Adversarial Machine Learning: An Interdisciplinary Approach - Workshop

Abstract

Machine learning is a methodology for discovering meaningful patterns from large amounts of data. Machine learning algorithms are specifically designed to analyze data in large quantities from which the target concept is learned. Unfortunately, cyber security applications typically have to face the unique challenges. For example, machine-learning based antivirus systems are often challenged by malware authors who intentionally obfuscate malicious code to evade detection. The adversary attacks the learning system by strategically modifying malicious data so that the malicious data used in the training process are no longer resemble samples from the malware data distribution encountered in the operating environment. Although understanding attacks against machine learning models are needed and crucial, an approach that just depends on technological solutions could be limited. We believe that the robustness of these developed adversarial machine learning models could be improved significantly if machine learning models and humans work closely. Furthermore, when humans are in/on the loop, many potential disasters that can arise from adversarial attacks could be prevented. Recently a few workshops and panels have been held on adversarial machine learning. Examples include the NSF SATC panel, ACM AISEC, etc. These workshops and panels have been influenced by mainly the cyber security community, and did not bring machine learning, cyber security, game theory and social science tools to approach this topic from an interdisciplinary point of view. To address the above limitations, we propose a workshop consisting of interdisciplinary researchers in the fields of cyber security, machine learning, game theory data mining and policy and social sciences to come together and determine the strategic direction for adversarial machine learning and data science research. Also, ARO has made substantial investments in cyber security, big data, computational game theory, social sciences and adversarial machine learning. It is therefore critical that these areas work together to determine the direction for adversarial machine learning. We are proposing a two day workshop consisting of participants from government, industry and academia. The first day will be devoted to presentations from government, academia and industry who are involved in adversarial machine learning programs, research and products. Toward the start of Day 2, the participants will break into groups. These groups will be pre-determined while we plan for the workshop. The morning of Day 2 will consist of breakout sessions. Each group will address a topic determined prior to the workshop. These topics will include the following: (i) Human-in/on-the-loop for adversarial machine learning (ii) Adversarial deep learning (iii) Adversarial semi-supervised/unsupervised learning (iv) Game theoretical tools for adversarial machine learning (v) Data provenance and data security for adversarial machine learning (vi) Adversarial machine learning for cyber physical systems During the end of Day 2, the groups will give their presentations and get feedback.

Document Details

Document Type

DoD Grant Award

Publication Date

Apr 22, 2019

Source ID

W911NF1810388

Entities

Tags