Security Engineering for Machine Learning

Abstract

Machine learning has made impressive progress across a wide range of tasks including image classification, machine translation, autonomous vehicle control and playing complex games like chess, Go and Atari video games. This progress has fueled breathless media coverage of artificial intelligence and elevated deep learning to an almost magical status in the public eye.

But machine learning — especially deep learning — is not magic. Its popularity has led to widespread use, often without a clear understanding of its limitations. In many cases, adoption is driven more by hype than by sound engineering. This raises concerns about the systematic risks introduced when ML is applied in a careless or haphazard way.

At the Berryville Institute of Machine Learning (BIIML), our research focuses on identifying and categorizing security engineering risks introduced by ML at the design level. While the idea of addressing ML security risk is not new, most previous work has focused on individual attacks against deployed systems — a kind of dynamic analysis — or on operational security issues.

This talk presents the results of an architectural risk analysis — sometimes called a threat model — of ML systems in general. A list of the top five risks — out of 78 known ML security vulnerabilities — will be shared.

Speaker Bio

Gary McGraw is co-founder of the Berryville Institute of Machine Learning. He is a globally recognized authority on software security and the author of eight best-selling books on the subject. His titles include Software Security, Exploiting Software, Building Secure Software, Java Security, Exploiting Online Games and others. He is also the editor of the Addison-Wesley Software Security series.

Dr. McGraw has authored more than 100 peer-reviewed scientific publications. He currently serves on the advisory boards of Irius Risk, Maxmyinterest, Runsafe Security and Secure Code Warrior. He previously served as a board member for Cigital and Codiscope (acquired by Synopsys), and as an advisor to CodeDX, Black Duck, Dasient, Fortify Software and Invotas — all of which were acquired by major companies in the security space.

For thirteen years, McGraw produced the Silver Bullet Security Podcast for IEEE Security and Privacy magazine. He holds a dual Ph.D. in cognitive science and computer science from Indiana University, where he also serves on the Dean’s Advisory Council for the Luddy School of Informatics, Computing and Engineering.

https://youtu.be/Goe0Sbn5Ma8?si=wL2c4ZK9R0Qq6hyA