Title: Breaking Machine Learning Systems at the Industrial Scale
Abstract: Evasion and poisoning attacks have been demonstrated on a range of systems, but usually in a simplified laboratory setting. In this talk, I’ll describe recent work on evasion attacks, and present our work on dataset poisoning. I’ll explain how attacks on toy systems can be scaled up and weaponized to break industrial systems, including copyright detection systems, algorithmic trading bots, and the Google and Amazon machine learning APIs.