Netinfo Security ›› 2018, Vol. 18 ›› Issue (9): 10-18.doi: 10.3969/j.issn.1671-1122.2018.09.002

• Orginal Article • Previous Articles     Next Articles

Research on Attacks and Defenses towards Machine Learning Systems

Yingchao YU1, Lin DING1, Zuoning CHEN2   

  1. 1. Jiangnan Institute of Computing Technology, Wuxi Jiangsu 214083, China
    2. State Key Laboratory of Mathematical Engineering and Advanced Computing, Wuxi Jiangsu 214083, China
  • Received:2018-07-17 Online:2018-09-30 Published:2020-05-11

Abstract:

Recent research shows that almost all stages of machine learning system pipeline may encounter data contamination attack, attack on learning algorithm and dependency library, escape attack, model theft and model reasoning attack. These attacks not only affect the learning process of the machine learning system, but also may affect the performance of the model or make the model appear the errors which attackers want the model to appear under specific input, thus affecting the accuracy of the model. So, understanding the security of machine learning algorithms and systems, and exploring their security improvements, has increasingly become a research direction in cross field of computer security and machine learning. This paper firstly defines the machine learning system pipeline, and then studies the possible attacks and potential solutions on the pipeline. Finally, this paper summarizes the full text and prospects the future research directions.

Key words: machine learning, data contamination, escape attack, model reasoning

CLC Number: