Otherwise, adversarial machine learning can be a disaster in the making.
For instance, as web applications with database backends started replacing static websites, SQL injection attacks became prevalent.
The widespread adoption of surfing app-side scripting languages gave rise to cross-site scripting attacks.
40% off TNW Conference!
For most security vulnerabilities, the boundaries are very clear.
The response is also straightforward.
For instance, SQL injection vulnerabilities are the result of not sanitizing user input.
In most cases, adversarial attacks exploit peculiarities in the learned parameters of machine learning models.
An attacker probes a target model by meticulously making changes to its input until it produces the desired behavior.
The adversarial perturbation is usually a layer of noise that is imperceptible to the human eye.
A neural connection thinks this is a picture of a rifle.
Defenses against adversarial attacks are also a bit fuzzy.
Adversarial defenses usually involve statistical adjustments or general changes to the architecture of the machine learning model.
But with enough rigor, an attacker can find other noise patterns to create adversarial examples.
The plain truth is, we are still learning how to cope with adversarial machine learning.
Security researchers are used to perusing code for vulnerabilities.
Now they must learn to find security holes in machine learning that are composed of millions of numerical parameters.
It is worth noting, however, that AI and security conferences focus on cutting edge research.
I referred to several sources that track bugs, vulnerabilities, and bug bounties.
A search for machine learning returns five results.
But there are no direct reports on adversarial vulnerabilities.
A search for deep learning shows a singlecritical flawfiled in November 2017.
Search for adversarial attacks, adversarial examples, machine learning, and deep learning yielded no results.
A search for TensorFlow yields 41 records, but theyre mostly bug reports on the codebase of TensorFlow.
Theres nothing about adversarial attacks or hidden vulnerabilities in the parameters of TensorFlow models.
This is noteworthy because GitHub already hosts manydeep learningmodels and pretrainedneural networks.
GitHub Advisory contains no records on adversarial attacks.
Finally, I checked HackerOne, the platform many companies use to run bug bounty programs.
Here too, none of the reports contained any mention of adversarial attacks.
Automated defense is another area that is worth discussing.
When it comes to code-based vulnerabilities Developers have a large set of defensive tools at their disposal.
Static analysis tools can help developers find vulnerabilities in their code.
Dynamic testing tools examine an tool at runtime for vulnerable patterns of behavior.
Compilers already use many of these techniques to track and patch vulnerabilities.
But the tools and procedures for defending machine learning systems against adversarial attacks are still in the preliminary stages.
This is partly why were seeing very few reports and advisories on adversarial attacks.
Meanwhile, another worrying trend is the growing use of deep learning models by developers of all levels.
But today, integrating a pre-trained neural online grid into an system is very easy.
But fortunately, there have been some positive developments that can guide future steps.
New regulations for the security of machine learning systems might also be necessary.
As the adoption of machine learning continues to expand, the threat of adversarial attacks is becoming more imminent.
Adversarial vulnerabilities are a ticking timebomb.
Only a systematic response can defuse it.
you’re able to read the original articlehere.
