Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Securing Machine Learning Models

Sponsored · Your Podcast. Everywhere. Effortlessly. Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
Avatar for raghothams raghothams
November 24, 2020
Technology
0
47

Securing Machine Learning Models

ML models are popping up everywhere around us, be it e-commerce, networks or healthcare. We went through a journey of running these models on a local machine to industrializing these models and scaling them to serve millions of users. However, very few people actually realize how easy / hard these models are to hack & replicate using various black box & white box methodologies.

We walk you through important security aspects one has to keep in mind while deploying machine learning models on cloud, edge or on-premise. We will also showcase counter measures to defend these attacks as well.

We will take the standard security expert's approach of:
1. Awareness
2. Applicability
3. Countermeasures

The talk will majorly focus attacks like:
1. Model extraction - How can an adversary replicate your model?
2. Model evasion / adversarial attacks - How can an adversary corrupt your model?
3. Model watermarking - How can one prove ownership of a model?

Avatar for raghothams

raghothams

November 24, 2020
Tweet

More Decks by raghothams

See All by raghothams
Language Model for Music Recommendation
Avatar for raghothams raghothams
0
74
Deep Learning for Fonts
Avatar for raghothams raghothams
0
490
Data Science 101
Avatar for raghothams raghothams
0
54
Introduction to Firewalls
Avatar for raghothams raghothams
3
130

Other Decks in Technology

See All in Technology
システムのアラート調査をサポートするAI Agentの紹介/Introduction to an AI Agent for System Alert Investigation
Avatar for SadayoshiTada taddy_919
2
1.9k
小さく始めるBCP ― 多プロダクト環境で始める最初の一歩
Avatar for kekke-n kekke_n
1
360
茨城の思い出を振り返る ~CDKのセキュリティを添えて~ / 20260201 Mitsutoshi Matsuo
Avatar for SHIFT EVOLVE shift_evolve
PRO
1
200
今日から始める Amazon Bedrock AgentCore
Avatar for Har1101 har1101
4
400
日本の85%が使う公共SaaSは、どう育ったのか
Avatar for たけだ taketakekaho
1
140
Azure Durable Functions で作った NL2SQL Agent の精度向上に取り組んだ話/jat08
Avatar for TonyTonyKun thara0402
0
150
【5分でわかる】セーフィー エンジニア向け会社紹介
Avatar for Safie safie_recruit
0
42k
使いにくいの壁を突破する
Avatar for SansanTech sansantech
PRO
1
120
10Xにおける品質保証活動の全体像と改善 #no_more_wait_for_test
Avatar for nihonbuson nihonbuson
PRO
2
210
制約が導く迷わない設計 〜 信頼性と運用性を両立するマイナンバー管理システムの実践 〜
Avatar for ないとー bwkw
3
880
30万人の同時アクセスに耐えたい!新サービスの盤石なリリースを支える負荷試験 / SRE Kaigi 2026
Avatar for GENDA genda
1
310
All About Sansan – for New Global Engineers
Avatar for Sansan, Inc. sansan33
PRO
1
1.3k

Featured

See All Featured
The Cost Of JavaScript in 2023
Avatar for Addy Osmani addyosmani
55
9.5k
Put a Button on it: Removing Barriers to Going Fast.
Avatar for kastner kastner
60
4.2k
How to Build an AI Search Optimization Roadmap - Criteria and Steps to Take #SEOIRL
Avatar for Aleyda Solis aleyda
1
1.9k
Primal Persuasion: How to Engage the Brain for Learning That Lasts
Avatar for Mike Taylor tmiket
0
250
Docker and Python
Avatar for Tania Allard trallard
47
3.7k
Highjacked: Video Game Concept Design
Avatar for Ryan Kendrick rkendrick25
PRO
1
280
Scaling GitHub
Avatar for Zach Holman holman
464
140k
HDC tutorial
Avatar for Michiel Stock michielstock
1
360
How to Align SEO within the Product Triangle To Get 
Buy-In & Support - #RIMC
Avatar for Aleyda Solis aleyda
1
1.4k
AI Search:
Where Are We & What Can We Do About It?
Avatar for Aleyda Solis aleyda
0
6.9k
HU Berlin: Industrial-Strength Natural Language Processing with spaCy and Prodigy
Avatar for Ines Montani inesmontani
PRO
0
200
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
Avatar for Tammy Everts tammyeverts
55
3.2k

Transcript

  1. None
  2. None

  3. 䚉 䚉 䚉 䚉 䚉 䚉

  4. 䚉 䚉 䚉 䚉

  5. None
  6. None
  7. None

  8. 䚉 䚉 䚉 䚉

  9. None

  10. 䚉 䚉 䚉

  11. 䚉 䚉

  12. None
  13. None
  14. None
  15. None
  16. None

  17. 䚉 䚉 䚉

  18. None

  19. 4VIGMWMSR 6IGEPP *WGSVI 3VMKMREP1SHIP    4VS\]1SHIP  

    

  20. 4VIGMWMSR 6IGEPP *WGSVI 3VMKMREP1SHIP    4VS\]1SHIP  

     1SHIP)\XVEGXMSR 9RWYGGIWWJYP

  21. 4VIGMWMSR 6IGEPP *WGSVI 3VMKMREP1SHIP    4VS\]1SHIP  

    

  22. 4VIGMWMSR 6IGEPP *WGSVI 3VMKMREP1SHIP    4VS\]1SHIP  

     1SHIP)\XVEGXMSR 9RWYGGIWWJYP

  23. 䚉 䚉 䚉

  24. 䚉 䚉

  25. None
  26. None

  27. 䚉 䚉 䚉 䚉 䚉

  28. None
  29. None
  30. None
  31. None
  32. None
  33. None
  34. None

  35. 䚉 䚉

  36. 0RGHO(YDVLRQDWWDFNSURFHVV Ɣ 6WHS'LUHFWLRQ6HQVLWLYLW\(VWLPDWLRQ ż 7KHDGYHUVDU\HYDOXDWHVWKHVHQVLWLYLW\RIDFODVVFKDQJHWRHDFKLQSXWIHDWXUHE\LGHQWLI\LQJGLUHFWLRQVLQWKH GDWDPDQLIROGDURXQGVDPSOH;LQZKLFKWKHPRGHO)OHDUQHGE\WKH'11LVPRVWVHQVLWLYHDQGOLNHO\WRUHVXOWLQ DFODVVFKDQJH Ɣ 6WHS3HUWXUEDWLRQ6HOHFWLRQ ż

    7KHDGYHUVDU\WKHQH[SORLWVWKHNQRZOHGJHRIVHQVLWLYHLQIRUPDWLRQWRVHOHFWDSHUWXUEDWLRQį;DPRQJWKHLQSXW GLPHQVLRQVLQRUGHUWRREWDLQDQDGYHUVDULDOSHUWXUEDWLRQZKLFKLVPRVWHIILFLHQW
  37. None
  38. None
  39. None

  40. ࣅ ࣅ

  41. 䚉 䚉 䚉

  42. None
  43. None
  44. None
  45. None
  46. None
  47. None
  48. None
  49. None

  50.  %ZKTVIGMWMSR %ZKVIGEPP %ZK*WGSVI 4IVJSVQERGI HVST 3VMKMREPQSHIP   

    >33EXXEGO     ,ST7OMT.YQT EXXEGO    

  51.  %ZKTVIGMWMSR %ZKVIGEPP %ZK*WGSVI 4IVJSVQERGI HVST 3VMKMREPQSHIP   

    >33EXXEGO     ,ST7OMT.YQT EXXEGO     1SHIP)ZEWMSR 7YGGIWWJYP

  52. 3VMKMREPQSHIP *+71%XXEGO *+71EXXEGO (IJIRGI8SXEPZEVMERGI QMRMQM^EXMSR XVERWJSVQEXMSR ;IMKLXIH*WGSVI   

    %GGYVEG]   

  53. 䚉 䚉 䚉 䚉 䚉 䚉

  54. None

  55. 䚉 䚉 䚉 䚉

  56. 䚉 䚉 䚉 䚉 䚉

  57. 䚉 䚉 䚉 䚉 䚉 䚉

  58. 䚉 䚉

  59. None