lets take a look into what is adversarial machine learning? and how it is important to know every machine learning enthusiast and researchers. we are also see the best practices in machine learning to secure machine learning model
“Artificial Intelligence will not destroy the world. Our irresponsibility will destroy the world.”Abhijit Naskar
Recent years have witnessed the draftic improvement and advances in the machine learning field. As we know everything has two sides one is good and another is bad. Same things are now happening with the machine learning field. This is an alarming situation in the machine learning community.
Practically every technology company is now using machine learning in their day-to-day operations. The statistical algorithms that were once reserved for academia are now even being picked up by more traditional industries as software continues to eat the world.In all this excitement there has been one element of the problem and of course it is Security.
Today we are talking about a new term of machine learning that is adversarial machine learning. Adversarial machine learning is a research field that lies at the intersection of machine learning and computer security.Adversarial machine learning is a technique employed in the field of machine learning which attempts to fool models through malicious input. Most of the reasons for such attacks are to cause harm or malfunction the standard machine learning models.
In these mainly two types of attacks. attacks on machine learning systems can be classified into one of two types:
- Evasion attacks
- Poisoning attacks
Evasion attacks –
This is a simple type of attack model. In these the learning outcome is bypassed. A generalized model of how an evasion attack works. In the real world an attacker may only be able to observe partial or derivative outcomes.For example, an attacker who wishes to send spam emails could first try a number of different email contents against the model to try and discover a way to get their spam email classified as innocuous.
Poisoning attacks –
In this attack An attacker may focus on influencing your training data in an attempt to influence the learning outcome.
In this an attacker who knows that network traffic is currently being collected to train a classifier that detects anomalous traffic can then send traffic to that network such that when the model is built it will fail to classify the attacks connections as out of the ordinary.
According to researchers, this attack is classified using 3 properties based on constructed taxonomy :
- Attack is Causative or Exploratory
- Attack is focuses on Integrity , availability or Privacy
- Attack is indiscriminate and has a flexible goal.
Best practices of machine learning security – Like all security, the solution to adversarial machine learning is layered defenses – and there is no one-stop patch. However, there are a few techniques that can be used to minimize your risk footprint:
- Understanding training data – it is a good step to understand the level of risk will be there to use these data into your model.
- Sanitising your training data – if it is not possible to check every data source then on the basis of negative impact measures the dataset samples should be replaced with new training samples.
- Examine your algorithm – Certain machine learning algorithms have combined existing algorithms with techniques from the field robust statistics. The hardened algorithms that assume that a small portion of data is likely to be malicious and have built in countermeasures to limit the impact of poisoning.
If you are interested to dive deep into this topic i have given some links below:
- Advarsal Learning – http://research.microsoft.com/pubs/73510/kdd05lowd.pdf
- Machine learning methods – http://vesta.informatik.rwth-aachen.de/opus/volltexte/2013/4356/pdf/dagman-v003-i001-p001-12371.pdf
- Adversarial machine learning – http://www.cs.berkeley.edu/~tygar/papers/SML2/Adversarial_AISEC.pdf
See more :
What is artificial intelligence and its future?see link https://hackernoons.com/2020/06/21/best-explain-artificial-intelligence-ai-and-its-future/