Formulation of Adversarial ML

Machine learning is being used in a variety of domains to restrict or prevent undesirable behaviors by hackers, fraudsters and even ordinary users. Algorithms deployed for fraud prevention, network security, anti-money laundering belong to the broad area of adversarial machine learning where instead of ML trying to learn the patterns of benevolent nature, it is confronted with a malicious adversary that is looking for opportunities to exploit loopholes and weaknesses for personal gain. To evade these models an attacker needs to arm themselves with knowledge of the algorithm, feature space and the training data. Attackers have to obtain this information through a limited number of probing opportunities. Designing the feature space for adversarial models is highly dependent on the use case and what limitations you wish to place on the adversary.