IRIS Institutional Research Information System - AIR Archivio Istituzionale della Ricerca

Machine Learning (ML) models are taking the place of conventional algorithms in a wide range of application domains. However, once ML models have been deployed in the field, they can be attacked in ways that are very different from the ones of conventional systems. This chapter reviews some of the techniques that attackers use to compromise ML-based systems at two core phases of the learning process: the training and the inference stages. It provides an overview that, taking into account the current variety and scope of threats and attacks to ML models, will help the security analyst in charge of alleviating them. The chapter introduces some preliminary concepts, including the one of ML lifecycle. It then presents the setting of Adversarial Machine Learning from the point of view context of computer security, and discusses the notions of threats, vulnerabilities, and attacks. The chapter also details common alleviation measures against training-time attacks.

Securing Machine Learning Models: Notions and Open Issues / L. Mauri, E. Damiani - In: Engineering Mathematics and Artificial Intelligence : Foundations, Methods, and Applications / [a cura di] H. Kunze, D. La Torre, A. Riccoboni, M. Ruiz Galán. - [s.l] : CRC Press, 2023 Jul. - ISBN 9781003283980. - pp. 1-24 [10.1201/9781003283980-20]

Securing Machine Learning Models: Notions and Open Issues

L. Mauri
Primo
;E. Damiani
Ultimo
2023

Abstract

Machine Learning (ML) models are taking the place of conventional algorithms in a wide range of application domains. However, once ML models have been deployed in the field, they can be attacked in ways that are very different from the ones of conventional systems. This chapter reviews some of the techniques that attackers use to compromise ML-based systems at two core phases of the learning process: the training and the inference stages. It provides an overview that, taking into account the current variety and scope of threats and attacks to ML models, will help the security analyst in charge of alleviating them. The chapter introduces some preliminary concepts, including the one of ML lifecycle. It then presents the setting of Adversarial Machine Learning from the point of view context of computer security, and discusses the notions of threats, vulnerabilities, and attacks. The chapter also details common alleviation measures against training-time attacks.
Machine Learning security; poisoning attacks; ML threat model; attack alleviation
Settore INF/01 - Informatica
lug-2023
Book Part (author)
03 - Contributo in volume
File in questo prodotto:
File Dimensione Formato  
Securing_Machine_Learning_Models__Notions_and_Open_Issues_.pdf

accesso riservato

Tipologia: Pre-print (manoscritto inviato all'editore)
Dimensione 2.31 MB
Formato Adobe PDF
  Visualizza/Apri   Richiedi una copia
2.31 MB Adobe PDF   Visualizza/Apri   Richiedi una copia
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/999308
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 0
  • ???jsp.display-item.citation.isi??? ND
social impact