Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Securing Machine Learning Models

raghothams
November 24, 2020
Technology
0
31

Securing Machine Learning Models

ML models are popping up everywhere around us, be it e-commerce, networks or healthcare. We went through a journey of running these models on a local machine to industrializing these models and scaling them to serve millions of users. However, very few people actually realize how easy / hard these models are to hack & replicate using various black box & white box methodologies.

We walk you through important security aspects one has to keep in mind while deploying machine learning models on cloud, edge or on-premise. We will also showcase counter measures to defend these attacks as well.

We will take the standard security expert's approach of:
1. Awareness
2. Applicability
3. Countermeasures

The talk will majorly focus attacks like:
1. Model extraction - How can an adversary replicate your model?
2. Model evasion / adversarial attacks - How can an adversary corrupt your model?
3. Model watermarking - How can one prove ownership of a model?

raghothams

November 24, 2020
Tweet

More Decks by raghothams

See All by raghothams
Language Model for Music Recommendation
raghothams
0
23
Deep Learning for Fonts
raghothams
0
350
Data Science 101
raghothams
0
40
Introduction to Firewalls
raghothams
3
120

Other Decks in Technology

See All in Technology
HEXA OSINT CTF V3 作戦会議
meow_noisy
0
110
"好き"との生活/Regularly update profile with GitHub Actions
judeeeee
0
150
TransitGatewayの基礎
toru_kubota
0
230
Vertex AI を中心に 生成AIのアップデートを共有します
kaz1437
0
150
「ふりかえりのふりかえり」をふりかえり、実のあるふりかえりにする
naitosatoshi
0
220
オブザーバビリティの Primary Signals
onk
PRO
0
550
日本におけるデータエンジニアリングのこれまでとこれから
foursue
12
2.5k
NgRx Signal Store
rainerhahnekamp
0
120
Cloud Native Java with Spring Boot (CNCF Aarhus, April 2024)
thomasvitale
1
130
巨大なテーブルのテーブル定義を無停止で安全に誰でも変更できるようにする / Table-definitions-for-huge-tables-can-be-modified-by-anyone-safely-and-non-disruptively
freee
1
740
DevOpsDays History and my DevOps story
kawaguti
PRO
8
1.6k
カオナビの利用実績をアウトカムへつなげる旅 / example-of-data-management-startup-in-kaonavi
kaonavi
0
120

Featured

See All Featured
Build your cross-platform service in a week with App Engine
jlugia
225
17k
How to train your dragon (web standard)
notwaldorf
72
5.1k
Mobile First: as difficult as doing things right
swwweet
216
8.6k
No one is an island. Learnings from fostering a developers community.
thoeni
14
2.1k
Optimising Largest Contentful Paint
csswizardry
7
2.3k
Large-scale JavaScript Application Architecture
addyosmani
503
110k
The MySQL Ecosystem @ GitHub 2015
samlambert
242
12k
What's in a price? How to price your products and services
michaelherold
237
11k
Code Review Best Practice
trishagee
54
15k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
501
140k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
240
1.2M
Building Effective Engineering Teams - LeadDev
addyosmani
27
1.8k

Transcript

  1. None
  2. None

  3. 䚉 䚉 䚉 䚉 䚉 䚉

  4. 䚉 䚉 䚉 䚉

  5. None
  6. None
  7. None

  8. 䚉 䚉 䚉 䚉

  9. None

  10. 䚉 䚉 䚉

  11. 䚉 䚉

  12. None
  13. None
  14. None
  15. None
  16. None

  17. 䚉 䚉 䚉

  18. None

  19. 4VIGMWMSR 6IGEPP *WGSVI 3VMKMREP1SHIP    4VS\]1SHIP  

    

  20. 4VIGMWMSR 6IGEPP *WGSVI 3VMKMREP1SHIP    4VS\]1SHIP  

     1SHIP)\XVEGXMSR 9RWYGGIWWJYP

  21. 4VIGMWMSR 6IGEPP *WGSVI 3VMKMREP1SHIP    4VS\]1SHIP  

    

  22. 4VIGMWMSR 6IGEPP *WGSVI 3VMKMREP1SHIP    4VS\]1SHIP  

     1SHIP)\XVEGXMSR 9RWYGGIWWJYP

  23. 䚉 䚉 䚉

  24. 䚉 䚉

  25. None
  26. None

  27. 䚉 䚉 䚉 䚉 䚉

  28. None
  29. None
  30. None
  31. None
  32. None
  33. None
  34. None

  35. 䚉 䚉

  36. 0RGHO(YDVLRQDWWDFNSURFHVV Ɣ 6WHS'LUHFWLRQ6HQVLWLYLW\(VWLPDWLRQ ż 7KHDGYHUVDU\HYDOXDWHVWKHVHQVLWLYLW\RIDFODVVFKDQJHWRHDFKLQSXWIHDWXUHE\LGHQWLI\LQJGLUHFWLRQVLQWKH GDWDPDQLIROGDURXQGVDPSOH;LQZKLFKWKHPRGHO)OHDUQHGE\WKH'11LVPRVWVHQVLWLYHDQGOLNHO\WRUHVXOWLQ DFODVVFKDQJH Ɣ 6WHS3HUWXUEDWLRQ6HOHFWLRQ ż

    7KHDGYHUVDU\WKHQH[SORLWVWKHNQRZOHGJHRIVHQVLWLYHLQIRUPDWLRQWRVHOHFWDSHUWXUEDWLRQį;DPRQJWKHLQSXW GLPHQVLRQVLQRUGHUWRREWDLQDQDGYHUVDULDOSHUWXUEDWLRQZKLFKLVPRVWHIILFLHQW
  37. None
  38. None
  39. None

  40. ࣅ ࣅ

  41. 䚉 䚉 䚉

  42. None
  43. None
  44. None
  45. None
  46. None
  47. None
  48. None
  49. None

  50.  %ZKTVIGMWMSR %ZKVIGEPP %ZK*WGSVI 4IVJSVQERGI HVST 3VMKMREPQSHIP   

    >33EXXEGO     ,ST7OMT.YQT EXXEGO    

  51.  %ZKTVIGMWMSR %ZKVIGEPP %ZK*WGSVI 4IVJSVQERGI HVST 3VMKMREPQSHIP   

    >33EXXEGO     ,ST7OMT.YQT EXXEGO     1SHIP)ZEWMSR 7YGGIWWJYP

  52. 3VMKMREPQSHIP *+71%XXEGO *+71EXXEGO (IJIRGI8SXEPZEVMERGI QMRMQM^EXMSR XVERWJSVQEXMSR ;IMKLXIH*WGSVI   

    %GGYVEG]   

  53. 䚉 䚉 䚉 䚉 䚉 䚉

  54. None

  55. 䚉 䚉 䚉 䚉

  56. 䚉 䚉 䚉 䚉 䚉

  57. 䚉 䚉 䚉 䚉 䚉 䚉

  58. 䚉 䚉

  59. None