From the course: Security Risks in AI and Machine Learning: Categorizing Attacks and Failure Modes
Join today to access over 24,900 courses taught by industry experts.
Reprogramming
From the course: Security Risks in AI and Machine Learning: Categorizing Attacks and Failure Modes
Reprogramming
- [Instructor] Another way to attack AI models is to use perturbation to reprogram the system to perform a task it wasn't intended to. Note that this is not to be confused with transfer learning, which is non-adversarial, and refers to when an ML-based AI system transfers knowledge to a different problem space. For example, when vision models trained on general photos like cats, dogs and cars, are adapted to detect disease from medical images. When attackers attempt to reprogram AI, they send the models queries, inducing them to solve new and unintended tasks. For example, consider CAPCTHA. CAPTCHAs often require users to identify 2D images like crosswalks, traffic signals, or a mountain, but if an image classifier can accurately identify those images as well, or even better than a human, someone could use that to give a bot access as though it were a human. This kind of attack could make CAPTCHA useless in instances…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
(Locked)
Perturbation attacks and malicious input7m 26s
-
(Locked)
Poisoning attacks6m 54s
-
(Locked)
Reprogramming3m 30s
-
(Locked)
Physical domain: 3D adversarial objects3m 55s
-
(Locked)
Supply chain attacks4m 4s
-
(Locked)
Model inversion5m 19s
-
(Locked)
System manipulation4m 49s
-
(Locked)
Membership inference and model stealing4m 26s
-
(Locked)
Backdoors and existing exploits3m 45s
-
(Locked)
-
-
-