Based on interviews with 28 organizations, we found that industry practitioners are not equipped with tactical and strategic tools to protect, detect and respond to attacks on their Machine Learning (ML) systems. We leverage the insights from the interviews and we enumerate the gaps in perspective in securing machine learning systems when viewed in the context of traditional software security development. We write this paper from the perspective of two personas: developers/ML engineers and security incident responders who are tasked with securing ML systems as they are designed, developed and deployed ML systems. The goal of this paper is to engage researchers to revise and amend the Security Development Lifecycle for industrial-grade software in the adversarial ML era.
翻译:根据与28个组织的访谈,我们发现工业从业人员没有配备战术和战略工具来保护、检测和应对对其机器学习系统的攻击。我们利用访谈的见解,从传统软件安全发展的角度来列举在确保机器学习系统方面的视角差距。我们从两个人的角度撰写本文:开发商/ML工程师和安全事件应对者,他们的任务是在设计、开发和部署ML系统时确保ML系统的安全。本文的目标是让研究人员参与修订和修改对抗性ML时代工业级软件的安全发展生命周期。