Machine Learning as a Service
MLaaS is the method in which ML/DL algorithms and software
are offered as a component of cloud computing services.
MLaaS = (SaaS + [ML/DL/CV])
10. Hidden Technical Debt in Machine Learning Systems
Usually the whole team, focus and
area where resources are directed!
12. Model Lifecycle
Machine Learning Model Development Lifecycle
We start here!
ML model preparation process
The chore but the imperative:
Preparing the data!
We prepared the model!
We train the model with data.
Cloud or On-Premise
We tested the trained model with test data!
The trained model is packaged
for the programmatic
The model is
17. Basic Security Issues
Intentional Issues Unintentional Issues
Perturbation Attack Reward Hacking
Poisoning Attack Side Effects
Model Inversion Distributional Shifts
Membership Inference Natural Adversarial Examples
Model Stealing Common Corruption
Reprogramming ML system Incomplete Testing
Adversarial Example in Pyhsical Domain
Malicious ML provider recovering training data
Attacking the ML supply chain
Exploit Software Dependencies
35. Exploit Software Dependencies
• It takes advantage of the vulnerabilities of the software the system is
connected to, not algorithms.
– Security Scan
– Security Reports
– Be Careful : Wrappers ve Pre-Build Environment
– Use Less Dependency
– Dependency Management Tools
• Synk : Synk.io
• Python Poetry : python-poetry.org
• Bandit :
– Bandit is a tool designed to find common security issues in Python code.
36. Tool/Library Security
• TensorFlow (tools like) is designed for internal communication, not for
running on untrusted networks.
• These tools (ModelServer etc.) do not have built-in authorization.
• It can read and write files, send and receive data over the network…
• (!) TensorFlow Models as Programs
• (!) Running Untrusted Models
• (!) Accepting Untrusted Inputs