{"id":"https://openalex.org/W4389279136","doi":"https://doi.org/10.1145/3627106.3627123","title":"Poisoning Network Flow Classifiers","display_name":"Poisoning Network Flow Classifiers","publication_year":2023,"publication_date":"2023-12-02","ids":{"openalex":"https://openalex.org/W4389279136","doi":"https://doi.org/10.1145/3627106.3627123"},"language":"en","primary_location":{"id":"doi:10.1145/3627106.3627123","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3627106.3627123","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3627106.3627123","source":{"id":"https://openalex.org/S4306417673","display_name":"Annual Computer Security Applications Conference","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Annual Computer Security Applications Conference","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"bronze","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3627106.3627123","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5054966546","display_name":"Giorgio Severi","orcid":"https://orcid.org/0000-0002-0031-2683"},"institutions":[{"id":"https://openalex.org/I12912129","display_name":"Northeastern University","ror":"https://ror.org/04t5xt781","country_code":"US","type":"education","lineage":["https://openalex.org/I12912129"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Giorgio Severi","raw_affiliation_strings":["Northeastern University, USA"],"affiliations":[{"raw_affiliation_string":"Northeastern University, USA","institution_ids":["https://openalex.org/I12912129"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5025677911","display_name":"Simona Boboila","orcid":"https://orcid.org/0009-0003-3411-8912"},"institutions":[{"id":"https://openalex.org/I12912129","display_name":"Northeastern University","ror":"https://ror.org/04t5xt781","country_code":"US","type":"education","lineage":["https://openalex.org/I12912129"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Simona Boboila","raw_affiliation_strings":["Northeastern University, USA"],"affiliations":[{"raw_affiliation_string":"Northeastern University, USA","institution_ids":["https://openalex.org/I12912129"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5035574749","display_name":"Alina Oprea","orcid":"https://orcid.org/0000-0002-4979-5292"},"institutions":[{"id":"https://openalex.org/I12912129","display_name":"Northeastern University","ror":"https://ror.org/04t5xt781","country_code":"US","type":"education","lineage":["https://openalex.org/I12912129"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Alina Oprea","raw_affiliation_strings":["Northeastern University, USA"],"affiliations":[{"raw_affiliation_string":"Northeastern University, USA","institution_ids":["https://openalex.org/I12912129"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5086932068","display_name":"John T. Holodnak","orcid":"https://orcid.org/0000-0002-6603-3046"},"institutions":[{"id":"https://openalex.org/I4210122954","display_name":"MIT Lincoln Laboratory","ror":"https://ror.org/022z6jk58","country_code":"US","type":"facility","lineage":["https://openalex.org/I4210122954","https://openalex.org/I63966007"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"John Holodnak","raw_affiliation_strings":["MIT Lincoln Laboratory, USA"],"affiliations":[{"raw_affiliation_string":"MIT Lincoln Laboratory, USA","institution_ids":["https://openalex.org/I4210122954"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5084132285","display_name":"Kendra Kratkiewicz","orcid":"https://orcid.org/0009-0008-0072-6000"},"institutions":[{"id":"https://openalex.org/I4210122954","display_name":"MIT Lincoln Laboratory","ror":"https://ror.org/022z6jk58","country_code":"US","type":"facility","lineage":["https://openalex.org/I4210122954","https://openalex.org/I63966007"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Kendra Kratkiewicz","raw_affiliation_strings":["MIT Lincoln Laboratory, USA"],"affiliations":[{"raw_affiliation_string":"MIT Lincoln Laboratory, USA","institution_ids":["https://openalex.org/I4210122954"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5085910096","display_name":"Jason Matterer","orcid":"https://orcid.org/0009-0007-9281-6857"},"institutions":[{"id":"https://openalex.org/I4210157070","display_name":"Systems and Technology Research (United States)","ror":"https://ror.org/055he9s77","country_code":"US","type":"company","lineage":["https://openalex.org/I4210157070"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jason Matterer","raw_affiliation_strings":["STR, USA"],"affiliations":[{"raw_affiliation_string":"STR, USA","institution_ids":["https://openalex.org/I4210157070"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5054966546"],"corresponding_institution_ids":["https://openalex.org/I12912129"],"apc_list":null,"apc_paid":null,"fwci":2.8718,"has_fulltext":true,"cited_by_count":6,"citation_normalized_percentile":{"value":0.92114695,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"337","last_page":"351"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9980999827384949,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/interpretability","display_name":"Interpretability","score":0.8108290433883667},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7276472449302673},{"id":"https://openalex.org/keywords/backdoor","display_name":"Backdoor","score":0.6535847783088684},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.6290404796600342},{"id":"https://openalex.org/keywords/adversarial-machine-learning","display_name":"Adversarial machine learning","score":0.6120340824127197},{"id":"https://openalex.org/keywords/adversary","display_name":"Adversary","score":0.6015176773071289},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5767238140106201},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.4714288115501404},{"id":"https://openalex.org/keywords/resilience","display_name":"Resilience (materials science)","score":0.41210633516311646},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.38908037543296814},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3880684971809387}],"concepts":[{"id":"https://openalex.org/C2781067378","wikidata":"https://www.wikidata.org/wiki/Q17027399","display_name":"Interpretability","level":2,"score":0.8108290433883667},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7276472449302673},{"id":"https://openalex.org/C2781045450","wikidata":"https://www.wikidata.org/wiki/Q254569","display_name":"Backdoor","level":2,"score":0.6535847783088684},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.6290404796600342},{"id":"https://openalex.org/C2778403875","wikidata":"https://www.wikidata.org/wiki/Q20312394","display_name":"Adversarial machine learning","level":3,"score":0.6120340824127197},{"id":"https://openalex.org/C41065033","wikidata":"https://www.wikidata.org/wiki/Q2825412","display_name":"Adversary","level":2,"score":0.6015176773071289},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5767238140106201},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.4714288115501404},{"id":"https://openalex.org/C2779585090","wikidata":"https://www.wikidata.org/wiki/Q3457762","display_name":"Resilience (materials science)","level":2,"score":0.41210633516311646},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.38908037543296814},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3880684971809387},{"id":"https://openalex.org/C97355855","wikidata":"https://www.wikidata.org/wiki/Q11473","display_name":"Thermodynamics","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3627106.3627123","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3627106.3627123","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3627106.3627123","source":{"id":"https://openalex.org/S4306417673","display_name":"Annual Computer Security Applications Conference","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Annual Computer Security Applications Conference","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3627106.3627123","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3627106.3627123","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3627106.3627123","source":{"id":"https://openalex.org/S4306417673","display_name":"Annual Computer Security Applications Conference","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Annual Computer Security Applications Conference","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G2043895709","display_name":null,"funder_award_id":"W911NF-13-2-0045","funder_id":"https://openalex.org/F4320338295","funder_display_name":"Army Research Laboratory"},{"id":"https://openalex.org/G3732666562","display_name":null,"funder_award_id":"W911NF-13","funder_id":"https://openalex.org/F4320338295","funder_display_name":"Army Research Laboratory"},{"id":"https://openalex.org/G3893158423","display_name":null,"funder_award_id":"W911NF-21-1-0322","funder_id":"https://openalex.org/F4320333591","funder_display_name":"Multidisciplinary University Research Initiative"},{"id":"https://openalex.org/G4158783420","display_name":null,"funder_award_id":"FA8702-15-D-0001","funder_id":"https://openalex.org/F4320306078","funder_display_name":"U.S. Department of Defense"},{"id":"https://openalex.org/G5259331294","display_name":null,"funder_award_id":"W911NF","funder_id":"https://openalex.org/F4320338295","funder_display_name":"Army Research Laboratory"},{"id":"https://openalex.org/G5546874555","display_name":null,"funder_award_id":"W911NF-13-2-0045","funder_id":"https://openalex.org/F4320337807","funder_display_name":"U.S. Army Combat Capabilities Development Command"},{"id":"https://openalex.org/G8000996158","display_name":null,"funder_award_id":"W911NF-13-2-0045","funder_id":"https://openalex.org/F4320338456","funder_display_name":"DEVCOM Army Research Laboratory"}],"funders":[{"id":"https://openalex.org/F4320306078","display_name":"U.S. Department of Defense","ror":"https://ror.org/0447fe631"},{"id":"https://openalex.org/F4320315784","display_name":"U.S. Army Combat Capabilities Development Command Soldier Center","ror":"https://ror.org/02rdkx920"},{"id":"https://openalex.org/F4320333591","display_name":"Multidisciplinary University Research Initiative","ror":null},{"id":"https://openalex.org/F4320337807","display_name":"U.S. Army Combat Capabilities Development Command","ror":null},{"id":"https://openalex.org/F4320338295","display_name":"Army Research Laboratory","ror":"https://ror.org/011hc8f90"},{"id":"https://openalex.org/F4320338456","display_name":"DEVCOM Army Research Laboratory","ror":null}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4389279136.pdf","grobid_xml":"https://content.openalex.org/works/W4389279136.grobid-xml"},"referenced_works_count":52,"referenced_works":["https://openalex.org/W1615454278","https://openalex.org/W1984208669","https://openalex.org/W2033368661","https://openalex.org/W2055452710","https://openalex.org/W2077488147","https://openalex.org/W2146950091","https://openalex.org/W2150747245","https://openalex.org/W2166128942","https://openalex.org/W2282821441","https://openalex.org/W2294710185","https://openalex.org/W2296719434","https://openalex.org/W2336525064","https://openalex.org/W2343828539","https://openalex.org/W2754049786","https://openalex.org/W2789828921","https://openalex.org/W2794460302","https://openalex.org/W2807363941","https://openalex.org/W2885832006","https://openalex.org/W2899987729","https://openalex.org/W2903094299","https://openalex.org/W2942091739","https://openalex.org/W2959169310","https://openalex.org/W2962061624","https://openalex.org/W2963197901","https://openalex.org/W2966090837","https://openalex.org/W2999615587","https://openalex.org/W3015481738","https://openalex.org/W3021340315","https://openalex.org/W3082181878","https://openalex.org/W3097529015","https://openalex.org/W3102844060","https://openalex.org/W3103408694","https://openalex.org/W3105682467","https://openalex.org/W3116286104","https://openalex.org/W3116515605","https://openalex.org/W3120644841","https://openalex.org/W3123486603","https://openalex.org/W3158507034","https://openalex.org/W3168924310","https://openalex.org/W3199209662","https://openalex.org/W3201412947","https://openalex.org/W3206325220","https://openalex.org/W3212419298","https://openalex.org/W4200630515","https://openalex.org/W4281490637","https://openalex.org/W4283205753","https://openalex.org/W4300980427","https://openalex.org/W4308632271","https://openalex.org/W4317928098","https://openalex.org/W4319585919","https://openalex.org/W4323022560","https://openalex.org/W4384948718"],"related_works":["https://openalex.org/W4328053081","https://openalex.org/W4320018150","https://openalex.org/W4366850823","https://openalex.org/W3086120435","https://openalex.org/W2040808657","https://openalex.org/W4239582170","https://openalex.org/W3048732067","https://openalex.org/W2918664383","https://openalex.org/W4320855730","https://openalex.org/W106056076"],"abstract_inverted_index":{"As":[0],"machine":[1],"learning":[2],"(ML)":[3],"classifiers":[4,151],"increasingly":[5],"oversee":[6],"the":[7,37,44,53,58,63,71,117,121,124,143],"automated":[8],"monitoring":[9],"of":[10,40,70,119,123,130,145],"network":[11,31,114,149],"traffic,":[12],"studying":[13],"their":[14],"resilience":[15],"against":[16,30],"adversarial":[17],"attacks":[18,147],"becomes":[19],"critical.":[20],"This":[21],"paper":[22],"focuses":[23],"on":[24,111,148],"poisoning":[25,42,96,133,146],"attacks,":[26,29],"specifically":[27],"backdoor":[28],"traffic":[32,150],"flow":[33],"classifiers.":[34],"We":[35,74],"investigate":[36],"challenging":[38],"scenario":[39],"clean-label":[41],"where":[43],"adversary\u2019s":[45],"capabilities":[46],"are":[47,90],"constrained":[48],"to":[49,60,85,103],"tampering":[50],"only":[51],"with":[52,116],"training":[54,64,72],"data":[55],"\u2014":[56],"without":[57],"ability":[59],"arbitrarily":[61],"modify":[62],"labels":[65],"or":[66],"any":[67],"other":[68],"component":[69],"process.":[73],"describe":[75],"a":[76],"trigger":[77,87],"crafting":[78],"strategy":[79],"that":[80,89],"leverages":[81],"model":[82],"interpretability":[83],"techniques":[84],"generate":[86,104],"patterns":[88],"effective":[91],"even":[92],"at":[93],"very":[94],"low":[95],"rates.":[97],"Finally,":[98],"we":[99],"design":[100],"novel":[101],"strategies":[102],"stealthy":[105],"triggers,":[106],"including":[107,156],"an":[108,131],"approach":[109],"based":[110],"generative":[112],"Bayesian":[113],"models,":[115],"goal":[118],"minimizing":[120],"conspicuousness":[122],"trigger,":[125],"and":[126,160],"thus":[127],"making":[128],"detection":[129],"ongoing":[132],"campaign":[134],"more":[135],"challenging.":[136],"Our":[137],"findings":[138],"provide":[139],"significant":[140],"insights":[141],"into":[142],"feasibility":[144],"used":[152],"in":[153],"multiple":[154],"scenarios,":[155],"detecting":[157],"malicious":[158],"communication":[159],"application":[161],"classification.":[162]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":2}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}