๐Ÿค– AI / Machine Learning21 min

Adversarial Machine Learning: Attacking and Defending Neural Networks

A

Muhammad Asim Chattha

Software Developer & Cybersecurity Researcher

#Adversarial ML#FGSM#Robust Training#Security#Deep Learning

As ML models are deployed in security-critical applications, understanding their vulnerabilities to adversarial manipulation is essential.

Attack Taxonomy

  • **Evasion Attacks**: FGSM, PGD, C&W, and AutoAttack โ€” crafting imperceptible perturbations to fool classifiers
  • **Poisoning Attacks**: Backdoor injection via data poisoning and model poisoning during federated learning
  • **Model Extraction**: Stealing model architecture and parameters through black-box query access
  • **Inference Attacks**: Membership inference and attribute inference for privacy violations

Defense Strategies

  • **Adversarial Training**: Augmenting training data with adversarial examples (PGD-AT, TRADES)
  • **Certified Robustness**: Randomized smoothing for provable L2 robustness guarantees
  • **Detection**: Feature squeezing, MagNet, and spectral signature analysis
  • **Differential Privacy**: DP-SGD to protect against membership inference
โ† Back to all posts