Hacking and Securing Machine Learning Systems and Environments｜Joshua Arvin Lat｜PyCon APAC 2022

PyCon APAC 2022｜一般演講 Talks｜國泰金控 Cathay Financial Holdings / 美光科技 Micron 冠名贊助

✏️ 共筆 Note：https://hackmd.io/@pycontw/Hyvj8pmJs 🖐🏻 Slido：https://app.sli.do/event/8YJfRpFFZpeVsK6NVgX24o 🪧 投影片 Slides：https://speakerdeck.com/arvslat/pycon-apac-2022-hacking-and-securing-machine-learning-environments-and-systems 💬 語言 Language：英文 English 🎯 層級 Level：進階 Experienced 🔎 分類 Category：資訊安全 Secruity

💡 摘要 Abstract 💡 It is not an easy task to design and build machine learning systems. ML practitioners deploy ML models by converting some of their Jupyter Notebook Python code into production-ready application code. Once these ML systems have been set up, they need to be secured properly to manage vulnerabilities and exploits. There are different ways to attack ML systems and most data science teams are not equipped with the skills required to secure these systems. We will discuss in detail several strategies and solutions on how to secure these systems. In this session, we will review several attacks customized to take advantage of vulnerabilities present in Python libraries such as Joblib, urllib, and PyYAML. In addition to these, we'll check possible attacks on ML inference endpoints built using frameworks such as Flask, Pyramid, or Django. Finally, we will talk about several examples on how ML environments using ML frameworks (such as TensorFlow and PyTorch) can be attacked and compromised.

🪄 說明 Description 🪄 Designing and building machine learning systems require a lot of skill, time, and experience. Data scientists, developers, and ML engineers work together in building ML systems and pipelines that automate different stages of the machine learning process. Once the ML systems have been set up, these systems need to be secured properly to prevent these systems from being hacked and compromised.

ML systems are generally built using Python and some attacks have been customized to take advantage of vulnerabilities present in certain Python libraries such as Joblib, urllib, and PyYAML. Other attacks may take advantage of vulnerabilities present in the custom code of ML engineers as well. In addition to these, we'll take a look at certain attack vectors available for certain cloud SDKs (e.g., SageMaker Python SDK) available in Python. There are different ways to attack machine learning systems and most data science teams are not equipped with the skills required to secure the systems they built. In this talk, we will discuss in detail the cybersecurity attack chain and how this affects a company's strategy when setting up different layers of security. We will discuss the different ways ML systems can be attacked and compromised and along the way, we will share the relevant strategies to mitigate these attacks. This includes attacks performed in deployed custom APIs (ML inference endpoints) built using known Python frameworks (e.g., Flask, Pyramid, Django) along with serverless applications and architectures written in Python (e.g., Chalice).

Finally, we will show how to review and assess new discovered vulnerabilities in Python libraries and packages. We will share some tips and techniques on how to check if any of your ML systems and environments are vulnerable to certain types of attacks. We'll do these by sharing some examples using ML frameworks such as PyTorch and TensorFlow.

🚀 講者介紹 About Speaker - Joshua Arvin Lat 🚀 Joshua Arvin Lat is the Chief Technology Officer (CTO) of NuWorks Interactive Labs, Inc. He previously served as the CTO of 3 Australian-owned companies and also served as the Director for Software Development and Engineering for multiple e-commerce startups in the past which allowed him to be more effective as a leader. Years ago, he and his team won 1st place in a global cybersecurity competition with their published research paper. He is also an AWS Machine Learning Hero and he has been sharing his knowledge in several international conferences to discuss practical strategies on machine learning, engineering, security, and management. He is the author of the book "Machine Learning with Amazon SageMaker Cookbook"

#pycontw #pyconapac2022 #python #tensorflow #pytorch #machinelearning #datasecurity

Follow “PyCon Taiwan” ⭐️ Official Website: https://tw.pycon.org ⭐️ Facebook: https://www.facebook.com/pycontw ⭐️ Instagram: https://www.instagram.com/pycontw ⭐️ Twitter: https://twitter.com/PyConTW ⭐️ LinkedIn: https://www.linkedin.com/company/pycontw ⭐️ Blogger: https://pycontw.blogspot.com ... https://www.youtube.com/watch?v=WUKYsEJeSyw