Adversarial machine learning has hit the spotlight as a topic relevant to practically-minded security teams, but noise and hype have diluted the discourse to gradient-based comparisons of blueberry muffins and chihuahuas. This fails to reflect the attack landscape, making it difficult to adequately assess the risks. More concerning still, recommendations for mitigations are similarly lacking in their calibration to real threats. This talk discusses research conducted over the past year on real-world attacks against machine learning systems which include recommendation engines, algorithmic trading platforms, email filtering — in addition to the classic examples of facial recognition and malware classification.
By Ariel Herbert-Voss
Full Abstract & Presentation Materials: https://www.blackhat.com/us-20/briefings/schedule/#practical-defenses-against-adversarial-machine-learning-20476