MLSEC 9 Flashcards
Adversarial machine learning
Attacks and defenses for learning algorithms
Different types of vulnerabilities
Attacks possible during learning and application phase
Types of attack
Adversarial Examples
(Attacks against integrity of prediction)
Inference Attacks
(Attacks against confidentiality of model)
Poisoning Attacks
(Attacks against integrity of model)
defense strategies for machine learning
Integrated defenses = Attack-resilient learning algorithms
Operational defenses = Security-aware application of learning
Defense: Complexity
Prediction function obfuscated
Defense: Randomization
Prediction function randomized
Defense: Certified Robustness
Learning accounts for attack spheres
Defense: Stateful Application
Access to function monitored
Security-Aware Testing
Better testing for models
Differential testing
Monte Carlo Tree Search
exploration
simulation
selection
repeat
