Undetectable ML backdoors are a serious concern

If an adversary gives you a machine learning model and secretly plants a malicious backdoor in it, what are the chances that you can discover it? Very little, according to a new paper by researchers at UC Berkeley, MIT, and the Institute of Advanced Study.

The security of machine learning is becoming increasingly critical as ML models find their way into a growing number of applications. The new study focuses on the security threats of delegating the training and development of machine learning models to third parties and service providers.

With the shortage of AI talent and resources, many organizations are outsourcing their machine learning work, using pre-trained models or online ML services. These models and services can become sources of attacks against the applications that use them.

The new research paper presents two techniques of planting undetectable backdoors in machine learning models that can be used to trigger malicious behavior.

The paper sheds light on the challenges of establishing trust in machine learning pipelines.

Read the full article on TechTalks.

For more on machine learning security:

• New technique protects contrastive ML against adversarial attacks

• Machine learning adversarial attacks are a ticking time bomb

• Adversarial training reduces safety of neural networks in robots

• Is neuroscience the key to protecting AI from adversarial attacks?