Adversarial Machine Learning -- Industry Perspectives
Ram Shankar Siva Kumar, Magnus Nystr\"om, John Lambert, Andrew, Marshall, Mario Goertzel, Andi Comissoneru, Matt Swann, Sharon Xia
TL;DR
This paper highlights the lack of tactical and strategic security tools in industry for defending machine learning systems against adversarial attacks, based on interviews with 28 organizations.
Contribution
It identifies key gaps in industry practices and perspectives in securing ML systems, proposing a need to revise the Security Development Lifecycle for adversarial ML.
Findings
Industry practitioners lack effective tools for ML security.
Gaps exist in strategic and tactical security approaches.
The paper advocates for lifecycle revisions to enhance ML security.
Abstract
Based on interviews with 28 organizations, we found that industry practitioners are not equipped with tactical and strategic tools to protect, detect and respond to attacks on their Machine Learning (ML) systems. We leverage the insights from the interviews and we enumerate the gaps in perspective in securing machine learning systems when viewed in the context of traditional software security development. We write this paper from the perspective of two personas: developers/ML engineers and security incident responders who are tasked with securing ML systems as they are designed, developed and deployed ML systems. The goal of this paper is to engage researchers to revise and amend the Security Development Lifecycle for industrial-grade software in the adversarial ML era.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdversarial Robustness in Machine Learning · Advanced Malware Detection Techniques · Information and Cyber Security