{"id":"https://openalex.org/W2151298633","doi":"https://doi.org/10.1145/1128817.1128824","title":"Can machine learning be secure?","display_name":"Can machine learning be secure?","publication_year":2006,"publication_date":"2006-03-21","ids":{"openalex":"https://openalex.org/W2151298633","doi":"https://doi.org/10.1145/1128817.1128824","mag":"2151298633"},"language":"en","primary_location":{"id":"doi:10.1145/1128817.1128824","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1128817.1128824","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2006 ACM Symposium on Information, computer and communications security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5003409421","display_name":"Marco Barreno","orcid":null},"institutions":[{"id":"https://openalex.org/I95457486","display_name":"University of California, Berkeley","ror":"https://ror.org/01an7q238","country_code":"US","type":"education","lineage":["https://openalex.org/I95457486"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Marco Barreno","raw_affiliation_strings":["University of California, Berkeley"],"affiliations":[{"raw_affiliation_string":"University of California, Berkeley","institution_ids":["https://openalex.org/I95457486"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5111974467","display_name":"Blaine Nelson","orcid":null},"institutions":[{"id":"https://openalex.org/I95457486","display_name":"University of California, Berkeley","ror":"https://ror.org/01an7q238","country_code":"US","type":"education","lineage":["https://openalex.org/I95457486"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Blaine Nelson","raw_affiliation_strings":["University of California, Berkeley"],"affiliations":[{"raw_affiliation_string":"University of California, Berkeley","institution_ids":["https://openalex.org/I95457486"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5087406745","display_name":"Russell Sears","orcid":"https://orcid.org/0009-0003-0828-0430"},"institutions":[{"id":"https://openalex.org/I95457486","display_name":"University of California, Berkeley","ror":"https://ror.org/01an7q238","country_code":"US","type":"education","lineage":["https://openalex.org/I95457486"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Russell Sears","raw_affiliation_strings":["University of California, Berkeley"],"affiliations":[{"raw_affiliation_string":"University of California, Berkeley","institution_ids":["https://openalex.org/I95457486"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5017381278","display_name":"Anthony D. Joseph","orcid":"https://orcid.org/0000-0002-6798-9664"},"institutions":[{"id":"https://openalex.org/I95457486","display_name":"University of California, Berkeley","ror":"https://ror.org/01an7q238","country_code":"US","type":"education","lineage":["https://openalex.org/I95457486"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Anthony D. Joseph","raw_affiliation_strings":["University of California, Berkeley"],"affiliations":[{"raw_affiliation_string":"University of California, Berkeley","institution_ids":["https://openalex.org/I95457486"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5113907559","display_name":"J. D. Tygar","orcid":null},"institutions":[{"id":"https://openalex.org/I95457486","display_name":"University of California, Berkeley","ror":"https://ror.org/01an7q238","country_code":"US","type":"education","lineage":["https://openalex.org/I95457486"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"J. D. Tygar","raw_affiliation_strings":["University of California, Berkeley"],"affiliations":[{"raw_affiliation_string":"University of California, Berkeley","institution_ids":["https://openalex.org/I95457486"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5003409421"],"corresponding_institution_ids":["https://openalex.org/I95457486"],"apc_list":null,"apc_paid":null,"fwci":13.5453,"has_fulltext":false,"cited_by_count":857,"citation_normalized_percentile":{"value":0.98928706,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":99,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"16","last_page":"25"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12072","display_name":"Machine Learning and Algorithms","score":0.9980999827384949,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8183887004852295},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.6924273371696472},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.6770942211151123},{"id":"https://openalex.org/keywords/flexibility","display_name":"Flexibility (engineering)","score":0.6736184358596802},{"id":"https://openalex.org/keywords/variety","display_name":"Variety (cybernetics)","score":0.6617454886436462},{"id":"https://openalex.org/keywords/adversary","display_name":"Adversary","score":0.6426501870155334},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.6220347285270691},{"id":"https://openalex.org/keywords/instance-based-learning","display_name":"Instance-based learning","score":0.4371030032634735},{"id":"https://openalex.org/keywords/computational-learning-theory","display_name":"Computational learning theory","score":0.42436936497688293},{"id":"https://openalex.org/keywords/function","display_name":"Function (biology)","score":0.42303597927093506},{"id":"https://openalex.org/keywords/adversarial-machine-learning","display_name":"Adversarial machine learning","score":0.4159841239452362},{"id":"https://openalex.org/keywords/active-learning","display_name":"Active learning (machine learning)","score":0.3640151023864746},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.34225159883499146},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.20494124293327332}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8183887004852295},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.6924273371696472},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.6770942211151123},{"id":"https://openalex.org/C2780598303","wikidata":"https://www.wikidata.org/wiki/Q65921492","display_name":"Flexibility (engineering)","level":2,"score":0.6736184358596802},{"id":"https://openalex.org/C136197465","wikidata":"https://www.wikidata.org/wiki/Q1729295","display_name":"Variety (cybernetics)","level":2,"score":0.6617454886436462},{"id":"https://openalex.org/C41065033","wikidata":"https://www.wikidata.org/wiki/Q2825412","display_name":"Adversary","level":2,"score":0.6426501870155334},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.6220347285270691},{"id":"https://openalex.org/C24138899","wikidata":"https://www.wikidata.org/wiki/Q17141258","display_name":"Instance-based learning","level":3,"score":0.4371030032634735},{"id":"https://openalex.org/C50292564","wikidata":"https://www.wikidata.org/wiki/Q2462783","display_name":"Computational learning theory","level":3,"score":0.42436936497688293},{"id":"https://openalex.org/C14036430","wikidata":"https://www.wikidata.org/wiki/Q3736076","display_name":"Function (biology)","level":2,"score":0.42303597927093506},{"id":"https://openalex.org/C2778403875","wikidata":"https://www.wikidata.org/wiki/Q20312394","display_name":"Adversarial machine learning","level":3,"score":0.4159841239452362},{"id":"https://openalex.org/C77967617","wikidata":"https://www.wikidata.org/wiki/Q4677561","display_name":"Active learning (machine learning)","level":2,"score":0.3640151023864746},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.34225159883499146},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.20494124293327332},{"id":"https://openalex.org/C105795698","wikidata":"https://www.wikidata.org/wiki/Q12483","display_name":"Statistics","level":1,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C78458016","wikidata":"https://www.wikidata.org/wiki/Q840400","display_name":"Evolutionary biology","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1145/1128817.1128824","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1128817.1128824","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2006 ACM Symposium on Information, computer and communications security","raw_type":"proceedings-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.72.4400","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.72.4400","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.cs.berkeley.edu/~adj/publications/paper-files/asiaccs06.pdf","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.92.8156","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.92.8156","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.cs.berkeley.edu/~tygar/papers/Machine_Learning_Security/asiaccs06.pdf","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320306110","display_name":"U.S. Department of Homeland Security","ror":"https://ror.org/00jyr0d86"},{"id":"https://openalex.org/F4320332815","display_name":"Advanced Research Projects Agency","ror":"https://ror.org/02caytj08"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":41,"referenced_works":["https://openalex.org/W3805906","https://openalex.org/W20093842","https://openalex.org/W42722137","https://openalex.org/W73527130","https://openalex.org/W205181019","https://openalex.org/W1510073064","https://openalex.org/W1511085305","https://openalex.org/W1514368868","https://openalex.org/W1516506771","https://openalex.org/W1539745582","https://openalex.org/W1548189207","https://openalex.org/W1554944419","https://openalex.org/W1584516405","https://openalex.org/W1766442844","https://openalex.org/W1860627900","https://openalex.org/W1968998685","https://openalex.org/W1970041563","https://openalex.org/W1979675141","https://openalex.org/W2019363670","https://openalex.org/W2019862115","https://openalex.org/W2059871589","https://openalex.org/W2093825590","https://openalex.org/W2094519405","https://openalex.org/W2108601876","https://openalex.org/W2120011452","https://openalex.org/W2120617515","https://openalex.org/W2124283284","https://openalex.org/W2134641333","https://openalex.org/W2139709458","https://openalex.org/W2164785183","https://openalex.org/W2180443860","https://openalex.org/W2293768274","https://openalex.org/W2296452361","https://openalex.org/W2325226838","https://openalex.org/W2326494291","https://openalex.org/W2611627047","https://openalex.org/W2914982603","https://openalex.org/W2915052693","https://openalex.org/W4230846739","https://openalex.org/W4238893454","https://openalex.org/W4285719527"],"related_works":["https://openalex.org/W36398315","https://openalex.org/W4396751709","https://openalex.org/W2257276896","https://openalex.org/W146740654","https://openalex.org/W4299830350","https://openalex.org/W184546935","https://openalex.org/W2131495543","https://openalex.org/W2037866349","https://openalex.org/W1986633584","https://openalex.org/W2056138823"],"abstract_inverted_index":{"Machine":[0],"learning":[1,27,51,69],"systems":[2,20],"offer":[3],"unparalled":[4],"flexibility":[5],"in":[6,11],"dealing":[7],"with":[8],"evolving":[9],"input":[10],"a":[12,32,37,43,60,73,80,96,104],"variety":[13,74],"of":[14,34,56,62,65,75,82,106],"applications,":[15],"such":[16],"as":[17],"intrusion":[18],"detection":[19],"and":[21,71,103],"spam":[22],"e-mail":[23],"filtering.":[24],"However,":[25],"machine":[26,50,68,90],"algorithms":[28],"themselves":[29],"can":[30],"be":[31,52],"target":[33],"attack":[35],"by":[36],"malicious":[38],"adversary.":[39],"This":[40],"paper":[41,58],"provides":[42],"framework":[44],"for":[45,89],"answering":[46],"the":[47],"question,":[48],"\"Can":[49],"secure?\"":[53],"Novel":[54],"contributions":[55],"this":[57],"include":[59],"taxonomy":[61],"different":[63],"types":[64],"attacks":[66],"on":[67,99],"techniques":[70],"systems,":[72],"defenses":[76],"against":[77],"those":[78],"attacks,":[79],"discussion":[81],"ideas":[83],"that":[84],"are":[85],"important":[86],"to":[87],"security":[88],"learning,":[91],"an":[92],"analytical":[93],"model":[94],"giving":[95],"lower":[97],"bound":[98],"attacker's":[100],"work":[101],"function,":[102],"list":[105],"open":[107],"problems.":[108]},"counts_by_year":[{"year":2026,"cited_by_count":6},{"year":2025,"cited_by_count":43},{"year":2024,"cited_by_count":57},{"year":2023,"cited_by_count":47},{"year":2022,"cited_by_count":56},{"year":2021,"cited_by_count":91},{"year":2020,"cited_by_count":90},{"year":2019,"cited_by_count":103},{"year":2018,"cited_by_count":95},{"year":2017,"cited_by_count":64},{"year":2016,"cited_by_count":33},{"year":2015,"cited_by_count":31},{"year":2014,"cited_by_count":30},{"year":2013,"cited_by_count":15},{"year":2012,"cited_by_count":14}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}