The rapid development of Machine Learning (ML) has demonstrated superior performance in many areas, such as computer vision, video and speech recognition. It has now been increasingly leveraged in software systems to automate the core tasks. However, how to securely develop the machine learning-based modern software systems (MLBSS) remains a big challenge, for which the insufficient consideration will largely limit its application in safety-critical domains. One concern is that the present MLBSS development tends to be rush, and the latent vulnerabilities and privacy issues exposed to external users and attackers will be largely neglected and hard to be identified. Additionally, machine learning-based software systems exhibit different liabilities towards novel vulnerabilities at different development stages from requirement analysis to system maintenance, due to its inherent limitations from the model and data and the external adversary capabilities. In this work, we consider that security for machine learning-based software systems may arise by inherent system defects or external adversarial attacks, and the secure development practices should be taken throughout the whole lifecycle. While machine learning has become a new threat domain for existing software engineering practices, there is no such review work covering the topic. Overall, we present a holistic review regarding the security for MLBSS, which covers a systematic understanding from a structure review of three distinct aspects in terms of security threats. Moreover, it provides a thorough state-of-the-practice for MLBSS secure development. Finally, we summarise the literature for system security assurance, and motivate the future research directions with open challenges. We anticipate this work provides sufficient discussion and novel insights to incorporate system security engineering for future exploration.
翻译:机械学习(ML)的迅速发展在许多领域表现出了优异的绩效,如计算机视野、视频和语音识别等,现在在软件系统中越来越多地利用机器学习(ML)的迅速发展,使核心任务自动化;然而,如何安全开发机器学习(MLBSS)的现代软件系统(MLBSS)仍是一个重大挑战,对此,考虑不足将在很大程度上限制其在安全关键领域的应用;令人关切的是,目前MLBSS的开发往往过于仓促,外部用户和袭击者面临的潜在脆弱性和隐私问题将在很大程度上被忽视和难以查明。此外,机器学习软件系统在从需求分析到系统维护的不同发展阶段,对新出现的脆弱性表现出不同的责任,从需求分析到系统维护系统维护系统维护,我们从安全的角度对MLBSS的系统进行整体讨论,最后,我们从系统安全实践的角度对MLBS系统的安全动态进行审查。