Details

There is growing recognition that machine learning
(ML) exposes new security and privacy vulnerabilities
in software systems, yet the technical community’s
understanding of the nature and extent of these
vulnerabilities remains limited but expanding.

In this talk, I explore the threat model space of
ML algorithms, and systematically explore the
vulnerabilities resulting from the poor generalization
of ML models when they are presented with inputs
manipulated by adversaries. This characterization
of the threat space prompts an investigation of
defenses that exploit the lack of reliable confidence
estimates for predictions made.

In particular, we introduce a promising new
approach to defensive measures tailored to the
structure of deep learning. Through this research,
we expose connections between the resilience of ML
to adversaries,