A Google competition pits machine learning attackers against machine learning defenders to strengthen security.

Mitch Wagner, Executive Editor, Light Reading

July 25, 2017

3 Min Read
Google Launches Fight Club for AI Security

As AI emerges as a leading tool for both security and network attacks, Google is setting artificial intelligences to fight each other to toughen them up.

The competition focuses on the specialized realm of image recognition. Google Brain, Google's machine learning division, is using Kaggle, a platform for data science competitions, to host a competition to prevent attackers from poisoning input data used to train machine learning in image recognition, according to the abstract describing the competition:

"Most existing machine learning classifiers are highly vulnerable to adversarial examples," the abstract explains. "An adversarial example is a sample of input data which has been modified very slightly in a way that is intended to cause a machine learning classifier to misclassify it. In many cases, these modifications can be so subtle that a human observer does not even notice the modification at all, yet the classifier still makes a mistake."

Figure 1: Photo by Lorie Shaull - Own work, CC BY-SA 4.0, Link Photo by Lorie Shaull - Own work, CC BY-SA 4.0, Link

Keep up with the latest enterprise cloud news and insights. Sign up for the weekly Enterprise Cloud News newsletter.

The competition will proceed along three tracks, two of them to find the best attack system that can trick a machine learning classifier, and a third for the best classifier to defend against attack.

Tricking machine learning systems is nothing new. Spammers evade spam filters by figuring out what patterns the filter's algorithms has been trained to identify. But more recently researchers have shown "that even the smartest algorithms can sometimes be misled in surprising ways. For example, deep-learning algorithms with near-human skill at recognizing objects in images can be fooled by seemingly abstract or random images that exploit the low-level patterns these algorithms look for," according to Technology Review.

"Adversarial machine learning is more difficult to study than conventional machine learning -- it's hard to tell if your attack is strong or if your defense is actually weak," Google Brain researcher Ian Goodfellow tells Technology Review.

The implications of the contest go beyond image recognition.

"Computer security is definitely moving toward machine learning," Goodfellow tells Technology Review. "The bad guys will be using machine learning to automate their attacks, and we will be using machine learning to defend."

"In theory, criminals might also bamboozle voice- and face-recognition systems, or even put up posters to fool the vision systems in self-driving cars, causing them to crash," Technology Review says.

Google announced in March that it plans to acquire Kaggle.

Related posts:

— Mitch Wagner Follow me on Twitter Visit my LinkedIn profile Visit my blog Friend me on Facebook Editor, Enterprise Cloud News

About the Author(s)

Mitch Wagner

Executive Editor, Light Reading

San Diego-based Mitch Wagner is many things. As well as being "our guy" on the West Coast (of the US, not Scotland, or anywhere else with indifferent meteorological conditions), he's a husband (to his wife), dissatisfied Democrat, American (so he could be President some day), nonobservant Jew, and science fiction fan. Not necessarily in that order.

He's also one half of a special duo, along with Minnie, who is the co-habitor of the West Coast Bureau and Light Reading's primary chewer of sticks, though she is not the only one on the team who regularly munches on bark.

Wagner, whose previous positions include Editor-in-Chief at Internet Evolution and Executive Editor at InformationWeek, will be responsible for tracking and reporting on developments in Silicon Valley and other US West Coast hotspots of communications technology innovation.

Beats: Software-defined networking (SDN), network functions virtualization (NFV), IP networking, and colored foods (such as 'green rice').

Subscribe and receive the latest news from the industry.
Join 62,000+ members. Yes it's completely free.

You May Also Like