Timezone: »
``Why do so?'' --- A practical perspective on adversarial machine learning
Kathrin Grosse · Lukas Bieringer · Tarek R. Besold · Battista Biggio · Katharina Krombholz
Despite the large body of academic work on machine learning security, little is known about the occurrence of attacks on machine learning systems in the wild. In this paper, we analyze the answers of 139 industrial practitioners to a quantitative questionnaire about attack occurrence and concern. We find evidence for circumventions of AI systems in practice, although these are not the sole concern of our practitioners, as their reasoning on relevance and irrelevance of machine learning attacks is complex. Our work pave the way for more research about adversarial machine learning in practice, but yields also insights for machine learning regulation and auditing.
Author Information
Kathrin Grosse (University of Cagliari)
Lukas Bieringer (QuantPi)
Tarek R. Besold (TU Eindhoven)
Battista Biggio (University of Cagliari, Italy)
Katharina Krombholz (CISPA − Helmholtz Center for Information Securit)
More from the Same Authors
-
2021 : Indicators of Attack Failure: Debugging and Improving Optimization of Adversarial Examples »
Maura Pintor · Luca Demetrio · Angelo Sotgiu · Giovanni Manca · Ambra Demontis · Nicholas Carlini · Battista Biggio · Fabio Roli -
2021 : Fast Minimum-norm Adversarial Attacks through Adaptive Norm Constraints »
Maura Pintor · Fabio Roli · Wieland Brendel · Battista Biggio -
2021 : Adversarial EXEmples: Functionality-preserving Optimization of Adversarial Windows Malware »
Luca Demetrio · Battista Biggio · Giovanni Lagorio · Alessandro Armando · Fabio Roli · Luca Demetrio -
2022 : ImageNet-Patch: A Dataset for Benchmarking Machine Learning Robustness against Adversarial Patches »
Maura Pintor · Daniele Angioni · Angelo Sotgiu · Luca Demetrio · Ambra Demontis · Battista Biggio · Fabio Roli -
2022 : Contributed Talk 3: ImageNet-Patch: A Dataset for Benchmarking Machine Learning Robustness against Adversarial Patches »
Maura Pintor · Daniele Angioni · Angelo Sotgiu · Luca Demetrio · Ambra Demontis · Battista Biggio · Fabio Roli -
2022 Workshop: New Frontiers in Adversarial Machine Learning »
Sijia Liu · Pin-Yu Chen · Dongxiao Zhu · Eric Wong · Kathrin Grosse · Hima Lakkaraju · Sanmi Koyejo