Attacks on ML Systems: From Security Analysis to Attack Mitigation

The past several years have witnessed rapidly increasing use of machine learning (ML) systems in multiple industry sectors. Since security analysis is one of the most essential parts of the real-world ML system protection practice, there is an urgent need to conduct systematic security analysis of ML systems. However, it is widely recognized that the existing security analysis approaches and techniques, which were developed to analyze enterprise (software) systems and networks, are no longer very suitable for analyzing ML systems. In this paper, we seek to present a vision on how to address two unique ML security analysis challenges through ML-system-specific security analysis. This paper intends to take the initial step to bridge the gap between the existing computer security analysis approaches and an `ideal' ML system security analysis approach.