Explore a 24-minute conference talk that delves into the security risks posed by malicious primitive models in machine learning systems. Examine a broad class of model-reuse attacks where crafted models manipulate host ML systems to misbehave on specific inputs. Investigate the attack setting, objectives, and techniques for generating semantic neighbors and finding salient features. Learn about case studies in multi-view autonomous steering, analyzing attack effectiveness and evasiveness. Gain insights into the potential threats of pre-trained models as building blocks in complex ML systems and understand the implications for security in our increasingly AI-driven world.
Overview
Syllabus
Intro
Machine Learning in Our Daily Lives
Ever-increasing Model Complexity
Pre-trained Models as Building Blocks
Are Pre-trained Models Safe?
Model-Reuse Attacks
Attack Setting
Attack Objectives
Generating Semantic Neighbors
Finding Salient Features
Crafting Adversarial Models
Case Studies
Multi-view Autonomous Steering
Experimental Setting
Attack Effectiveness
Attack Evasiveness
Other Experiments
Summary
Taught by
Association for Computing Machinery (ACM)
