When training ML models, there can be some security aspects which are important. Here are some examples:
Some security goals.
- Training set privacy. An adversary which is familiar with the model, can not get “any” information on the data-points in the training set.
- Model secrecy. An adversary able to get predictions for any input by the model as a black-box, can not obtain information about the model parameters.
- Model reliability. The model should behave in a way that humans can predict.
Links to related attacks
- Membership Inference Attacks against Machine Learning Models
- Stealing Machine Learning Models via Prediction APIs
- Breaking Linear Classifiers on ImageNet