机器学习模型安全与隐私研究综述
作者:
作者单位:

作者简介:

纪守领(1986-),男,博士,研究员,博士生导师,CCF专业会员,主要研究领域为人工智能与安全,数据驱动安全,IoT安全,软件与系统安全,大数据分析.
杜天宇(1996-),女,学士,主要研究领域为人工智能安全.
李进锋(1994-),男,硕士,主要研究领域为人工智能安全.
沈超(1985-),男,博士,教授,博士生导师,CCF专业会员,主要研究领域为网络与系统安全,人工智能,系统工程.
李博(1987-),女,博士,助理教授,博士生导师,主要研究领域为机器学习,安全与隐私,博弈论.

通讯作者:

纪守领,E-mail:sji@zju.edu.cn

基金项目:

国家重点研发计划(2018YFB0804102);浙江省自然科学基金(LR19F020003);浙江省科技计划(2019C01055);国家自然科学基金(61772466,U1936215,U1836202,61822309,61773310,U1736205)


Security and Privacy of Machine Learning Models: A Survey
Author:
Affiliation:

Fund Project:

National Key Researchand Development Program of China (2018YFB0804102); Zhejiang Provincial Natural Science Foundation of China (LR19F020003); Provincial Key Research and Development Program of Zhejiang, China (2019C01055); National Natural Science Foundation of China (61772466, U1936215, U1836202, 61822309, 61773310, U1736205)

  • 摘要
  • |
  • 图/表
  • |
  • 访问统计
  • |
  • 参考文献
  • |
  • 相似文献
  • |
  • 引证文献
  • |
  • 资源附件
    摘要:

    在大数据时代下,深度学习、强化学习以及分布式学习等理论和技术取得的突破性进展,为机器学习提供了数据和算法层面强有力的支撑,同时促进了机器学习的规模化和产业化发展.然而,尽管机器学习模型在现实应用中有着出色的表现,但其本身仍然面临着诸多的安全威胁.机器学习在数据层、模型层以及应用层面临的安全和隐私威胁呈现出多样性、隐蔽性和动态演化的特点.机器学习的安全和隐私问题吸引了学术界和工业界的广泛关注,一大批学者分别从攻击和防御的角度对模型的安全和隐私问题进行了深入的研究,并且提出了一系列的攻防方法.回顾了机器学习的安全和隐私问题,并对现有的研究工作进行了系统的总结和科学的归纳,同时明确了当前研究的优势和不足.最后探讨了机器学习模型安全与隐私保护研究当前所面临的挑战以及未来潜在的研究方向,旨在为后续学者进一步推动机器学习模型安全与隐私保护研究的发展和应用提供指导.

    Abstract:

    In the era of big data, breakthroughs in theories and technologies of deep learning, reinforcement learning, and distributed learning have provided strong support for machine learning at the data and the algorithm level, as well as have promoted the development of scale and industrialization of machine learning. However, though machine learning models have excellent performance in many real-world applications, they still suffer many security and privacy threats at the data, model, and application levels, which could be characterized by diversity, concealment, and dynamic evolution. The security and privacy issues of machine learning have attracted extensive attention from academia and industry. A large number of researchers have conducted in-depth research on the security and privacy issues of models from the perspective of attack and defense, and proposed a series of attack and defense methods. In this survey, the security and privacy issues of machine learning are reviewed, existing research work is systematically and scientifically summarized, and the advantages and disadvantages of current research are clarified. Finally, the current challenges and future research directions of machine learning model security and privacy research are explored, aiming to provide guidance for follow-up researchers to further promote the development and application of machine learning model security and privacy research.

    参考文献
    相似文献
    引证文献
引用本文

纪守领,杜天宇,李进锋,沈超,李博.机器学习模型安全与隐私研究综述.软件学报,2021,32(1):41-67

复制
分享
文章指标
  • 点击次数:
  • 下载次数:
历史
  • 收稿日期:2019-06-10
  • 最后修改日期:2019-10-01
  • 录用日期:
  • 在线发布日期: 2020-09-10
您是第位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号