Measuring Security Risk in Enterprise Networks

Modeling and Security Analysis of Attacks on Machine Learning Systems

 Machine learning (ML) systems are more and more widely deployed in multiple sectors. Autonomous driving cars are using object detection systems to process the images/videos from the cameras to understand the traffic signals and real time traffic around them. ML has been used to translate text from one language to another in several systems. At the same time, ML systems also introduce new security threats that are not seen in traditional software and network systems. For example, data poisoning and adversarial examples attacks generate incorrect output; membership and denial of service attacks can also exploit the new attack surface which waste computation resources. However, existing security causality analysis frameworks fail to sufficiently handle the new causality relationships, notions and elements introduced by ML systems. In this paper, we present a new way to model causality relationships in ML systems for security analysis. We present our model with a running example and discuss how our model can be used for security analysis and risk mitigation.