This paper addresses the challenge of adversarial classification, where classifiers must contend with adversaries who actively manipulate data to produce false negatives. The authors develop a formal framework and algorithms to optimize the classifier's performance against the adversary's optimal strategy. They focus on the naive Bayes classifier and propose an integer linear program to find the minimum cost camouflage (MCC) of instances to defeat the classifier. The proposed approach is evaluated in a spam detection domain, demonstrating significant utility gains compared to standard naive Bayes classifiers. The paper also discusses future research directions, including repeated games, incomplete information, and generalization to other classifiers.This paper addresses the challenge of adversarial classification, where classifiers must contend with adversaries who actively manipulate data to produce false negatives. The authors develop a formal framework and algorithms to optimize the classifier's performance against the adversary's optimal strategy. They focus on the naive Bayes classifier and propose an integer linear program to find the minimum cost camouflage (MCC) of instances to defeat the classifier. The proposed approach is evaluated in a spam detection domain, demonstrating significant utility gains compared to standard naive Bayes classifiers. The paper also discusses future research directions, including repeated games, incomplete information, and generalization to other classifiers.