OWASP Top 5 Machine Learning Risks
The OWASP Top 5 Machine Learning Risks
The idea is to build the required resources which help software security community to understand the emerging technology of machine learning and how it is related to security, warn them about the risk associated with using ML, and discuss the defending techniques.
Machine Learning has recently re-emerged as a powerful tool in multiple business sectors. It also becomes vital when it is harnessed for the Security services and applications like Fraud Detection, Anomaly Detection, Behavioral Analysis, etc.
Although these applications have huge success, there are still security risks associated with the learning technique especially the security of the learning phase; which can still be vulnerable to threats originated by potential adversaries, and consequently it has considerable impact on their prediction results
This project will list these risks and the defending techniques
The OWASP Top 5 Machine Learning Risks project is licensed under the http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.
How can I participate in your project?
This project requires a lot of participations from data scientists, ML experts, software developers, risk managers and application security specialists. Please make the Project Leader's aware of your available time to contribute to the project. It is also important to let the Leader's know how you would like to contribute and pitch in to help the project meet it's goals and milestones. There are many different ways you can contribute to an OWASP Project, but communication with the leads is key.
The success of OWASP is due to a community of enthusiasts and contributors that work to make our projects great. The first contributors to the project were:
We will have ANNUAL release of the up-to-date top 5 risks, organized as following:
- Draft version (https://github.com/OWASP/Top-5-Machine-Learning-Risks/)
- Community responses
- Validate in AppSec conference
- Release final list for the year.