Introduction:

AI is undergoing exponential growth these days. Businesses, Academia, and tech enthusiasts are hyped about trying out Deep learning to solve their problems. Professionals, researchers, and students are driven to taste the potential of this new tech. Just like every other technology, AI comes with awesome applications topped with some serious implications. So, join the 3-day expedition specially designed for security professionals to understand, build, and hack AI applications. The course is divided into two parts, ML4SEC & and SEC4ML. ML4SEC will focus on the nitty-gritty of building ML applications. Then learn to hack them in the SEC4ML section.

- ML4SEC: Considering no prior knowledge of mathematics and ML, we will try to build the intuition behind algorithms. Attendees will go through hands-on experience in building ML-powered defensive and offensive security tools. An in-depth understanding of the entire ML pipeline is provided. Which consists of pre-processing data, building ML models, training and evaluating them, and using trained models for prediction. Well-known machine learning libraries like Tensorflow, Keras, Pytorch, sklearn, etc. will be used. In the end, you will be ready with end-to-end and ready to apply ML Gyan for security professionals.

- SEC4ML: This part will address the vulnerabilities (like Adversarial learning, Prompt Injection, Model stealing, Data poisoning, Model Inference, etc) in state-of-the-art machine learning methodologies. We will not spare the new shiny toy in the market, known as GPT. Lab material will consist of Vulnerable AI applications that can be exploited to provide a thorough understanding of discussed vulnerabilities and mitigation.

Table of Content

  1. Day 1: ML4SEC
    In this session, we will build our understanding of basic yet state-of-the-art machine learning algorithms. Discuss mathemagic behind why these models work the way they do. Build some smart machine-learning applications and evaluate them. By the end, we will get an idea of how to solve a real-world problem using machine learning.
    • Introduction to Machine Learning
    • Common use cases, where to use and where not to use machine learning
    • Introduction to different Python libraries/packages like Keras, TensorFlow, sklearn
    • Overview of how machine learning models are built and deployed in production
    • Understanding Mathematics and intuition behind used machine learning algorithms
    • Supervised learning
    • Linear regression, logistic regression, Neural nets, and similar classifiers
    • Unsupervised learning, Clustering algorithms
    • A brief introduction to data pre-processing with a demo
    • Applications of machine learning in the security domain with hands-on examples
    • A detailed process of how to leverage previously discussed knowledge to build applications in defensive as well as offensive security.
    • Image classifier using deep learning
    • Defensive sec:
    • Web access firewalls
    • Spam classifier
    • Malware detection engine
    • Machine learning for fuzzing
    • Now that we have made our systems “Intelligent”, is it possible to fool them? Are these applications hackable?
  2. DAY 2: SEC4ML
    • In this session, we will look deeper at different flaws in how ML/DL algorithms are implemented. Hands-on examples explaining and attacking such vulnerable implementations. Also, discussion on possible mitigation.
    • A brief introduction to Vulnerabilities in Machine Learning
    • Discussion on various ways of compromising machine learning apps
    • Adversarial learning Attacks
    • Introduction and mathematical intuition behind the existence of this flaw
    • Demo and hands-on practice of fooling very accurate state-of-the art Image classifiers
    • Analyzing why this attack works
    • Possible mitigation
    • Model stealing Attacks
    • How proprietary ML models can be stolen by an attacker, making him/her use the models for FREE
    • Stealing offline ML models that are deployed on devices with installer packages
    • Stealing models that are deployed on the cloud with restricted access via APIs
    • Demo
    • Adversarial Attack on face-recognition application
    • Model Skewing and data poisoning attacks
    • How and why this attack works
    • Hands-on example of bypassing ML-based 99.99% accurate Spam Filters
    • Possible Mitigation
    • Infer data used to train the LLM models like GPT-x
    • Attacks on LLM models like Prompt Injection
    • Discussion on other lesser addressed vulnerabilities and real-world impact.
    • CTF challenge focuses on one of the discussed vulnerabilities

Pre-Requisites :

  • Scripting level knowledge of python. To make changes to existing code
  • Basic linux commands to navigate around the lab and execute code

Participants Requirements:

  • Laptop with 8GB+ RAM
  • 20 GB space
  • Virtual box (latest version)
  • Any flavor of Linux is preferred over Windows
  • Open mind made up for some intense mathemagic

Duration

2 days

Who should attend:

  • Machine learning enthusiasts and professionals
  • Pentesters willing to explore new ways to pentest Machine learning applications
  • Students with a computer science background and a taste for ML and infosec

What to expect:

  • Thorough understanding of basic machine learning methodologies
  • Hands-on practice in Specially crafted labs for ML and Infosec enthusiasts
  • End-to-end and ready to apply ML knowledge for security professionals
  • Good understanding of Machine learning vulnerabilities
  • Hands-on experience with well-known machine-learning libraries
  • Lab material for post-course practice

What not to expect:

  • Being an ML Security pro in two days
  • Heavy mathematical background in Machine Learning concepts