This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Top 5 Machine Learning Risks"
(Update major parts of the page.. still some sections needs to be updated) (Tag: Visual edit) |
(updated more sections) (Tag: Visual edit) |
||
| Line 83: | Line 83: | ||
==Contributors== | ==Contributors== | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
The success of OWASP is due to a community of enthusiasts and contributors that work to make our projects great. The first contributors to the project were: | The success of OWASP is due to a community of enthusiasts and contributors that work to make our projects great. The first contributors to the project were: | ||
| Line 97: | Line 90: | ||
= Road Map and Getting Involved = | = Road Map and Getting Involved = | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
We will have ANNUAL release of the up-to-date top 5 risks, organized as following: | We will have ANNUAL release of the up-to-date top 5 risks, organized as following: | ||
| Line 112: | Line 96: | ||
* Validate in AppSec conference | * Validate in AppSec conference | ||
* Release final list for the year. | * Release final list for the year. | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | + | As of September 2017, the topics priorities are: | |
| + | ** Machine Learning Introduction | ||
| + | *** What are the available machine learning platforms? | ||
| + | *** Are there any security vulnerabilities associated with these platforms? | ||
| + | ** Usage of Machine Learning in Security | ||
| + | *** Can AI be used to reduce false positive findings in security scanners? | ||
| + | *** Fraud Detection... | ||
| + | ** Security of Machine learning | ||
| + | *** ML Learning phase | ||
| + | *** How to securely feed data to ML and AI tools | ||
| + | *** How to make learning algorithms aware of malicious data? | ||
| + | ** Top 5 risks | ||
| + | ** Defending techniques | ||
| + | ** References and Additional Resources | ||
__NOTOC__ <headertabs></headertabs> | __NOTOC__ <headertabs></headertabs> | ||
Revision as of 03:25, 3 September 2017
The OWASP Top 5 Machine Learning RisksThe idea is to build the required resources which help software security community to understand the emerging technology of machine learning and how it is related to security, warn them about the risk associated with using ML, and discuss the defending techniques. DescriptionMachine Learning has recently re-emerged as a powerful tool in multiple business sectors, especially when it is used for Predictive Analytics at the scale of Big Data. This technique becomes vital when it is harnessed for the Security services and applications like Fraud Detection, Anomaly Detection, Behavioral Analysis, etc. Although these applications have huge success, there are security risks associated with the learning technique especially the security of the learning phase; which can still be vulnerable to threats originated by potential adversaries, and consequently it has considerable impact on their prediction results This project will list these risks and the defending techniques LicensingThe OWASP Top 5 Machine Learning Risks project is licensed under the http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one. |
. PresentationTBD Project Leader
Related ProjectsOpenhub |
Quick DownloadTBD News and EventsIn PrintThis project can be purchased as a print on demand book from Lulu.com Classifications
| |||||||
How can I participate in your project?
All you have to do is make the Project Leader's aware of your available time to contribute to the project. It is also important to let the Leader's know how you would like to contribute and pitch in to help the project meet it's goals and milestones. There are many different ways you can contribute to an OWASP Project, but communication with the leads is key.
If I am not a programmer can I participate in your project?
Yes, you can certainly participate in the project if you are not a programmer or technical. The project needs different skills and expertise and different times during its development. Currently, we are looking for researchers, writers, graphic designers, and a project administrator.
Contributors
The success of OWASP is due to a community of enthusiasts and contributors that work to make our projects great. The first contributors to the project were:
- User:Talal Albacha
- YOUR NAME BELONGS HERE
We will have ANNUAL release of the up-to-date top 5 risks, organized as following:
- Draft version
- Community responses
- Validate in AppSec conference
- Release final list for the year.
As of September 2017, the topics priorities are:
- Machine Learning Introduction
- What are the available machine learning platforms?
- Are there any security vulnerabilities associated with these platforms?
- Usage of Machine Learning in Security
- Can AI be used to reduce false positive findings in security scanners?
- Fraud Detection...
- Security of Machine learning
- ML Learning phase
- How to securely feed data to ML and AI tools
- How to make learning algorithms aware of malicious data?
- Top 5 risks
- Defending techniques
- References and Additional Resources
- Machine Learning Introduction
