Timezone: »

``Why do so?'' --- A practical perspective on adversarial machine learning
Kathrin Grosse · Lukas Bieringer · Tarek R. Besold · Battista Biggio · Katharina Krombholz

Despite the large body of academic work on machine learning security, little is known about the occurrence of attacks on machine learning systems in the wild. In this paper, we analyze the answers of 139 industrial practitioners to a quantitative questionnaire about attack occurrence and concern. We find evidence for circumventions of AI systems in practice, although these are not the sole concern of our practitioners, as their reasoning on relevance and irrelevance of machine learning attacks is complex. Our work pave the way for more research about adversarial machine learning in practice, but yields also insights for machine learning regulation and auditing.

Author Information

Kathrin Grosse (University of Cagliari)
Lukas Bieringer (QuantPi)
Tarek R. Besold (TU Eindhoven)
Battista Biggio (University of Cagliari, Italy)
Katharina Krombholz (CISPA − Helmholtz Center for Information Securit)

More from the Same Authors