Adversarial classification addresses the challenge of designing classifiers that can adapt to an adversary manipulating data to mislead the classifier. In domains like spam detection, intrusion detection, and fraud detection, adversaries actively alter data to make classifiers produce false negatives. Traditional classifiers, such as naive Bayes, are vulnerable to such attacks, as adversaries can modify features to evade detection. This paper introduces a formal framework and algorithms for adversarial classification, modeling the interaction between a classifier and an adversary as a game. The classifier aims to maximize its expected utility, while the adversary seeks to maximize its own utility by modifying instances. The paper proposes a Nash equilibrium approach, where both players optimize their strategies iteratively. The paper formalizes the problem as a game between a cost-sensitive classifier and a cost-sensitive adversary. It focuses on the naive Bayes classifier and derives optimal strategies for both the classifier and the adversary. The adversary's optimal strategy involves modifying features to make the classifier misclassify instances, while the classifier adapts to these modifications. Efficient algorithms are developed to compute these strategies, and experiments in spam detection show that the adversary-aware classifier significantly outperforms traditional classifiers. The classifier can automatically adapt to the adversary's evolving manipulations, improving performance over time. The paper also discusses the computational challenges of finding Nash equilibria in adversarial classification, noting that the number of possible strategies grows exponentially with the number of features. To address this, the paper proposes a pseudo-linear time algorithm based on dynamic programming and pruning strategies. These strategies reduce the search space by focusing on the most impactful feature changes. The results show that the adversary-aware classifier can effectively handle adversarial data, maintaining high accuracy even when the adversary modifies instances. Experiments on spam detection datasets demonstrate the effectiveness of the adversary-aware classifier. The classifier outperforms traditional naive Bayes in all scenarios, even when the adversary modifies instances. The classifier's ability to adapt to the adversary's strategies is crucial for maintaining performance in dynamic environments. The paper also explores repeated games, where both the classifier and the adversary continuously evolve their strategies. The results show that the adversary-aware classifier maintains high performance over multiple rounds, even as the adversary adapts. Future work includes extending the framework to handle repeated games, exploring the theoretical foundations of adversarial classification, and addressing the challenges of incomplete information. The paper highlights the importance of developing robust classifiers that can adapt to adversarial data, ensuring their effectiveness in real-world applications.Adversarial classification addresses the challenge of designing classifiers that can adapt to an adversary manipulating data to mislead the classifier. In domains like spam detection, intrusion detection, and fraud detection, adversaries actively alter data to make classifiers produce false negatives. Traditional classifiers, such as naive Bayes, are vulnerable to such attacks, as adversaries can modify features to evade detection. This paper introduces a formal framework and algorithms for adversarial classification, modeling the interaction between a classifier and an adversary as a game. The classifier aims to maximize its expected utility, while the adversary seeks to maximize its own utility by modifying instances. The paper proposes a Nash equilibrium approach, where both players optimize their strategies iteratively. The paper formalizes the problem as a game between a cost-sensitive classifier and a cost-sensitive adversary. It focuses on the naive Bayes classifier and derives optimal strategies for both the classifier and the adversary. The adversary's optimal strategy involves modifying features to make the classifier misclassify instances, while the classifier adapts to these modifications. Efficient algorithms are developed to compute these strategies, and experiments in spam detection show that the adversary-aware classifier significantly outperforms traditional classifiers. The classifier can automatically adapt to the adversary's evolving manipulations, improving performance over time. The paper also discusses the computational challenges of finding Nash equilibria in adversarial classification, noting that the number of possible strategies grows exponentially with the number of features. To address this, the paper proposes a pseudo-linear time algorithm based on dynamic programming and pruning strategies. These strategies reduce the search space by focusing on the most impactful feature changes. The results show that the adversary-aware classifier can effectively handle adversarial data, maintaining high accuracy even when the adversary modifies instances. Experiments on spam detection datasets demonstrate the effectiveness of the adversary-aware classifier. The classifier outperforms traditional naive Bayes in all scenarios, even when the adversary modifies instances. The classifier's ability to adapt to the adversary's strategies is crucial for maintaining performance in dynamic environments. The paper also explores repeated games, where both the classifier and the adversary continuously evolve their strategies. The results show that the adversary-aware classifier maintains high performance over multiple rounds, even as the adversary adapts. Future work includes extending the framework to handle repeated games, exploring the theoretical foundations of adversarial classification, and addressing the challenges of incomplete information. The paper highlights the importance of developing robust classifiers that can adapt to adversarial data, ensuring their effectiveness in real-world applications.