Search papers, labs, and topics across Lattice.
This paper introduces a systematic framework for understanding collusion among adversaries in machine learning pipelines, addressing gaps in existing literature regarding the interplay between train- and inference-time adversaries. By identifying enabling factors for collusion, the authors provide guidelines for predicting potential collusion scenarios and empirically validate five cases of such interactions. The findings reveal that adversaries' characteristics significantly influence the likelihood and impact of collusion, underscoring the need for enhanced security measures in ML systems.
Colluding adversaries can amplify attacks in machine learning pipelines, revealing hidden vulnerabilities that traditional defenses overlook.
Machine learning (ML) models are susceptible to various security, privacy, and fairness risks. Adversaries with different characteristics (i.e., objectives, knowledge, and capabilities) can collude by executing one attack to amplify others. Existing work lacks a systematic framework to explore collusion among adversaries, and to study the implications of the adversaries' characteristics. We present a framework covering collusion (a) between train- and inference-time adversaries, and (b) among inference-time adversaries. Our framework accounts for factors enabling collusion between adversaries. We propose a guideline to conjecture about the potential for collusion using enabling factors. We use it to explain prior work, conjecture about unexplored collusions, and empirically validate five such cases. Finally, we discuss how adversaries' characteristics influence the potential for collusion.
