AI Security : Machine Learning, Deep Learning and Computer Vision SecurityCihan Özhan
This document discusses technologies related to machine learning, deep learning, computer vision, and artificial intelligence. It covers topics such as ML/DL algorithms, applications, data objects, cloud computing services, distributed systems, security issues, model lifecycles, publishing ML projects, and adversarial attacks against various AI systems including image, speech, NLP, remote sensing, autonomous vehicles, and industrial applications. It also provides links to the founder's online profiles and contact information.
Blockchain : Decentralized Application Development (Turkish)Cihan Özhan
www.cihanozhan.com
*It is the presentation of my blockchain event that I presented in 2019.
Teknopark Istanbul Announcement : https://www.teknoparkistanbul.com.tr/egitimler/blockchain-decentralized-uygulama-gelistirme-sunumu
Bu seminerde Go programlama diline hızlı bir bakış attık. 2017'de verdiğim Go seminerinin bağlantısına da bu sunumun kaynaklar kısmından ulaşabilirsiniz.
www.cihanozhan.com
www.deeplab.co
www.darkfactory.co
Python programlama diline şöyle hızlıca bir göz atmak için inceleyebilirsiniz.
Blog : http://www.cihanozhan.com
#python #programming #pythonprogramming #pythonprogramminglanguage #py #makineöğrenmesi #görüntüişleme #computervision #deeplearning #machinelearning #programminglanguages
AI Security : Machine Learning, Deep Learning and Computer Vision SecurityCihan Özhan
This document discusses technologies related to machine learning, deep learning, computer vision, and artificial intelligence. It covers topics such as ML/DL algorithms, applications, data objects, cloud computing services, distributed systems, security issues, model lifecycles, publishing ML projects, and adversarial attacks against various AI systems including image, speech, NLP, remote sensing, autonomous vehicles, and industrial applications. It also provides links to the founder's online profiles and contact information.
Blockchain : Decentralized Application Development (Turkish)Cihan Özhan
www.cihanozhan.com
*It is the presentation of my blockchain event that I presented in 2019.
Teknopark Istanbul Announcement : https://www.teknoparkistanbul.com.tr/egitimler/blockchain-decentralized-uygulama-gelistirme-sunumu
Bu seminerde Go programlama diline hızlı bir bakış attık. 2017'de verdiğim Go seminerinin bağlantısına da bu sunumun kaynaklar kısmından ulaşabilirsiniz.
www.cihanozhan.com
www.deeplab.co
www.darkfactory.co
Python programlama diline şöyle hızlıca bir göz atmak için inceleyebilirsiniz.
Blog : http://www.cihanozhan.com
#python #programming #pythonprogramming #pythonprogramminglanguage #py #makineöğrenmesi #görüntüişleme #computervision #deeplearning #machinelearning #programminglanguages
The document provides an overview of Vertex AI, Google Cloud's managed machine learning platform. It discusses topics such as managing datasets, building and training machine learning models using both automated and custom approaches, implementing explainable AI, and deploying models. The document also includes references to the Vertex AI documentation and contact information for further information.
The slide covers a few state of the art models of word embedding and deep explanation on algorithms for approximation of softmax function in language models.
MLOps and Reproducible ML on AWS with Kubeflow and SageMakerProvectus
Looking to implement MLOps using AWS services and Kubeflow? Come and learn about machine learning from the experts of Provectus and Amazon Web Services (AWS)!
Businesses recognize that machine learning projects are important but go beyond just building and deploying models, which is mostly done by organizations. Successful ML projects entail a complete lifecycle involving ML, DevOps, and data engineering and are built on top of ML infrastructure.
AWS and Amazon SageMaker provide a foundation for building infrastructure for machine learning while Kubeflow is a great open source project, which is not given enough credit in the AWS community. In this webinar, we show how to design and build an end-to-end ML infrastructure on AWS.
Agenda
- Introductions
- Case Study: GoCheck Kids
- Overview of AWS Infrastructure for Machine Learning
- Provectus ML Infrastructure on AWS
- Experimentation
- MLOps
- Feature Store
Intended Audience
Technology executives & decision makers, manager-level tech roles, data engineers & data scientists, ML practitioners & ML engineers, and developers
Presenters
- Stepan Pushkarev, Chief Technology Officer, Provectus
- Qingwei Li, ML Specialist Solutions Architect, AWS
Feel free to share this presentation with your colleagues and don't hesitate to reach out to us at info@provectus.com if you have any questions!
REQUEST WEBINAR: https://provectus.com/webinar-mlops-and-reproducible-ml-on-aws-with-kubeflow-and-sagemaker-aug-2020/
Big Data Helsinki v 3 | "Federated Learning and Privacy-preserving AI" - Oguz...Dataconomy Media
"Machine learning algorithms require significant amounts of training data which has been centralized on one machine or in a datacenter so far. For numerous applications, such need of collecting data can be extremely privacy-invasive. Recent advancements in AI research approach this issue by a new paradigm of training AI models, i.e., Federated Learning.
In federated learning, edge devices (phones, computers, cars etc.) collaboratively learn a shared AI model while keeping all the training data on device, decoupling the ability to do machine learning from the need to store the data in the cloud. From personal data perspective, this paradigm enables a way of training a model on the device without directly inspecting users’ data on a server. This talk will pinpoint several examples of AI applications benefiting from federated learning and the likely future of privacy-aware systems."
The talk was given at OReilly Strata Data Conference September 2018 in NYC
All the conferences and thought leaders have been painting a vision of the businesses of the future being powered by data, but if we’re honest with ourselves, the vast majority of our massive data science investments are being deployed to PowerPoint or maybe a business dashboard. Productionizing your machine learning (ML) portfolio is the next big step on the path to ROI from AI.
You probably started out years ago on a “big data” initiative: You collected and cleaned your data and built data warehouses, and when those filled up you upgraded to data lakes. You hired data engineers and data scientists, and around the organization, everyone brushed up their SQL querying skills and got some licenses to Tableau and PowerBI.
Then you saw what Google, Uber, Facebook, and Amazon were doing with machine learning to automate business processes and customer interactions. To not get broadsided, you hired more data scientists and machine learning engineers. They were put on your teams and started using your big data investments to train models. But what you probably found is that your tech stack and DevOps processes don’t fit ML models. Unlike most of your systems, ML models require short spikes of massive compute; they are often written in different languages than your core code; they need different hardware to perform well; one model probably has applications across many teams; and the people making the models often don’t have the engineering experience to write production code but need to iterate faster than traditional engineers. Expecting your engineering and DevOps teams to deploy ML models well is like showing up to Seaworld with a giraffe since they are already handling large mammals.
There is a path forward. Almost five years ago Algorithmia launched a marketplace for models, functions, and algorithms. Today 65,000 developers are on the platform deploying 4,500 models—the result has been a layer of tools and best practices to make deploying ML models frictionless, scalable, and low maintenance. The company refers to it as the “AI layer.”
Drawing on this experience, Diego Oppenheimer covers the strategic and technical hurdles each company must overcome and the best practices developed while deploying over 4,000 ML models for 70,000 engineers.
Topics include:
Best practices for your organization
Continuous model deployment
Varying languages (Your code base probably isn’t in Python or R, but your ML models probably are.)
Managing your portfolio of ML models
Standardize versioning
Enabling models across your organization
Analytics on how and where models are being used
Maintaining auditability
Adversarial Attacks on A.I. Systems — NextCon, Jan 2019anant90
Machine Learning is itself just another tool, susceptible to adversarial attacks. These can have huge implications, especially in a world with self-driving cars and other automation. In this talk, we will look at recent developments in the world of adversarial attacks on the A.I. systems, and how far we have come in mitigating these attacks.
This document summarizes an adversarial examples presentation. It discusses how adversarial examples are samples modified to cause misclassification, gradient descent optimization techniques, neural network training methods, and black-box and white-box adversarial attack methods like Fast Gradient Sign Method. It also covers adversarial example defenses, uses of adversarial examples in research, and targeted perturbation algorithms.
Squeezing Deep Learning Into Mobile PhonesAnirudh Koul
A practical talk by Anirudh Koul aimed at how to run Deep Neural Networks to run on memory and energy constrained devices like smart phones. Highlights some frameworks and best practices.
TensorFlow is an open source software library for machine learning developed by Google. It provides primitives for defining functions on tensors and automatically computing their derivatives. TensorFlow represents computations as data flow graphs with nodes representing operations and edges representing tensors. It is widely used for neural networks and deep learning tasks like image classification, language processing, and speech recognition. TensorFlow is portable, scalable, and has a large community and support for deployment compared to other frameworks. It works by constructing a computational graph during modeling, and then executing operations by pushing data through the graph.
How to deploy machine learning models into productionDataWorks Summit
Data scientists spend a lot of time on data cleaning and munging, so that they can finally start with the fun part of their job: building models. After you have engineered the features and tested different models, you see how the prediction performance improves. However, the job is not done when you have a high performing model. The deployment of your models is a crucial step in the overall workflow and it is the point in time when your models actually become useful to your company.
In this session you will learn about various possibilities and best practices to bring machine learning models into production environments. The goal is not only to make live prediction calls or have the models available as REST API, but also what needs to be considered to maintain them. This talk will focus on solutions with Python (flask, Cloud Foundry, Docker, and more) and the well established ML packages such as Spark MLlib, scikit-learn, and xgboost, but the concepts can be easily transferred to other languages and frameworks.
Speaker
Sumit Goyal, IBM, Software Engineer
Interest in Deep Learning has been growing in the past few years. With advances in software and hardware technologies, Neural Networks are making a resurgence. With interest in AI based applications growing, and companies like IBM, Google, Microsoft, NVidia investing heavily in computing and software applications, it is time to understand Deep Learning better!
In this workshop, we will discuss the basics of Neural Networks and discuss how Deep Learning Neural networks are different from conventional Neural Network architectures. We will review a bit of mathematics that goes into building neural networks and understand the role of GPUs in Deep Learning. We will also get an introduction to Autoencoders, Convolutional Neural Networks, Recurrent Neural Networks and understand the state-of-the-art in hardware and software architectures. Functional Demos will be presented in Keras, a popular Python package with a backend in Theano and Tensorflow.
The document provides an overview of Vertex AI, Google Cloud's managed machine learning platform. It discusses topics such as managing datasets, building and training machine learning models using both automated and custom approaches, implementing explainable AI, and deploying models. The document also includes references to the Vertex AI documentation and contact information for further information.
The slide covers a few state of the art models of word embedding and deep explanation on algorithms for approximation of softmax function in language models.
MLOps and Reproducible ML on AWS with Kubeflow and SageMakerProvectus
Looking to implement MLOps using AWS services and Kubeflow? Come and learn about machine learning from the experts of Provectus and Amazon Web Services (AWS)!
Businesses recognize that machine learning projects are important but go beyond just building and deploying models, which is mostly done by organizations. Successful ML projects entail a complete lifecycle involving ML, DevOps, and data engineering and are built on top of ML infrastructure.
AWS and Amazon SageMaker provide a foundation for building infrastructure for machine learning while Kubeflow is a great open source project, which is not given enough credit in the AWS community. In this webinar, we show how to design and build an end-to-end ML infrastructure on AWS.
Agenda
- Introductions
- Case Study: GoCheck Kids
- Overview of AWS Infrastructure for Machine Learning
- Provectus ML Infrastructure on AWS
- Experimentation
- MLOps
- Feature Store
Intended Audience
Technology executives & decision makers, manager-level tech roles, data engineers & data scientists, ML practitioners & ML engineers, and developers
Presenters
- Stepan Pushkarev, Chief Technology Officer, Provectus
- Qingwei Li, ML Specialist Solutions Architect, AWS
Feel free to share this presentation with your colleagues and don't hesitate to reach out to us at info@provectus.com if you have any questions!
REQUEST WEBINAR: https://provectus.com/webinar-mlops-and-reproducible-ml-on-aws-with-kubeflow-and-sagemaker-aug-2020/
Big Data Helsinki v 3 | "Federated Learning and Privacy-preserving AI" - Oguz...Dataconomy Media
"Machine learning algorithms require significant amounts of training data which has been centralized on one machine or in a datacenter so far. For numerous applications, such need of collecting data can be extremely privacy-invasive. Recent advancements in AI research approach this issue by a new paradigm of training AI models, i.e., Federated Learning.
In federated learning, edge devices (phones, computers, cars etc.) collaboratively learn a shared AI model while keeping all the training data on device, decoupling the ability to do machine learning from the need to store the data in the cloud. From personal data perspective, this paradigm enables a way of training a model on the device without directly inspecting users’ data on a server. This talk will pinpoint several examples of AI applications benefiting from federated learning and the likely future of privacy-aware systems."
The talk was given at OReilly Strata Data Conference September 2018 in NYC
All the conferences and thought leaders have been painting a vision of the businesses of the future being powered by data, but if we’re honest with ourselves, the vast majority of our massive data science investments are being deployed to PowerPoint or maybe a business dashboard. Productionizing your machine learning (ML) portfolio is the next big step on the path to ROI from AI.
You probably started out years ago on a “big data” initiative: You collected and cleaned your data and built data warehouses, and when those filled up you upgraded to data lakes. You hired data engineers and data scientists, and around the organization, everyone brushed up their SQL querying skills and got some licenses to Tableau and PowerBI.
Then you saw what Google, Uber, Facebook, and Amazon were doing with machine learning to automate business processes and customer interactions. To not get broadsided, you hired more data scientists and machine learning engineers. They were put on your teams and started using your big data investments to train models. But what you probably found is that your tech stack and DevOps processes don’t fit ML models. Unlike most of your systems, ML models require short spikes of massive compute; they are often written in different languages than your core code; they need different hardware to perform well; one model probably has applications across many teams; and the people making the models often don’t have the engineering experience to write production code but need to iterate faster than traditional engineers. Expecting your engineering and DevOps teams to deploy ML models well is like showing up to Seaworld with a giraffe since they are already handling large mammals.
There is a path forward. Almost five years ago Algorithmia launched a marketplace for models, functions, and algorithms. Today 65,000 developers are on the platform deploying 4,500 models—the result has been a layer of tools and best practices to make deploying ML models frictionless, scalable, and low maintenance. The company refers to it as the “AI layer.”
Drawing on this experience, Diego Oppenheimer covers the strategic and technical hurdles each company must overcome and the best practices developed while deploying over 4,000 ML models for 70,000 engineers.
Topics include:
Best practices for your organization
Continuous model deployment
Varying languages (Your code base probably isn’t in Python or R, but your ML models probably are.)
Managing your portfolio of ML models
Standardize versioning
Enabling models across your organization
Analytics on how and where models are being used
Maintaining auditability
Adversarial Attacks on A.I. Systems — NextCon, Jan 2019anant90
Machine Learning is itself just another tool, susceptible to adversarial attacks. These can have huge implications, especially in a world with self-driving cars and other automation. In this talk, we will look at recent developments in the world of adversarial attacks on the A.I. systems, and how far we have come in mitigating these attacks.
This document summarizes an adversarial examples presentation. It discusses how adversarial examples are samples modified to cause misclassification, gradient descent optimization techniques, neural network training methods, and black-box and white-box adversarial attack methods like Fast Gradient Sign Method. It also covers adversarial example defenses, uses of adversarial examples in research, and targeted perturbation algorithms.
Squeezing Deep Learning Into Mobile PhonesAnirudh Koul
A practical talk by Anirudh Koul aimed at how to run Deep Neural Networks to run on memory and energy constrained devices like smart phones. Highlights some frameworks and best practices.
TensorFlow is an open source software library for machine learning developed by Google. It provides primitives for defining functions on tensors and automatically computing their derivatives. TensorFlow represents computations as data flow graphs with nodes representing operations and edges representing tensors. It is widely used for neural networks and deep learning tasks like image classification, language processing, and speech recognition. TensorFlow is portable, scalable, and has a large community and support for deployment compared to other frameworks. It works by constructing a computational graph during modeling, and then executing operations by pushing data through the graph.
How to deploy machine learning models into productionDataWorks Summit
Data scientists spend a lot of time on data cleaning and munging, so that they can finally start with the fun part of their job: building models. After you have engineered the features and tested different models, you see how the prediction performance improves. However, the job is not done when you have a high performing model. The deployment of your models is a crucial step in the overall workflow and it is the point in time when your models actually become useful to your company.
In this session you will learn about various possibilities and best practices to bring machine learning models into production environments. The goal is not only to make live prediction calls or have the models available as REST API, but also what needs to be considered to maintain them. This talk will focus on solutions with Python (flask, Cloud Foundry, Docker, and more) and the well established ML packages such as Spark MLlib, scikit-learn, and xgboost, but the concepts can be easily transferred to other languages and frameworks.
Speaker
Sumit Goyal, IBM, Software Engineer
Interest in Deep Learning has been growing in the past few years. With advances in software and hardware technologies, Neural Networks are making a resurgence. With interest in AI based applications growing, and companies like IBM, Google, Microsoft, NVidia investing heavily in computing and software applications, it is time to understand Deep Learning better!
In this workshop, we will discuss the basics of Neural Networks and discuss how Deep Learning Neural networks are different from conventional Neural Network architectures. We will review a bit of mathematics that goes into building neural networks and understand the role of GPUs in Deep Learning. We will also get an introduction to Autoencoders, Convolutional Neural Networks, Recurrent Neural Networks and understand the state-of-the-art in hardware and software architectures. Functional Demos will be presented in Keras, a popular Python package with a backend in Theano and Tensorflow.
Window ağlarda saldırganların yatay hareketleri ve bunların tespiti konusunda düzenlediğimiz webinarda kullanılan sunumdur.
Amacımız saldırı ve savunma tarafının bakış açılarını bir arada sunmaktı.
Siber saldırıların tespitinde ve olay müdahalesinde Windows sistemlerin logları bize önemli bilgiler verir. Sistemin ilk ele geçirildiği andan başlayarak siber saldırganların yerel ağda yayılmasına kadar pek çok adıma bu loglar üremektedir.
Webinarda aşağıdaki konuları ele aldık:
1- Siber Ölüm Zinciri: Siber saldırıların 7+1 adımı
2- Yatay hareket (lateral movement): Siber saldırganların yerel ağdaki davranışları
3- Fidye yazılımlardaki rolü: Fidye yazılımların yerel ağda yayılmak için kullandığı teknikler
4- Yaşanılan senaryolardan örnekler
5- Yatay hareket için kullanılan araçlar: Siber saldırganlar tarafından kullanılan araçlar
6- Windows Event Logs: Yatay hareketleri tespit etmek için kullanılabilecek loglar
7- LogonTracer Aracı: Log analizini kolaylaştıracak ücretsiz bir araç
8- Olay tespiti ve müdahalesinde Microsoft Advanced Threat Analytics (ATA) aracı kullanımı
9- Yatay hareket tespiti için öneriler
================
Sorularınız için sparta@sparta.com.tr
Bilgi Güvenliği ve Ağ Güvenliği //Fırat Üniversitesi Siber Güvenlik KonferansıRaif Berkay DİNÇEL
Bilgi Güvenliği ve Ağ Güvenliği
Ben Kimim ? ? ?
Neler Yaparım
Aldığım Eğitimler ve Sertifikalar
BlinkCursor ??
Konu İçerikleri
Bilgi Güvenliği Kavramı
Bilgi Güvenliğinin Amacı
Tehdit Türleri
Dahili Tehdit Unsurları
Harici Tehdit Unsurları
Saldırı Kavramı
Saldırgan Türleri
Saldırgan Motivasyonu
Ağda Bulunan ve Potansiyel Risk İçeren Sistemler
Saldırı Yöntemleri
Saldırılarda Sıkça Kullanılan Teknikler
Sosyal Mühendislik
Sosyal Mühendislik – Önleme Yöntemleri
Ağ Haritalama
Ağ Haritalamada Ulaşılmak İstenen Bilgiler
Ağ Haritalamada Kullanılan Teknikler
Ağ Haritalama – Önleme Yöntemleri
Uygulama Zayıflıkları
Uygulama Zayıflıkları – Önleme Yöntemleri
Yerel Ağ Saldırıları
Yerel Ağ Saldırılarında Kullanılan Teknikler
Yerel Ağ Saldırıları – Önleme Yöntemleri
Spoofing
Spoofing Teknikleri
Spoofing – Örnek Spoofing İşlemi
Spoofing – Önleme Yöntemleri
Hizmet Aksatma Saldırıları
Dağıtık Hizmet Aksatma Saldırıları
Hizmet Aksatma Saldırıları – Önleme Yöntemleri
Virüs, Worm ve Trojan Tehlikeleri
Virüs, Worm ve Trojan’ları Önleme Yöntemleri
Saldırıya Uğrayabilecek Değerler
Görülebilecek Zararın Boyutu
Güvenlik İhtiyacının Sınırları
Genel Güvenlik Önlemleri
Ağ Güvenlik Duvarı (Firewall)
Internet bağlantısında bir kurumun karşılaşabileceği sorunlar şunlardır;
Bir güvenlik duvarı çözümünde verilebilecek servisler
Paket Filtreleme
Dinamik (Stateful) Filtreleme;
DMZ (Silahtan Arındırılmış Bölge):
Proxy:
Firewall çözümleri:
İçerik Filtreleme (content filtering):
VPN:
Saldırı Tespiti (ID):
Loglama ve Raporlama:
SORULAR ???
Sosyal Medya Hesaplarım:
BENİ DİNLEDİĞİNİZ İÇİN HEPİNİZE ÇOK TEŞEKKÜR EDİYORUM
İletişim veya sorularınız için iletişim adreslerim ;
1. AI Security
Machine Learning, Deep Learning and Computer Vision Security
Cihan Özhan | Founder of DeepLab | Developer, AI Engineer, AI Hacker
11/2021
11. Model Lifecycle
Machine Learning Model Development Lifecycle
Biz buradan başlıyoruz!
ML model hazırlık süreci
Angarya ama mecburi görev:
Veriyi hazırlamak!
Modeli hazırlamışız!
Modeli veri ile eğitiyoruz.
Cloud ya da On-Premise
Eğitilmiş modeli test verisi ile test ettik!
Eğitilen model programsal
ortam için paketlenir.
Yayın sonrası:
Model sürekli izlenir.
12. MLaaS?
Machine Learning as a Service
ML/DL algoritma ve yazılımlarının, bulut bilişim hizmetlerinin bir
bileşeni olarak sunulması modeline denir.
MLaaS = (SaaS + [ML/DL/CV])
13. Hidden Technical Debt in Machine Learning Systems
https://papers.nips.cc/paper/2015/file/86df7dcfd896fcaf2674f757a2463eba-Paper.pdf
Genellikle tüm ekip, odak
ve kaynakların yönlendirildiği alan!
18. Adversarial Attack nedir?
”ML modellerini aldatmaya çalışan ve modelin hata yapmasına
neden olan bir tekniktir.”
Yüksek Tehdit Senaryoları
Self-Driving Cars, İHA/SİHA, IT Security, Yüz/Kimlik/Nesne Tanıma Sistemleri vb…
32. Security Research of Tesla Autopilot (40 Pages)
https://keenlab.tencent.com/en/whitepapers/Experimental_Security_Research_of_Tesla_Autopilot.pdf
33. Black-Box Vs White-Box
Adversaries
• White-Box
– NN ile ilgili tüm detaylar bilinir.
– NN’e doğrudan saldırı yapılabilir.
– Daha kolay yol.
– Saldırılar benzer olan diğer NN’lere uygulanabilir.
• Black-Box
– “Hangi modele saldıracağımı biliyorum”
• Örnek : AlexNet
– İlgili NN hakkında hiçbir detayın bilinmediği senaryo.
– Input-Output eşlemesi üzerinden saldırı kontrolü yapılabilir.
– Sahte(Dummy) bir NN oluşturup eğitin, saldırın ve sonrasında aynı yöntemler ile Black-Box
network’e saldırın.
37. Black-Box Use Case
(Autonomous Vehicles ADAS Hacking)
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/model-hacking-adas-to-pave-safer-roads-for-autonomous-vehicles/
85
42. - Solda kirli bir ‘Dur’ işareti.
- Sağda sticker ile yanlış sınıflandırmayı tetiklemek için değiştirilen ‘Dur’ işareti. 45mph hız limiti olarak algılanıyor.
48. Defense & Research Papers
https://nicholas.carlini.com/writing/2019/all-adversarial-example-papers.html
https://docs.microsoft.com/en-us/security/engineering/threat-modeling-aiml
49. Savunma Odaklı Öneriler
• İş/Uygulama Hedefinin Net/Açık/Temiz Olması
• Secure Engineering
• Input ve Output’larda İhtiyat, Kontrol, Log(Herşey)
• Model Integrity(Model Tutarlılığı)
• Model Testing
• Sistem Esnekliği
50. Savunma Odaklı Öneriler
• Sinir ağını, onları gürültü olarak tanımayı ve soyutlamayı öğrenene kadar
komik gözlük takan daha fazla insan örneği ile eğitin.
• Sinir ağlarını yalnızca öğrenmeleri gereken kalıplarla değil, aynı zamanda
tanımamaları gereken binlerce saçma girdiyle de eğitmemiz gerekir.
• Threat Modeling'i kullanın ve standart güvenlik kontrollerini uygulayın.
• Tehdit modellemenizi, geleneksel teknik kullanım senaryolarının dışında
belirli kullanım senaryolarını içerecek şekilde genişletin.
• Ses, video ve jest/mimik odaklı kullanıcı deneyimleri için tehdit modelleme.
• Yapay zekanızın belirgin kullanım senaryosu nedir?
• AI etkileşimleri, kullanıcının etkileşimleri ve bir saldırganın etkileşimleri
hakkındaki varsayımlarınız nelerdir?
• Gözlem ve komutlara cevap olarak AI sisteminizin planlarını ve eylemlerini
nasıl çalıştırmayı, izlemeyi ve kontrol etmeyi planlıyorsunuz?
https://docs.microsoft.com/en-us/security/engineering/threat-modeling-aiml
51.
52. Temel Güvenlik Sorunları
Kasıtlı Hatalar Kasıtsız Hatalar
Perturbation Attack Reward Hacking
Poisoning Attack Side Effects
Model Inversion Distributional Shifts
Membership Inference Natural Adversarial Examples
Model Stealing Common Corruption
Reprogramming ML system (NN Reprogramming) Incomplete Testing
Adversarial Example in Pyhsical Domain
Malicious ML provider recovering training data
Attacking the ML supply chain
Backdoor ML
Exploit Software Dependencies
57. Data Poisoning
Attacking Model Availability
• Saldırgan, bir modelin eğitim pipeline’ına kötü niyetli/anormal veriler enjekte edebilir ve bu da
modelin kararında kasıtlı bir sapmaya neden olabilir.
• Modelin kararını değiştirmek için sisteme yeterince kötü amaçlı veriyle saldırın.
https://sweis.medium.com/security-privacy-risks-of-machine-learning-models-cd0a44ac22b9
58. Exploit Software Dependencies
• Algoritmaları değil, sistem bağımlı olduğu yazılımların güvenlik
açıklarından faydalanır.
• Önlem:
– Security Scan
– Security Reports
– Dikkat Et : Wrappers ve Pre-Build Environment
– Az Dependency Kullan
– Dependency Management Tools
• Synk : Synk.io
• Python Poetry : python-poetry.org
• Bandit :
– Bandit is a tool designed to find common security issues in Python code.
– https://github.com/PyCQA/bandit
• pyup.io/safety
• requires.io
– vb…
59. Tool/Library Security
(TensorFlow)
• TensorFlow(gibi araçlar) internal iletişim için tasarlanmıştır,
güvensiz(untrusted) ağlarda çalışmak için değil.
• Bu araçlar(ModelServer vb.) built-in yetkilendirmeye sahip değildir.
• Dosyaları okuyup yazabilir, network üzerinden veri alıp gönderebilir…
• (!) TensorFlow Models as Programs
• (!) Running Untrusted Models
• (!) Accepting Untrusted Inputs
https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md
60. Endüstriyel Yapay Zeka ve Otonom Araçlar - Cihan Özhan
https://www.youtube.com/watch?v=ID_tw5iq6Xs