Security Risks in AI and Machine Learning: Categorizing Attacks and Failure Modes (2022)
1h 12mBeginner2022-02-23
Authors
Diana Kelley
CTO and Cofounder of SecurityCurve
Course details
From predicting medical outcomes to managing retirement funds, we put a lot of trust in machine learning (ML) and artificial intelligence (AI) technology, even though we know they are vulnerable to attacks, and that sometimes they can completely fail us. In this course, instructor Diana Kelley pulls real-world examples from the latest ML research and walks through ways that ML and AI can fail, providing pointers on how to design, build, and maintain resilient systems.
Learn about intentional failures caused by attacks and unintentional failures caused by design flaws and implementation issues. Security threats and privacy risks are serious, but with the right tools and preparation you can set yourself up to reduce them. Diana explains some of the most effective approaches and techniques for building robust and resilient ML, such as dataset hygiene, adversarial training, and access control to APIs.
Learn about intentional failures caused by attacks and unintentional failures caused by design flaws and implementation issues. Security threats and privacy risks are serious, but with the right tools and preparation you can set yourself up to reduce them. Diana explains some of the most effective approaches and techniques for building robust and resilient ML, such as dataset hygiene, adversarial training, and access control to APIs.
Skills covered
Vulnerability ManagementMachine LearningArtificial Intelligence FoundationsCybersecurityArtificial Intelligence (AI)Deep Dive (X:Y)
Concepts
Introduction
- Machine learning security concerns
- What you should know
Machine Learning Foundations
- How systems can fail and how to protect them
- Why does ML security matter
- Attacks vs. unintentional failure modes
- Security goals for ML - CIA
Intentional Failure Modes Attacks
- Perturbation attacks and AUPs
- Poisoning attacks
- Reprogramming neural nets
- Physical domain (3D adversarial objects)
- Supply chain attacks
- Model inversion
- System manipulation
- Membership inference and model stealing
- Backdoors and existing exploits
Unintentional Failure Modes Intrinsic Design Flaws
- Reward hacking
- Side effects in reinforcement learning
- Distributional shifts and incomplete testing
- Overfitting underfitting
- Data bias considerations
Building Resilient ML
- Effective techniques for building resilience in ML
- ML dataset hygiene
- ML adversarial training
- ML access control to APIs
Conclusion
- Next steps
Related courses
- Privacy and Compliance in the Age of GenAI: Data Governance, Classification, and Inventory
- Vulnerability Management: Assessing the Risks with CVSS, CISA KEV, EPSS, and SSVC
- Vulnerability Management in Cybersecurity: The Basics
- Security Architecture: A Strategic Approach by InfoSec
- CompTIA SecurityX (CAS-005) Cert Prep
- Cisco Certified Support Technician (CCST) Cybersecurity (100-160) Cert Prep
- LLM Security: How to Protect Your Generative AI Investments
- Threat Hunting Deep Dive: Intelligence-Based Detection and Response Strategies