Phases of Learning
What are the three main components typically considered in a secure ML framework?
Data, model, and environment
What defines the attacker’s goals, knowledge, and capabilities?
Threat model
What is used to protect models from attacks?
Defense mechanism
What is the main goal of an exploratory attack?
Learning about the model without altering it
What is the attack where an adversary tries to replicate a model?
Model extraction
What is the attack that determines whether a data point was in the training set?
Membership inference
What is the attack where inputs are crafted to bypass detection during testing?
Evasion attack
What is the main strategy of a causative attack?
Poisoning the training data
In which phase do causative attacks typically occur?
Training phase
What type of attack alters training data to degrade model performance?
Data integrity attack
What is the attack where labels in the dataset are intentionally changed?
Label flipping
What are the two main categories of attacks in secure learning?
Both exploratory and causative
Which security property is targeted by exploratory attacks?
Confidentiality
What is the phase where data is cleaned and prepared before training?
Preprocessing
What is the phase where the trained model is evaluated or used for predictions?
Testing (or inference) phase