机器学习模型安全与隐私研究综述

Shou Ling Ji; Tian Yu Du; Jin Feng Li; Chao Shen; Bo Li

doi:10.13328/j.cnki.jos.006131

机器学习模型安全与隐私研究综述

Translated title of the contribution: Security and Privacy of Machine Learning Models: A Survey

Shou Ling Ji, Tian Yu Du, Jin Feng Li, Chao Shen, Bo Li

Research output: Contribution to journal › Review article › peer-review

Abstract

In the era of big data, breakthroughs in theories and technologies of deep learning, reinforcement learning, and distributed learning have provided strong support for machine learning at the data and the algorithm level, as well as have promoted the development of scale and industrialization of machine learning. However, though machine learning models have excellent performance in many real-world applications, they still suffer many security and privacy threats at the data, model, and application levels, which could be characterized by diversity, concealment, and dynamic evolution. The security and privacy issues of machine learning have attracted extensive attention from academia and industry. A large number of researchers have conducted in-depth research on the security and privacy issues of models from the perspective of attack and defense, and proposed a series of attack and defense methods. In this survey, the security and privacy issues of machine learning are reviewed, existing research work is systematically and scientifically summarized, and the advantages and disadvantages of current research are clarified. Finally, the current challenges and future research directions of machine learning model security and privacy research are explored, aiming to provide guidance for follow-up researchers to further promote the development and application of machine learning model security and privacy research.

Translated title of the contribution	Security and Privacy of Machine Learning Models: A Survey
Original language	Chinese (Traditional)
Pages (from-to)	41-67
Number of pages	27
Journal	Ruan Jian Xue Bao/Journal of Software
Volume	32
Issue number	1
DOIs	https://doi.org/10.13328/j.cnki.jos.006131
State	Published - Jan 2021

Keywords

Adversarial example
Artificial intelligence security
Machine learning
Model privacy
Poisoning attack

ASJC Scopus subject areas

Software

Online availability

10.13328/j.cnki.jos.006131

Library availability

Discover UIUC Full Text

Cite this

@article{5750f4d585b04b75bad03396de97211d,

title = "机器学习模型安全与隐私研究综述",

abstract = "In the era of big data, breakthroughs in theories and technologies of deep learning, reinforcement learning, and distributed learning have provided strong support for machine learning at the data and the algorithm level, as well as have promoted the development of scale and industrialization of machine learning. However, though machine learning models have excellent performance in many real-world applications, they still suffer many security and privacy threats at the data, model, and application levels, which could be characterized by diversity, concealment, and dynamic evolution. The security and privacy issues of machine learning have attracted extensive attention from academia and industry. A large number of researchers have conducted in-depth research on the security and privacy issues of models from the perspective of attack and defense, and proposed a series of attack and defense methods. In this survey, the security and privacy issues of machine learning are reviewed, existing research work is systematically and scientifically summarized, and the advantages and disadvantages of current research are clarified. Finally, the current challenges and future research directions of machine learning model security and privacy research are explored, aiming to provide guidance for follow-up researchers to further promote the development and application of machine learning model security and privacy research.",

keywords = "Adversarial example, Artificial intelligence security, Machine learning, Model privacy, Poisoning attack",

author = "Ji, {Shou Ling} and Du, {Tian Yu} and Li, {Jin Feng} and Chao Shen and Bo Li",

note = "Funding Information:  基金项目: 国家重点研发计划(2018YFB0804102); 浙江省自然科学基金(LR19F020003); 浙江省科技计划(2019C01055); 国家自然科学基金(61772466, U1936215, U1836202, 61822309, 61773310, U1736205) Foundation item: National Key Researchand Development Program of China (2018YFB0804102); Zhejiang Provincial Natural Science Foundation of China (LR19F020003); Provincial Key Research and Development Program of Zhejiang, China (2019C01055); National Natural Science Foundation of China (61772466, U1936215, U1836202, 61822309, 61773310, U1736205) 收稿时间: 2019-06-10; 修改时间: 2019-10-01; 采用时间: 2020-08-17; jos 在线出版时间: 2020-09-10 Publisher Copyright: {\textcopyright} Copyright 2021, Institute of Software, the Chinese Academy of Sciences. All rights reserved.",

year = "2021",

month = jan,

doi = "10.13328/j.cnki.jos.006131",

language = "Chinese (Traditional)",

volume = "32",

pages = "41--67",

journal = "Ruan Jian Xue Bao/Journal of Software",

issn = "1000-9825",

publisher = "Chinese Academy of Sciences",

number = "1",

}

TY - JOUR

T1 - 机器学习模型安全与隐私研究综述

AU - Ji, Shou Ling

AU - Du, Tian Yu

AU - Li, Jin Feng

AU - Shen, Chao

AU - Li, Bo

N1 - Funding Information:  基金项目: 国家重点研发计划(2018YFB0804102); 浙江省自然科学基金(LR19F020003); 浙江省科技计划(2019C01055); 国家自然科学基金(61772466, U1936215, U1836202, 61822309, 61773310, U1736205) Foundation item: National Key Researchand Development Program of China (2018YFB0804102); Zhejiang Provincial Natural Science Foundation of China (LR19F020003); Provincial Key Research and Development Program of Zhejiang, China (2019C01055); National Natural Science Foundation of China (61772466, U1936215, U1836202, 61822309, 61773310, U1736205) 收稿时间: 2019-06-10; 修改时间: 2019-10-01; 采用时间: 2020-08-17; jos 在线出版时间: 2020-09-10 Publisher Copyright: © Copyright 2021, Institute of Software, the Chinese Academy of Sciences. All rights reserved.

PY - 2021/1

Y1 - 2021/1

N2 - In the era of big data, breakthroughs in theories and technologies of deep learning, reinforcement learning, and distributed learning have provided strong support for machine learning at the data and the algorithm level, as well as have promoted the development of scale and industrialization of machine learning. However, though machine learning models have excellent performance in many real-world applications, they still suffer many security and privacy threats at the data, model, and application levels, which could be characterized by diversity, concealment, and dynamic evolution. The security and privacy issues of machine learning have attracted extensive attention from academia and industry. A large number of researchers have conducted in-depth research on the security and privacy issues of models from the perspective of attack and defense, and proposed a series of attack and defense methods. In this survey, the security and privacy issues of machine learning are reviewed, existing research work is systematically and scientifically summarized, and the advantages and disadvantages of current research are clarified. Finally, the current challenges and future research directions of machine learning model security and privacy research are explored, aiming to provide guidance for follow-up researchers to further promote the development and application of machine learning model security and privacy research.

AB - In the era of big data, breakthroughs in theories and technologies of deep learning, reinforcement learning, and distributed learning have provided strong support for machine learning at the data and the algorithm level, as well as have promoted the development of scale and industrialization of machine learning. However, though machine learning models have excellent performance in many real-world applications, they still suffer many security and privacy threats at the data, model, and application levels, which could be characterized by diversity, concealment, and dynamic evolution. The security and privacy issues of machine learning have attracted extensive attention from academia and industry. A large number of researchers have conducted in-depth research on the security and privacy issues of models from the perspective of attack and defense, and proposed a series of attack and defense methods. In this survey, the security and privacy issues of machine learning are reviewed, existing research work is systematically and scientifically summarized, and the advantages and disadvantages of current research are clarified. Finally, the current challenges and future research directions of machine learning model security and privacy research are explored, aiming to provide guidance for follow-up researchers to further promote the development and application of machine learning model security and privacy research.

KW - Adversarial example

KW - Artificial intelligence security

KW - Machine learning

KW - Model privacy

KW - Poisoning attack

UR - http://www.scopus.com/inward/record.url?scp=85099098175&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85099098175&partnerID=8YFLogxK

U2 - 10.13328/j.cnki.jos.006131

DO - 10.13328/j.cnki.jos.006131

M3 - Review article

AN - SCOPUS:85099098175

VL - 32

SP - 41

EP - 67

JO - Ruan Jian Xue Bao/Journal of Software

JF - Ruan Jian Xue Bao/Journal of Software

SN - 1000-9825

IS - 1

ER -

机器学习模型安全与隐私研究综述

Abstract

Keywords

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this