Machine Learning (ML) models are taking the place of conventional algorithms in a wide range of application domains. However, once ML models have been deployed in the field, they can be attacked in ways that are very different from the ones of conventional systems. This chapter reviews some of the techniques that attackers use to compromise ML-based systems at two core phases of the learning process: the training and the inference stages. It provides an overview that, taking into account the current variety and scope of threats and attacks to ML models, will help the security analyst in charge of alleviating them. The chapter introduces some preliminary concepts, including the one of ML lifecycle. It then presents the setting of Adversarial Machine Learning from the point of view context of computer security, and discusses the notions of threats, vulnerabilities, and attacks. The chapter also details common alleviation measures against training-time attacks.
Securing Machine Learning Models: Notions and Open Issues / L. Mauri, E. Damiani - In: Engineering Mathematics and Artificial Intelligence : Foundations, Methods, and Applications / [a cura di] H. Kunze, D. La Torre, A. Riccoboni, M. Ruiz Galán. - [s.l] : CRC Press, 2023 Jul. - ISBN 9781003283980. - pp. 1-24 [10.1201/9781003283980-20]
Securing Machine Learning Models: Notions and Open Issues
L. Mauri
Primo
;E. DamianiUltimo
2023
Abstract
Machine Learning (ML) models are taking the place of conventional algorithms in a wide range of application domains. However, once ML models have been deployed in the field, they can be attacked in ways that are very different from the ones of conventional systems. This chapter reviews some of the techniques that attackers use to compromise ML-based systems at two core phases of the learning process: the training and the inference stages. It provides an overview that, taking into account the current variety and scope of threats and attacks to ML models, will help the security analyst in charge of alleviating them. The chapter introduces some preliminary concepts, including the one of ML lifecycle. It then presents the setting of Adversarial Machine Learning from the point of view context of computer security, and discusses the notions of threats, vulnerabilities, and attacks. The chapter also details common alleviation measures against training-time attacks.File | Dimensione | Formato | |
---|---|---|---|
Securing_Machine_Learning_Models__Notions_and_Open_Issues_.pdf
accesso riservato
Tipologia:
Pre-print (manoscritto inviato all'editore)
Dimensione
2.31 MB
Formato
Adobe PDF
|
2.31 MB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.