CHAPTER 3

Categories of Attacks on Machine Learning

In the previous chapter, we described in broad strokes the major machine learning paradigms, as well as how they can be instantiated in adversarial settings. Adversarial machine learning takes this a step further: our goal is not merely to understand how machine learning can be used in adversarial settings (for example, for malware detection), but in what way such settings introduce vulnerabilities into conventional learning approaches. A principled discussion of such vulnerabilities centers around precise threat models. In this chapter, we present a general categorization of threat models, or attacks, in the context of machine learning. Our subsequent detailed presentation of the specific attacks ...

Get Adversarial Machine Learning now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.