Emerging vulnerabilities in machine learning (ML) models due to adversarial attacks raise concerns about their reliability. Specifically, evasion attacks manipulate models by introducing precise perturbations to input data, causing erroneous predictions. To address this, we propose a methodology combining SHapley Additive exPlanations (SHAP) for feature importance analysis with an innovative Optimal Epsilon technique for conducting evasion attacks. Our approach begins with SHAP-based analysis to understand model vulnerabilities, crucial for devising targeted evasion strategies. The Optimal Epsilon technique, employing a Binary Search algorithm, efficiently determines the minimum epsilon needed for successful evasion. Evaluation across diverse machine learning architectures demonstrates the technique's precision in generating adversarial samples, underscoring its efficacy in manipulating model outcomes. This study emphasizes the critical importance of continuous assessment and monitoring to identify and mitigate potential security risks in machine learning systems.

翻译：机器学习模型因对抗攻击而暴露的新漏洞引发了对可靠性的担忧。具体而言，逃逸攻击通过向输入数据引入精确扰动来操控模型，导致错误预测。为解决此问题，我们提出了一种结合SHapley加性解释（SHAP）进行特征重要性分析与创新性最优扰动技术的逃逸攻击方法。该方法首先通过基于SHAP的分析理解模型脆弱性，这对制定针对性逃逸策略至关重要。最优扰动技术采用二分搜索算法，能高效确定成功逃逸所需的最小扰动强度。跨多种机器学习架构的评估表明，该技术在生成对抗样本时具有精准性，充分展现了其在操控模型输出方面的有效性。本研究强调了持续评估与监控对识别及缓解机器学习系统潜在安全风险的关键意义。