Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Securing Machine Learning Models

raghothams
November 24, 2020
Technology
0
33

Securing Machine Learning Models

ML models are popping up everywhere around us, be it e-commerce, networks or healthcare. We went through a journey of running these models on a local machine to industrializing these models and scaling them to serve millions of users. However, very few people actually realize how easy / hard these models are to hack & replicate using various black box & white box methodologies.

We walk you through important security aspects one has to keep in mind while deploying machine learning models on cloud, edge or on-premise. We will also showcase counter measures to defend these attacks as well.

We will take the standard security expert's approach of:
1. Awareness
2. Applicability
3. Countermeasures

The talk will majorly focus attacks like:
1. Model extraction - How can an adversary replicate your model?
2. Model evasion / adversarial attacks - How can an adversary corrupt your model?
3. Model watermarking - How can one prove ownership of a model?

raghothams

November 24, 2020
Tweet

More Decks by raghothams

See All by raghothams
Language Model for Music Recommendation
raghothams
0
52
Deep Learning for Fonts
raghothams
0
400
Data Science 101
raghothams
0
47
Introduction to Firewalls
raghothams
3
120

Other Decks in Technology

See All in Technology
20241120_JAWS_東京_ランチタイムLT#17_AWS認定全冠の先へ
tsumita
2
290
AIチャットボット開発への生成AI活用
ryomrt
0
170
New Relicを活用したSREの最初のステップ / NRUG OKINAWA VOL.3
isaoshimizu
2
610
OTelCol_TailSampling_and_SpanMetrics
gumamon
1
180
AI前提のサービス運用ってなんだろう?
ryuichi1208
8
1.4k
[CV勉強会@関東 ECCV2024 読み会] オンラインマッピング x トラッキング MapTracker: Tracking with Strided Memory Fusion for Consistent Vector HD Mapping (Chen+, ECCV24)
abemii
0
220
Taming you application's environments
salaboy
0
190
生成AIが変えるデータ分析の全体像
ishikawa_satoru
0
160
AGIについてChatGPTに聞いてみた
blueb
0
130
複雑なState管理からの脱却
sansantech
PRO
1
150
Flutterによる 効率的なAndroid・iOS・Webアプリケーション開発の事例
recruitengineers
PRO
0
110
Python(PYNQ)がテーマのAMD主催のFPGAコンテストに参加してきた
iotengineer22
0
500

Featured

See All Featured
How to Think Like a Performance Engineer
csswizardry
20
1.1k
Fantastic passwords and where to find them - at NoRuKo
philnash
50
2.9k
Why You Should Never Use an ORM
jnunemaker
PRO
54
9.1k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
131
33k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
280
13k
The World Runs on Bad Software
bkeepers
PRO
65
11k
4 Signs Your Business is Dying
shpigford
180
21k
Navigating Team Friction
lara
183
14k
The Pragmatic Product Professional
lauravandoore
31
6.3k
VelocityConf: Rendering Performance Case Studies
addyosmani
325
24k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
364
24k
KATA
mclloyd
29
14k

Transcript

  1. None
  2. None

  3. 䚉 䚉 䚉 䚉 䚉 䚉

  4. 䚉 䚉 䚉 䚉

  5. None
  6. None
  7. None

  8. 䚉 䚉 䚉 䚉

  9. None

  10. 䚉 䚉 䚉

  11. 䚉 䚉

  12. None
  13. None
  14. None
  15. None
  16. None

  17. 䚉 䚉 䚉

  18. None

  19. 4VIGMWMSR 6IGEPP *WGSVI 3VMKMREP1SHIP    4VS\]1SHIP  

    

  20. 4VIGMWMSR 6IGEPP *WGSVI 3VMKMREP1SHIP    4VS\]1SHIP  

     1SHIP)\XVEGXMSR 9RWYGGIWWJYP

  21. 4VIGMWMSR 6IGEPP *WGSVI 3VMKMREP1SHIP    4VS\]1SHIP  

    

  22. 4VIGMWMSR 6IGEPP *WGSVI 3VMKMREP1SHIP    4VS\]1SHIP  

     1SHIP)\XVEGXMSR 9RWYGGIWWJYP

  23. 䚉 䚉 䚉

  24. 䚉 䚉

  25. None
  26. None

  27. 䚉 䚉 䚉 䚉 䚉

  28. None
  29. None
  30. None
  31. None
  32. None
  33. None
  34. None

  35. 䚉 䚉

  36. 0RGHO(YDVLRQDWWDFNSURFHVV Ɣ 6WHS'LUHFWLRQ6HQVLWLYLW\(VWLPDWLRQ ż 7KHDGYHUVDU\HYDOXDWHVWKHVHQVLWLYLW\RIDFODVVFKDQJHWRHDFKLQSXWIHDWXUHE\LGHQWLI\LQJGLUHFWLRQVLQWKH GDWDPDQLIROGDURXQGVDPSOH;LQZKLFKWKHPRGHO)OHDUQHGE\WKH'11LVPRVWVHQVLWLYHDQGOLNHO\WRUHVXOWLQ DFODVVFKDQJH Ɣ 6WHS3HUWXUEDWLRQ6HOHFWLRQ ż

    7KHDGYHUVDU\WKHQH[SORLWVWKHNQRZOHGJHRIVHQVLWLYHLQIRUPDWLRQWRVHOHFWDSHUWXUEDWLRQį;DPRQJWKHLQSXW GLPHQVLRQVLQRUGHUWRREWDLQDQDGYHUVDULDOSHUWXUEDWLRQZKLFKLVPRVWHIILFLHQW
  37. None
  38. None
  39. None

  40. ࣅ ࣅ

  41. 䚉 䚉 䚉

  42. None
  43. None
  44. None
  45. None
  46. None
  47. None
  48. None
  49. None

  50.  %ZKTVIGMWMSR %ZKVIGEPP %ZK*WGSVI 4IVJSVQERGI HVST 3VMKMREPQSHIP   

    >33EXXEGO     ,ST7OMT.YQT EXXEGO    

  51.  %ZKTVIGMWMSR %ZKVIGEPP %ZK*WGSVI 4IVJSVQERGI HVST 3VMKMREPQSHIP   

    >33EXXEGO     ,ST7OMT.YQT EXXEGO     1SHIP)ZEWMSR 7YGGIWWJYP

  52. 3VMKMREPQSHIP *+71%XXEGO *+71EXXEGO (IJIRGI8SXEPZEVMERGI QMRMQM^EXMSR XVERWJSVQEXMSR ;IMKLXIH*WGSVI   

    %GGYVEG]   

  53. 䚉 䚉 䚉 䚉 䚉 䚉

  54. None

  55. 䚉 䚉 䚉 䚉

  56. 䚉 䚉 䚉 䚉 䚉

  57. 䚉 䚉 䚉 䚉 䚉 䚉

  58. 䚉 䚉

  59. None