Can machine learning be secure?

Barreno, Marco; Nelson, Blaine; Sears, Russell; Joseph, Anthony D.; Tygar, J. D.

doi:10.1145/1128817.1128824

articleMar 21, 2006Closed access

Can machine learning be secure?

MBMarco Barreno BNBlaine Nelson RSRussell Sears ADAnthony D. Joseph JDJ. D. Tygar

University of California, Berkeley

Indexed incrossref

Abstract

Machine learning systems offer unparalled flexibility in dealing with evolving input in a variety of applications, such as intrusion detection systems and spam e-mail filtering. However, machine learning algorithms themselves can be a target of attack by a malicious adversary. This paper provides a framework for answering the question, "Can machine learning be secure?" Novel contributions of this paper include a taxonomy of different types of attacks on machine learning techniques and systems, a variety of defenses against those attacks, a discussion of ideas that are important to security for machine learning, an analytical model giving a lower bound on attacker's work function, and a list of open problems.

Citation impact

859

total citations

FWCI: 13.56
Percentile: 100%
References: 41

Citations per year

Authors

5

Topics & keywords

Topics

Keywords

Computer science
Machine learning
Intrusion detection system
Flexibility (engineering)
Variety (cybernetics)
Adversary
Artificial intelligence
Instance-based learning

No related works found for this paper.