Published: December 11, 2022
Author(s)
Qingtian Zou (Penn State University), Lan Zhang (Penn State University), Anoop Singhal (NIST), Xiaoyan Sun (California State University), Peng Liu (Penn State University)
Conference
Name: International Conference on Information Systems Security (ICISS 2022)
Dates: 12/16/2022 - 12/20/2022
Location: Tirupati, India
Citation: Information Systems Security, vol. 13784, pp. 119–138
The past several years have witnessed rapidly increasing use of machine learning (ML) systems in multiple industry sectors. Since risk analysis is one of the most essential parts of the real-world ML system protection practice, there is an urgent need to conduct systematic risk analysis of ML systems. However, it is widely recognized that the existing risk analysis frameworks and techniques, which were developed to analyze enterprise (software) systems and networks, are no longer very suitable for analyzing ML systems. In this paper, we seek to present a vision on how to address two unique ML risk analysis challenges through a new risk analysis framework. This paper intends to take the initial step to bridge the gap between the existing cyber risk analysis frameworks and an ideal ML system risk analysis framework.
The past several years have witnessed rapidly increasing use of machine learning (ML) systems in multiple industry sectors. Since risk analysis is one of the most essential parts of the real-world ML system protection practice, there is an urgent need to conduct systematic risk analysis of ML...
See full abstract
The past several years have witnessed rapidly increasing use of machine learning (ML) systems in multiple industry sectors. Since risk analysis is one of the most essential parts of the real-world ML system protection practice, there is an urgent need to conduct systematic risk analysis of ML systems. However, it is widely recognized that the existing risk analysis frameworks and techniques, which were developed to analyze enterprise (software) systems and networks, are no longer very suitable for analyzing ML systems. In this paper, we seek to present a vision on how to address two unique ML risk analysis challenges through a new risk analysis framework. This paper intends to take the initial step to bridge the gap between the existing cyber risk analysis frameworks and an ideal ML system risk analysis framework.
Hide full abstract
Keywords
machine learning; deep learning; security analysis
Control Families
None selected