search menu icon-carat-right cmu-wordmark

Threats to Machine Learning Applications

August 2020 Presentation
Mark Sherman

This presentation illustrates where machine learning applications can be attacked, the means for carrying out the attacks, and some mitigations that can be employed.

Publisher:

Software Engineering Institute

Watch

Abstract

This presentation illustrates where machine learning applications can be attacked, the means for carrying out the attacks, and some mitigations that can be employed. It reviews the elements in building and deploying a machine learning application, including both data and processes, and covers the impact of attacks on each element in turn. The presentation gives special attention to transfer learning, a popular way to construct quickly a machine learning application. It provides several mitigations to these attacks and describes their engineering tradeoffs between security and accuracy. Finally, it reviews the methods by which an attacker could get access to the machine learning system.