NIST’s National Cybersecurity Center of Excellence (NCCoE) has released a draft report on machine learning (ML) for public comment.
A Taxonomy and Terminology of Adversarial Machine Learning (Draft NISTIR 8269) was developed as a step toward securing applications of artificial intelligence (AI), especially against adversarial manipulations of ML.
Although AI also includes various knowledge-based systems, the data-driven approach of ML introduces additional security challenges in training and testing (inference) phases of system operations. Adversarial Machine Learning (AML) is concerned with the design of ML algorithms that can resist security challenges, the study of the capabilities of attackers, and the understanding of attack consequences.
The document develops a taxonomy of concepts and defines terminology in the field of AML. The taxonomy, built on and integrating previous AML survey works, is arranged in a conceptual hierarchy that includes key types of attacks, defenses, and consequences. The terminology, arranged in an alphabetical glossary, defines key terms associated with the security of ML components of an AI system.
Taken together, the terminology and taxonomy are intended to inform future standards and best practices for assessing and managing the security of ML components, by establishing a common language and understanding of the rapidly developing AML landscape.
The public is invited to review and comment on the findings and considerations published in Draft NISTIR 8269. The public comment period for this document closes December 16, 2019.
The public review includes a call for information on essential patent claims (claims whose use would be required for compliance with the guidance or requirements in the draft publication). It also includes disclosure, where known, of the existence of relevant pending U.S. or foreign patent applications and of any unexpired U.S. or foreign patents.