Drinking from the Fetid Well: Data Poisoning and Machine Learning - By Lieutenant Andrew Galle
As robotics and artificial intelligence continue to become increasingly capable and autonomous from constant human control and input, the need for human life to occupy the field of battle continuously diminishes. One technology that enables this reality is machine learning, which would allow a device to react to its environment, and the infinite permutations of variables therein, while prosecuting the objectives of its human controllers. The Achilles’ heel of this technology, however, is what makes it possible—the machine’s ability to learn from examples. By poisoning these example datasets, adversaries can corrupt the machine’s training process, potentially causing the United States to field unreliable or dangerous assets. Defending against such techniques is critical. The United States must start accelerating its investments in developing countermeasures and change the way it uses and consumes data to mitigate these attacks when they do occur.