Exploiting Machine Learning to Subvert Your Spam Filter

Blaine Nelson, Marco Barreno, Fuching Jack Chi, Anthony D. Joseph, Benjamin I. P. Rubinstein, Udam Saini, Charles Sutton, J. D. Tygar, Kai Xia

Research output: Chapter in Book/Report/Conference proceedingConference contribution


Using statistical machine learning for making security decisions introduces new vulnerabilities in large scale systems. This paper shows how an adversary can exploit statistical machine learning, as used in the SpamBayes spam filter, to render it useless—even if the adversary’s access is limited to only 1% of the training messages. We further demonstrate a new class of focused attacks that successfully prevent victims from receiving specific email messages. Finally, we introduce two new types of defenses against these attacks.
Original languageEnglish
Title of host publicationProceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats
Place of PublicationBerkeley, CA, USA
PublisherUSENIX Association
Number of pages9
Publication statusPublished - 2008


Dive into the research topics of 'Exploiting Machine Learning to Subvert Your Spam Filter'. Together they form a unique fingerprint.

Cite this