Offense - Adversarial Threats/Attacks

From
Revision as of 16:22, 5 July 2018 by BPeat (talk | contribs) (Boolean Satisfiability (SAT) Problem/Satisfiability Modulo Theories (SMT) Solvers)
Jump to: navigation, search

Youtube search...

______________________________________________________


Adversarial examples are inputs to machine learning models that an attacker has intentionally designed to cause the model to make a mistake; they’re like optical illusions for machines. Myth: An attacker must have access to the model to generate adversarial examples. Fact: Adversarial examples generalize across models trained to perform the same task, even if those models have different architectures and were trained on a different training set. This means an attacker can train their own model, generate adversarial examples against it, and then deploy those adversarial examples against a model they do not have access to. -Deep Learning Adversarial Examples – Clarifying Misconceptions | Goodfellow et al.

Weaponizing Machine Learning

Youtube search...

Boolean Satisfiability (SAT) Problem/Satisfiability Modulo Theories (SMT) Solvers

Youtube search...


In what seems to be an endless back-and-forth between new adversarial attacks and new defenses against those attacks, we would like a means of formally verifying the robustness of machine learning algorithms to adversarial attacks. In the privacy domain, there is the idea of a differential privacy budget, which quantifies privacy over all possible attacks. In the following three papers, we see attempts at deriving an equivalent benchmark for security, one that will allow the evaluation of defenses against all possible attacks instead of just a specific one. Class 6: Measuring Robustness of ML Models

Retrieved from "https://primo.ai/index.php?title=Offense_-_Adversarial_Threats/Attacks&oldid=3107"