggest the need for ongoing monitoring and
improvement in this area.
Related papers
- ChatSpamDetector: Leveraging Large Language Models for Effective Phishing Email Detection [2.3999111269325266]
This study introduces ChatSpamDetector, a system that uses large language models (LLMs) to detect phishing emails.
By converting email data into a prompt suitable for LLM analysis, the system provides a highly accurate determination of whether an email is phishing or not.
We conducted an evaluation using a comprehensive phishing email dataset and compared our system to several LLMs and baseline systems.
arXiv Detail & Related papers (2024-02-28T06:28:15Z) - Baseline Defenses for Adversarial Attacks Against Aligned Language
Models [109.75753454188705]
Recent work shows that text moderations can produce jailbreaking prompts that bypass defenses.
We look at three types of defenses: detection (perplexity based), input preprocessing (paraphrase and retokenization), and adversarial training.
We find that the weakness of existing discretes for text, combined with the relatively high costs of optimization, makes standard adaptive attacks more challenging for LLMs.
arXiv Detail & Related papers (2023-09-01T17:59:44Z) - Deep convolutional forest: a dynamic deep ensemble approach for spam
detection in text [219.15486286590016]
This paper introduces a dynamic deep ensemble model for spam detection that adjusts its complexity and extracts features automatically.
As a result, the model achieved high precision, recall, f1-score and accuracy of 98.38%.
arXiv Detail & Related papers (2021-10-10T17:19:37Z) - Unsharp Mask Guided Filtering [53.14430987860308]
The goal of this paper is guided image filtering, which emphasizes the importance of structure transfer during filtering.
We propose a new and simplified formulation of the guided filter inspired by unsharp masking.
Our formulation enjoys a filtering prior to a low-pass filter and enables explicit structure transfer by estimating a single coefficient.
arXiv Detail & Related papers (2021-06-02T19:15:34Z) - Effective Email Spam Detection System using Extreme Gradient Boosting [1.8899300124593645]
This research is an improved spam detection model based on Extreme Gradient Boosting (XGBoost)
Experimental results show that the proposed model outperforms earlier approaches across a wide range of evaluation metrics.
arXiv Detail & Related papers (2020-12-27T15:23:58Z) - Detection of Adversarial Supports in Few-shot Classifiers Using Feature
Preserving Autoencoders and Self-Similarity [89.26308254637702]
We propose a detection strategy to highlight adversarial support sets.
We make use of feature preserving autoencoder filtering and also the concept of self-similarity of a support set to perform this detection.
Our method is attack-agnostic and also the first to explore detection for few-shot classifiers to the best of our knowledge.
arXiv Detail & Related papers (2020-12-09T14:13:41Z) - Privacy-Preserving Spam Filtering using Functional Encryption [1.0019926246026924]
We construct a spam classification framework that enables the classification of encrypted emails.
Our model is based on a neural network with a quadratic network part and a multi-layer perception network part.
The evaluation results on real-world spam datasets indicate that our proposed spam classification model achieves an accuracy of over 96%.
arXiv Detail & Related papers (2020-12-08T02:14:28Z) - Robust and Verifiable Information Embedding Attacks to Deep Neural
Networks via Error-Correcting Codes [81.85509264573948]
In the era of deep learning, a user often leverages a third-party machine learning tool to train a deep neural network (DNN) classifier.
In an information embedding attack, an attacker is the provider of a malicious third-party machine learning tool.
In this work, we aim to design information embedding attacks that are verifiable and robust against popular post-processing methods.
arXiv Detail & Related papers (2020-10-26T17:42:42Z) - Filter Grafting for Deep Neural Networks: Reason, Method, and
Cultivation [86.91324735966766]
Filter is the key component in modern convolutional neural networks (CNNs)
In this paper, we introduce filter grafting (textbfMethod) to achieve this goal.
We develop a novel criterion to measure the information of filters and an adaptive weighting strategy to balance the grafted information among networks.
arXiv Detail & Related papers (2020-04-26T08:36:26Z) - Visual Spoofing in content based spam detection [0.0]
We present a vulnerability in which one could replace some characters with corresponding characters from a different alphabet.
With this approach spammers can create messages that bypass existing spam filters.
We show that this approach can be used to avoid plagiarism detection, and in other applications that use natural language processing for automatic analysis of text documents.
arXiv Detail & Related papers (2020-04-11T00:16:04Z) - DeepQuarantine for Suspicious Mail [0.0]
DeepQuarantine (DQ) is a cloud technology to detect and quarantine potential spam messages.
Most of the quarantined mail is spam, which allows clients to use email without delay.
arXiv Detail & Related papers (2020-01-13T11:32:58Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.