SlideShare a Scribd company logo

Security and Privacy of Machine Learning

Priyanka Aash, profile picture
Priyanka Aash

The document presents insights into machine learning's intersection with security, highlighting malware detection, privacy of training data, and various attack vectors such as adversarial examples and model theft. It outlines the significance of differential privacy, training set poisoning, and the challenges faced by current defenses based on unrealistic threat models. The presentation also emphasizes the need for robust methodologies when deploying machine learning models, particularly those that handle sensitive data.

Technology
1 of 30
Downloaded 96 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
Most read
19
20
21
22
23
24
25
26
27
28
29
30
SESSION ID: #RSAC Ian Goodfellow SECURITY AND PRIVACY OF MACHINE LEARNING Staff Research Scientist Google Brain @goodfellow_ian
(Goodfellow 2018) #RSAC Machine Learning and Security 2 Machine Learning for Security Malware detection Intrusion detection … Security against Attacks that use Machine Learning Password guessing Fake reviews …
(Goodfellow 2018) #RSAC Security of Machine Learning 3
(Goodfellow 2018) #RSAC An overview of a field 4 This presentation summarizes the work of many people, not just my own / my collaborators Download the slides for this link to extensive references The presentation focuses on the concepts, not the history or the inventors
(Goodfellow 2018) #RSAC Machine Learning Pipeline 5 Training data Learning algorithm Learned parameters Test input Test output
(Goodfellow 2018) #RSAC Privacy of Training Data 6
(Goodfellow 2018) #RSAC Defining (ε, δ)-Differential Privacy 7 (Abadi 2017)
(Goodfellow 2018) #RSAC Private Aggregation of Teacher Ensembles 8 (Papernot et al 2016)
(Goodfellow 2018) #RSAC Training Set Poisoning 9
(Goodfellow 2018) #RSAC ImageNet Poisoning 10 (Koh and Liang 2017)
(Goodfellow 2018) #RSAC Adversarial Examples 11
(Goodfellow 2018) #RSAC Model Theft 12
(Goodfellow 2018) #RSAC Model Theft++ 13
(Goodfellow 2018) #RSAC Deep Dive on Adversarial Examples 14 ...solving CAPTCHAS and reading addresses... ...recognizing objects and faces…. (Szegedy et al, 2014) (Goodfellow et al, 2013) (Taigmen et al, 2013) (Goodfellow et al, 2013) and other tasks... Since 2013, deep neural networks have matched human performance at...
(Goodfellow 2018) #RSAC Adversarial Examples 15
(Goodfellow 2018) #RSAC Turning objects into airplanes 16
(Goodfellow 2018) #RSAC Attacking a linear model 17
(Goodfellow 2018) #RSAC Wrong almost everywhere 18
(Goodfellow 2018) #RSAC Cross-model, cross-dataset transfer 19
(Goodfellow 2018) #RSAC Transfer across learning algorithms 20 (Papernot 2016)
(Goodfellow 2018) #RSAC Transfer attack 21 Train your own model Target model with unknown weights, machine learning algorithm, training set; maybe non- differentiable Substitute model mimicking target model with known, differentiable function Adversarial examples Adversarial crafting against substitute Deploy adversarial examples against the target; transferability property results in them succeeding
(Goodfellow 2018) #RSAC Enhancing Transfer with Ensembles 22 (Liu et al, 2016)
(Goodfellow 2018) #RSAC Transfer to the Human Brain 23 (Elsayed et al, 2018)
(Goodfellow 2018) #RSAC Transfer to the Physical World 24 (Kurakin et al, 2016)
(Goodfellow 2018) #RSAC Adversarial Training 25
(Goodfellow 2018) #RSAC Adversarial Training vs Certified Defenses 26 Adversarial Training: Train on adversarial examples This minimizes a lower bound on the true worst-case error Achieves a high amount of (empirically tested) robustness on small to medium datasets Certified defenses Minimize an upper bound on true worst-case error Robustness is guaranteed, but amount of robustness is small Verification of models that weren’t trained to be easy to verify is hard
(Goodfellow 2018) #RSAC Limitations of defenses 27 Even certified defenses so far assume unrealistic threat model Typical model: attacker can change input within some norm ball Real attacks will be stranger, hard to characterize ahead of time (Brown et al., 2017)
(Goodfellow 2018) #RSAC Clever Hans 28 (“Clever Hans, Clever Algorithms,” Bob Sturm)
(Goodfellow 2018) #RSAC Get involved! 29 https://github.com/tensorflow/cleverhans
(Goodfellow 2018) #RSAC Apply What You Have Learned 30 Publishing an ML model or a prediction API? Is the training data sensitive? -> train with differential privacy Consider how an attacker could cause damage by fooling your model Current defenses are not practical Rely on situations with no incentive to cause harm / limited amount of potential harm

More Related Content

PDF
Privacy preserving machine learning
Michał Kuźba
 
PDF
Security of Machine Learning
Institute of Contemporary Sciences
 
PPTX
Artificial Intelligence and Cybersecurity
Olivier Busolini
 
PPTX
Federated Learning: ML with Privacy on the Edge 11.15.18
Cloudera, Inc.
 
PPTX
Machine learning in Cyber Security
RajathV2
 
PPTX
Big Data Stockholm v 7 | "Federated Machine Learning for Collaborative and Se...
Dataconomy Media
 
PDF
Fairness in Machine Learning and AI
Seth Grimes
 
PPTX
Machine Learning in Cyber Security
Rishi Kant
 
Privacy preserving machine learning
Michał Kuźba
 
Security of Machine Learning
Institute of Contemporary Sciences
 
Artificial Intelligence and Cybersecurity
Olivier Busolini
 
Federated Learning: ML with Privacy on the Edge 11.15.18
Cloudera, Inc.
 
Machine learning in Cyber Security
RajathV2
 
Big Data Stockholm v 7 | "Federated Machine Learning for Collaborative and Se...
Dataconomy Media
 
Fairness in Machine Learning and AI
Seth Grimes
 
Machine Learning in Cyber Security
Rishi Kant
 

What's hot (20)

PPTX
Application of Machine Learning in Cybersecurity
Pratap Dangeti
 
PPTX
Overfitting & Underfitting
SOUMIT KAR
 
PPT
Machine Learning
Vivek Garg
 
PPT
Machine learning
Rajib Kumar De
 
PPTX
Federated Learning
DataWorks Summit
 
PPTX
Cyber security with ai
Burhan Ahmed
 
PPTX
Adversarial Attacks and Defense
Kishor Datta Gupta
 
PDF
Machine learning
Dr Geetha Mohan
 
PPTX
Overview of Artificial Intelligence in Cybersecurity
Olivier Busolini
 
PDF
Adversarial Attacks and Defenses in Deep Learning.pdf
MichelleHoogenhout
 
PPTX
AI and the Impact on Cybersecurity
Graham Mann
 
PPTX
Federated Learning
University of Oslo
 
PPT
Basics of Machine Learning
butest
 
PPTX
cloud security ppt
Devyani Vaidya
 
PPTX
A Comprehensive Review of Large Language Models for.pptx
SaiPragnaKancheti
 
PDF
Machine Learning in Cyber Security Domain
BGA Cyber Security
 
PDF
Lecture 1: What is Machine Learning?
Marina Santini
 
PDF
Data science workshop
Hortonworks
 
PPTX
A brief primer on OpenAI's GPT-3
Ishan Jain
 
PDF
Generative AI: Past, Present, and Future – A Practitioner's Perspective
Huahai Yang
 
Application of Machine Learning in Cybersecurity
Pratap Dangeti
 
Overfitting & Underfitting
SOUMIT KAR
 
Machine Learning
Vivek Garg
 
Machine learning
Rajib Kumar De
 
Federated Learning
DataWorks Summit
 
Cyber security with ai
Burhan Ahmed
 
Adversarial Attacks and Defense
Kishor Datta Gupta
 
Machine learning
Dr Geetha Mohan
 
Overview of Artificial Intelligence in Cybersecurity
Olivier Busolini
 
Adversarial Attacks and Defenses in Deep Learning.pdf
MichelleHoogenhout
 
AI and the Impact on Cybersecurity
Graham Mann
 
Federated Learning
University of Oslo
 
Basics of Machine Learning
butest
 
cloud security ppt
Devyani Vaidya
 
A Comprehensive Review of Large Language Models for.pptx
SaiPragnaKancheti
 
Machine Learning in Cyber Security Domain
BGA Cyber Security
 
Lecture 1: What is Machine Learning?
Marina Santini
 
Data science workshop
Hortonworks
 
A brief primer on OpenAI's GPT-3
Ishan Jain
 
Generative AI: Past, Present, and Future – A Practitioner's Perspective
Huahai Yang
 
Ad

Similar to Security and Privacy of Machine Learning (20)

PPTX
slides_security_and_privacy_in_machine_learning.pptx
ssuserabf73f
 
PDF
Machine learning cybersecurity boon or boondoggle
Priyanka Aash
 
PDF
Bringing Red vs. Blue to Machine Learning
Bobby Filar
 
PPTX
Secure Machine Learning: Overcoming Algorithmic Bias, Adversarial ML, and Oth...
Hunter Carlisle
 
PDF
Securing AI - There Is No Try, Only Do!.pdf
Priyanka Aash
 
PPTX
A Survey on Security and Privacy of Machine Learning
Thang Dang Duy
 
PPTX
Tricking a DNN with adversarial examples
Ojasava Paras
 
PDF
Microsoft Research Faculty Summit - AI and Security
ssusere6073a
 
PDF
Adversarial ml
JunfeiWang1
 
PDF
Machine learning security - Pawel Zawistowski, Warsaw University of Technolog...
Evention
 
PDF
Security in Machine Learning
Flavio Clesio
 
PDF
Adversarial ML - Part 2.pdf
KSChidanandKumarJSSS
 
DOCX
Minor Project Report about Cyber security Effects on AI: Challenges and Mitig...
Techno India University
 
DOCX
Minor Project ReportCyber security Effects on AI: Challenges and Mitigation S...
srinjoy221001102046
 
PDF
Adversarial Attacks on A.I. Systems — NextCon, Jan 2019
anant90
 
PPTX
2019 Triangle Machine Learning Day - Mitigating Evasion Attacks to Deep Neura...
The Statistical and Applied Mathematical Sciences Institute
 
PDF
Battista Biggio @ ECML PKDD 2013 - Evasion attacks against machine learning a...
Pluribus One
 
PDF
Exploiting AI Models: Adversarial Attacks and Defense Mechanisms
Denis Nwanshi, MBA
 
PDF
Machine Learning under Attack: Vulnerability Exploitation and Security Measures
Pluribus One
 
PDF
Security Analytics: The Promise of Artificial Intelligence, Machine Learning,...
Cybereason
 
slides_security_and_privacy_in_machine_learning.pptx
ssuserabf73f
 
Machine learning cybersecurity boon or boondoggle
Priyanka Aash
 
Bringing Red vs. Blue to Machine Learning
Bobby Filar
 
Secure Machine Learning: Overcoming Algorithmic Bias, Adversarial ML, and Oth...
Hunter Carlisle
 
Securing AI - There Is No Try, Only Do!.pdf
Priyanka Aash
 
A Survey on Security and Privacy of Machine Learning
Thang Dang Duy
 
Tricking a DNN with adversarial examples
Ojasava Paras
 
Microsoft Research Faculty Summit - AI and Security
ssusere6073a
 
Adversarial ml
JunfeiWang1
 
Machine learning security - Pawel Zawistowski, Warsaw University of Technolog...
Evention
 
Security in Machine Learning
Flavio Clesio
 
Adversarial ML - Part 2.pdf
KSChidanandKumarJSSS
 
Minor Project Report about Cyber security Effects on AI: Challenges and Mitig...
Techno India University
 
Minor Project ReportCyber security Effects on AI: Challenges and Mitigation S...
srinjoy221001102046
 
Adversarial Attacks on A.I. Systems — NextCon, Jan 2019
anant90
 
2019 Triangle Machine Learning Day - Mitigating Evasion Attacks to Deep Neura...
The Statistical and Applied Mathematical Sciences Institute
 
Battista Biggio @ ECML PKDD 2013 - Evasion attacks against machine learning a...
Pluribus One
 
Exploiting AI Models: Adversarial Attacks and Defense Mechanisms
Denis Nwanshi, MBA
 
Machine Learning under Attack: Vulnerability Exploitation and Security Measures
Pluribus One
 
Security Analytics: The Promise of Artificial Intelligence, Machine Learning,...
Cybereason
 
Ad

More from Priyanka Aash (20)

PPTX
AI Code Generation Risks (Ramkumar Dilli, CIO, Myridius)
Priyanka Aash
 
PDF
From Chatbot to Destroyer of Endpoints - Can ChatGPT Automate EDR Bypasses (1...
Priyanka Aash
 
PDF
Cracking the Code - Unveiling Synergies Between Open Source Security and AI.pdf
Priyanka Aash
 
PDF
Oh, the Possibilities - Balancing Innovation and Risk with Generative AI.pdf
Priyanka Aash
 
PDF
Lessons Learned from Developing Secure AI Workflows.pdf
Priyanka Aash
 
PDF
Cyber Defense Matrix Workshop - RSA Conference
Priyanka Aash
 
PDF
A Constitutional Quagmire - Ethical Minefields of AI, Cyber, and Privacy.pdf
Priyanka Aash
 
PDF
GenAI Opportunities and Challenges - Where 370 Enterprises Are Focusing Now.pdf
Priyanka Aash
 
PDF
Coordinated Disclosure for ML - What's Different and What's the Same.pdf
Priyanka Aash
 
PDF
10 Key Challenges for AI within the EU Data Protection Framework.pdf
Priyanka Aash
 
PDF
Techniques for Automatic Device Identification and Network Assignment.pdf
Priyanka Aash
 
PDF
Keynote : Presentation on SASE Technology
Priyanka Aash
 
PDF
Keynote : AI & Future Of Offensive Security
Priyanka Aash
 
PDF
Redefining Cybersecurity with AI Capabilities
Priyanka Aash
 
PDF
Demystifying Neural Networks And Building Cybersecurity Applications
Priyanka Aash
 
PDF
Finetuning GenAI For Hacking and Defending
Priyanka Aash
 
PDF
(CISOPlatform Summit & SACON 2024) Kids Cyber Security .pdf
Priyanka Aash
 
PDF
(CISOPlatform Summit & SACON 2024) Regulation & Response In Banks.pdf
Priyanka Aash
 
PDF
(CISOPlatform Summit & SACON 2024) Cyber Insurance & Risk Quantification.pdf
Priyanka Aash
 
PDF
(CISOPlatform Summit & SACON 2024) Workshop _ Most Dangerous Attack Technique...
Priyanka Aash
 
AI Code Generation Risks (Ramkumar Dilli, CIO, Myridius)
Priyanka Aash
 
From Chatbot to Destroyer of Endpoints - Can ChatGPT Automate EDR Bypasses (1...
Priyanka Aash
 
Cracking the Code - Unveiling Synergies Between Open Source Security and AI.pdf
Priyanka Aash
 
Oh, the Possibilities - Balancing Innovation and Risk with Generative AI.pdf
Priyanka Aash
 
Lessons Learned from Developing Secure AI Workflows.pdf
Priyanka Aash
 
Cyber Defense Matrix Workshop - RSA Conference
Priyanka Aash
 
A Constitutional Quagmire - Ethical Minefields of AI, Cyber, and Privacy.pdf
Priyanka Aash
 
GenAI Opportunities and Challenges - Where 370 Enterprises Are Focusing Now.pdf
Priyanka Aash
 
Coordinated Disclosure for ML - What's Different and What's the Same.pdf
Priyanka Aash
 
10 Key Challenges for AI within the EU Data Protection Framework.pdf
Priyanka Aash
 
Techniques for Automatic Device Identification and Network Assignment.pdf
Priyanka Aash
 
Keynote : Presentation on SASE Technology
Priyanka Aash
 
Keynote : AI & Future Of Offensive Security
Priyanka Aash
 
Redefining Cybersecurity with AI Capabilities
Priyanka Aash
 
Demystifying Neural Networks And Building Cybersecurity Applications
Priyanka Aash
 
Finetuning GenAI For Hacking and Defending
Priyanka Aash
 
(CISOPlatform Summit & SACON 2024) Kids Cyber Security .pdf
Priyanka Aash
 
(CISOPlatform Summit & SACON 2024) Regulation & Response In Banks.pdf
Priyanka Aash
 
(CISOPlatform Summit & SACON 2024) Cyber Insurance & Risk Quantification.pdf
Priyanka Aash
 
(CISOPlatform Summit & SACON 2024) Workshop _ Most Dangerous Attack Technique...
Priyanka Aash
 

Recently uploaded (20)

PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PDF
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PPTX
Spectroscopy.pptx food analysis technology
nawahassan45
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PPTX
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
PDF
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PPTX
ACSFv1EN-58255 AWS Academy Cloud Security Foundations.pptx
23bcla24
 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PPTX
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
Spectroscopy.pptx food analysis technology
nawahassan45
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
ACSFv1EN-58255 AWS Academy Cloud Security Foundations.pptx
23bcla24
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 

Security and Privacy of Machine Learning