C/C++, Rust, C# – PyTorch, TensorFlow, Keras, scikit-learn • As Web, Mobile, IoT/Edge ve Back-End… – OpenCV – … and dozens of different tools and equipment… • Cloud Computing – AWS Machine Learning – Google Cloud Machine Learning – IBM Watson Machine Learning – Microsoft Azure Machine Learning – … and various cloud solutions… • Distributed Systems – Distributed Databases – Distributed Deep Learning
Recognition • Face Detection • Object Detection • Question Answering System • Semantic Segmentation • Text Classification • Text Recognition • Sentiment Analysis • Industrial AI • Autonomous Systems • and more…
ML model preparation process The chore but the imperative: Preparing the data! We prepared the model! We train the model with data. Cloud or On-Premise We tested the trained model with test data! The trained model is packaged for the programmatic environment. Post release: The model is constantly monitored.
Hacking Poisoning Attack Side Effects Model Inversion Distributional Shifts Membership Inference Natural Adversarial Examples Model Stealing Common Corruption Reprogramming ML system Incomplete Testing Adversarial Example in Pyhsical Domain Malicious ML provider recovering training data Attacking the ML supply chain Backdoor ML Exploit Software Dependencies
of the software the system is connected to, not algorithms. • Prevention: – Security Scan – Security Reports – Be Careful : Wrappers ve Pre-Build Environment – Use Less Dependency – Dependency Management Tools • Synk : Synk.io • Python Poetry : python-poetry.org • Bandit : – Bandit is a tool designed to find common security issues in Python code. – https://github.com/PyCQA/bandit • pyup.io/safety • requires.io – etc…
internal communication, not for running on untrusted networks. • These tools (ModelServer etc.) do not have built-in authorization. • It can read and write files, send and receive data over the network… • (!) TensorFlow Models as Programs • (!) Running Untrusted Models • (!) Accepting Untrusted Inputs https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md