Carnegie Mellon University
Kakkad_cmu_0041O_11003.pdf (1.22 MB)

Defending Against Adversarial Machine Learning: Insights from Students vs. Professionals

Download (1.22 MB)
posted on 2023-07-20, 20:21 authored by Vishruti Jignesh Kakkad

 While Machine Learning is becoming an imperative part of modern-day Computer Science, it is not impervious to security attacks, just like any other faction in this industry. In this paper, we explore different types of Adversarial Machine Learning (AML) attacks where attackers use shortcomings of the learning models and classifiers to weaken the accuracy of the algorithms and related scenarios that might exist. We present two views on this aspect.

The first explores AML from the view of education, wherein we test Capture the Flag challenges based on actual AML attacks on a group of students to analyze the usability, feasibility, and accuracy of the challenges developed as well as to explore CTF as an education method for AML using an in-person study. We also received feedback in different areas to improve our current challenges. The second view comprises an opposing view which is the professionals in the industry, where we surveyed a few Cybersecurity and Machine Learning professionals and their experiences related to AML in the industry.

This helped us understand not only how professionals perceived AML but also current industry trends for security in Machine Learning, general awareness related to AML and how these issues correlated to their background and opinions. We propose a general threat model followed by some defenses based on the results of both studies and our background study for AML.




Degree Type

  • Master's Thesis


  • Information Networking Institute

Degree Name

  • Master of Science (MS)


Hanan Hibshi

Usage metrics


    Ref. manager