- ホーム
- > 洋書
- > 英文書
- > Computer / General
Full Description
This book studies in detail the robustness of machine learning (ML) algorithms involved in dealing with vulnerabilities where the errors or malfunctions are both intentional and malicious, therefore being associated with a specific attack model. Reliability is key to the wider adoption of machine learning algorithms in driving regular tasks. There needs to be guaranteed on the success of ML-driven decision-making systems, without errors. It is often seen that an otherwise typically high-performance neural network trained for a specific task, fails under certain circumstances. These vulnerabilities are a key deterrent to reliability and must be addressed before the ubiquitous adoption of AI.
From the machine learning standpoint, this book looks at both critical ingredients, that is the model (neural architecture and its properties) and the training data and from the perspective of Robust AI, the investigation pertains to both Security and Privacy issues. To elaborate on the nomenclature, the Security aspects involve attacks that concern the disruption of the intended machine learning task itself. The Privacy aspect deals with attacks that pertain to leaking sensitive information or IP. A combination of both is necessary to have robust algorithms that can withstand malicious adversaries. The ideas are well described with respect to the available literature and the propositions are studied extensively with many different use cases, on multiple neural architectures and datasets. The content of this book caters to researchers, programmers, engineering, and policymakers who are interested in the implementation of Robust AI and its security and privacy issues in machine learning.
Contents
Introduction.- Background.- Adversarial Examples and Dimensionality.- Spatially Correlated Patterns in Adversarial Images.- Patch-based real-world adversarial attacks.- Comparative Analysis of State-of-the-Art Adversarial Attacks.- Efficient Decision-based Adversarial Attacks.- Pre-Processing based Defenses.- Protecting IP of trained models.- Protecting Privacy of Training Data.- Future Scope of Work.- Conclusion.
