advmlthreatmatrix/readme.md

# Table of Contents
1. [Adversarial ML 101](/pages/adversarial-ml-101.md)
2. [Adversarial ML Threat Matrix](/pages/adversarial-ml-threat-matrix.md)
    - [Why Adversarial ML Threat Matrix?](/pages/why-adversarial-ml-threat-matrix.md)
    - [Structure of Adversarial ML Threat Matrix](/pages/structure-of-adversarial-ml-threat-matrix.md)
    - [Things to keep in mind before you use the framework](/pages/things-to-keep-in-mind-before-you-use-the-framework.md)
    - [Adversarial ML Threat Matrix] 
8. [Case Studies Page](/pages/case-studies-page.md)
    - [ClearviewAI Misconfiguration](/pages/case-studies-page.md#clearviewai-misconfiguration)
    - [GPT-2 Model Replication](/pages/case-studies-page.md#gpt-2-model-replication)
    - [ProofPoint Evasion](/pages/case-studies-page.md#proofpoint-evasion)
    - [Tay Poisoning](/pages/case-studies-page.md#tay-poisoning)
    - [Microsoft Red Team Exercise](/pages/case-studies-page.md#microsoft-red-team-exercise)
    - [Bosch Team Experience with EdgeAI ](/pages/case-studies-page.md#bosch-team-experience-with-edgeai)
    - [MITRE -- Physical Adversarial Examples -- TBD](/pages/case-studies-page.md#mitre-physical-adversarial-examples-tbd)
5. [Contributors](#contributors)
6. [Feedback](#feedback-and-getting-involved)
6. [Contact Us](#contact-us)
---- 

The goal of this project is to position attacks on ML systems in an ATT&CK-style framework so that security analysts can orient themselves
in this new and upcoming threats.

![alt text](resources/advmlthreatmatrix.png)


## Contributors

| **Organization**    | **Contributors**    |
| :---                | :---                |
| Microsoft           | Ram Shankar Siva Kumar, Hyrum Anderson, Will Pearce, Suzy Shapperle, Blake Strom, Madeline Carmichael, Matt Swann, Mark Russinovich, Nick Beede, Kathy Vu, Andi Comissioneru, Sharon Xia, Mario Goertzel, Jeffrey Snover, Derek Adam, Deepak Manohar, Bhairav Mehta, Peter Waxman, Abhishek Gupta, Ann Johnson  |
| MITRE               | Mikel D. Rodriguez, Christina E Liaghati, Keith R. Manville, Michael R Krumdick |
| Bosch               | Manojkumar Parmar |
| IBM                 | Pin-Yu Chen       |
| NVIDIA              | David Reber Jr., Keith Kozo, Christopher Cottrell, Daniel Rohrer |
| Airbus              | Adam Wedgbury     |
| Deep Instinct       | Nadav Maman       |
| TwoSix              | David Slater      |
| University of Toronto | Adelin Travers, Jonas Guan, Nicolas Papernot |
| Cardiff University  | Pete Burnap |
| Software Engineering Institute/Carnegie Mellon University | Nathan M. VanHoudnos | 
| Berryville Institute of Machine Learning | Gary McGraw, Harold Figueroa, Victor Shepardson, Richie Bonett|

## Feedback and Getting Involved 

The Adversarial ML Threat Matrix is a first-cut attempt at collating a knowledge base of how ML systems can be attacked. We need your help to make it holistic and fill in the missing gaps!

**Corrections and Improvement**

-   For immediate corrections, please submit a Pull Request with suggested changes! We are excited to make this system better with you!
-   For a more hands on feedback session, we are partnering with Defcon's AI Village to open up the framework to all community members to get feedback and make it better. Current thinking is to have this event circa
Jan/Feb 2021.Please register here for the workshop for more hands on feedback session

**Join our Adversarial ML Threat Matrix Google Group**

- For discussions around Adversarial ML Threat Matrix, we invite everyone to join our Google Group [here](https://groups.google.com/forum/#!forum/advmlthreatmatrix/join)
- If you want to access this forum using your corporate email (as opposed to your gmail)
  - Open your browser in Incognito mode.
  - Once you sign up with your corporate, and complete captcha, you may
  - Get an error, ignore it!
  - Also note, emails from Google Forums generally go to "Other"/"Spam"
    folder. So, you may want to create a rule to go into your inbox
    instead

 
 ## Contact Us
For corrections and improvement, see [Feedback](#feedback)

-  Our public email group is advmlthreatmatrix@googlegroups.com. This emails all the contributors. 
-  For private questions/comments, please email: <Ram.Shankar@microsoft.com> and <Mikel@mitre.org>
Removed Word formatting 2020-09-29 12:25:16 -06:00			`# Table of Contents`
fixed adv-ml-101 link 2020-10-12 17:18:58 -04:00			`1. [Adversarial ML 101](/pages/adversarial-ml-101.md)`
Moved the ToC around 2020-10-13 09:10:45 -07:00			`2. [Adversarial ML Threat Matrix](/pages/adversarial-ml-threat-matrix.md)`
			`- [Why Adversarial ML Threat Matrix?](/pages/why-adversarial-ml-threat-matrix.md)`
			`- [Structure of Adversarial ML Threat Matrix](/pages/structure-of-adversarial-ml-threat-matrix.md)`
			`- [Things to keep in mind before you use the framework](/pages/things-to-keep-in-mind-before-you-use-the-framework.md)`
			`- [Adversarial ML Threat Matrix]`
moved sections to separate pages 2020-10-12 17:28:48 -04:00			`8. [Case Studies Page](/pages/case-studies-page.md)`
fixed case-studies links 2020-10-12 17:33:55 -04:00			`- [ClearviewAI Misconfiguration](/pages/case-studies-page.md#clearviewai-misconfiguration)`
			`- [GPT-2 Model Replication](/pages/case-studies-page.md#gpt-2-model-replication)`
			`- [ProofPoint Evasion](/pages/case-studies-page.md#proofpoint-evasion)`
			`- [Tay Poisoning](/pages/case-studies-page.md#tay-poisoning)`
			`- [Microsoft Red Team Exercise](/pages/case-studies-page.md#microsoft-red-team-exercise)`
			`- [Bosch Team Experience with EdgeAI ](/pages/case-studies-page.md#bosch-team-experience-with-edgeai)`
			`- [MITRE -- Physical Adversarial Examples -- TBD](/pages/case-studies-page.md#mitre-physical-adversarial-examples-tbd)`
Moved the ToC around 2020-10-13 09:10:45 -07:00			`5. [Contributors](#contributors)`
Moved contact info and feedback separately 2020-10-13 13:58:15 -07:00			`6. [Feedback](#feedback-and-getting-involved)`
			`6. [Contact Us](#contact-us)`
Removed Word formatting 2020-09-29 12:25:16 -06:00			`----`
Update readme.md Made modification to language and cleaned it up 2020-09-29 12:50:25 -07:00
Removed Word formatting 2020-09-29 12:25:16 -06:00			`The goal of this project is to position attacks on ML systems in an ATT&CK-style framework so that security analysts can orient themselves`
Converted with Pandoc The original document converted to markdown with pandoc. 2020-09-29 11:14:31 -06:00			`in this new and upcoming threats.`
Update readme.md 2020-10-13 00:34:04 -07:00
Moved contact info and feedback separately 2020-10-13 13:58:15 -07:00			`![alt text](resources/advmlthreatmatrix.png)`
Moved the ToC around 2020-10-13 09:10:45 -07:00
Update readme.md 2020-10-13 00:34:04 -07:00
Moved contact info and feedback separately 2020-10-13 13:58:15 -07:00			`## Contributors`
Update readme.md 2020-10-13 00:34:04 -07:00
			`\| Organization \| Contributors \|`
			`\| :--- \| :--- \|`
Moved the ToC around 2020-10-13 09:10:45 -07:00			`\| Microsoft \| Ram Shankar Siva Kumar, Hyrum Anderson, Will Pearce, Suzy Shapperle, Blake Strom, Madeline Carmichael, Matt Swann, Mark Russinovich, Nick Beede, Kathy Vu, Andi Comissioneru, Sharon Xia, Mario Goertzel, Jeffrey Snover, Derek Adam, Deepak Manohar, Bhairav Mehta, Peter Waxman, Abhishek Gupta, Ann Johnson \|`
Update readme.md 2020-10-13 00:34:04 -07:00			`\| MITRE \| Mikel D. Rodriguez, Christina E Liaghati, Keith R. Manville, Michael R Krumdick \|`
			`\| Bosch \| Manojkumar Parmar \|`
			`\| IBM \| Pin-Yu Chen \|`
			`\| NVIDIA \| David Reber Jr., Keith Kozo, Christopher Cottrell, Daniel Rohrer \|`
			`\| Airbus \| Adam Wedgbury \|`
			`\| Deep Instinct \| Nadav Maman \|`
			`\| TwoSix \| David Slater \|`
			`\| University of Toronto \| Adelin Travers, Jonas Guan, Nicolas Papernot \|`
			`\| Cardiff University \| Pete Burnap \|`
			`\| Software Engineering Institute/Carnegie Mellon University \| Nathan M. VanHoudnos \|`
			`\| Berryville Institute of Machine Learning \| Gary McGraw, Harold Figueroa, Victor Shepardson, Richie Bonett\|`
Moved the ToC around 2020-10-13 09:10:45 -07:00
Moved contact info and feedback separately 2020-10-13 13:58:15 -07:00			`## Feedback and Getting Involved`
Moved the ToC around 2020-10-13 09:10:45 -07:00
			`The Adversarial ML Threat Matrix is a first-cut attempt at collating a knowledge base of how ML systems can be attacked. We need your help to make it holistic and fill in the missing gaps!`

Moved contact info and feedback separately 2020-10-13 13:58:15 -07:00			`Corrections and Improvement`

			`- For immediate corrections, please submit a Pull Request with suggested changes! We are excited to make this system better with you!`
			`- For a more hands on feedback session, we are partnering with Defcon's AI Village to open up the framework to all community members to get feedback and make it better. Current thinking is to have this event circa`
			`Jan/Feb 2021.Please register here for the workshop for more hands on feedback session`
Moved the ToC around 2020-10-13 09:10:45 -07:00
			`Join our Adversarial ML Threat Matrix Google Group`

			`- For discussions around Adversarial ML Threat Matrix, we invite everyone to join our Google Group [here](https://groups.google.com/forum/#!forum/advmlthreatmatrix/join)`
			`- If you want to access this forum using your corporate email (as opposed to your gmail)`
			`- Open your browser in Incognito mode.`
			`- Once you sign up with your corporate, and complete captcha, you may`
			`- Get an error, ignore it!`
			`- Also note, emails from Google Forums generally go to "Other"/"Spam"`
			`folder. So, you may want to create a rule to go into your inbox`
			`instead`


Moved contact info and feedback separately 2020-10-13 13:58:15 -07:00			`## Contact Us`
			`For corrections and improvement, see [Feedback](#feedback)`

			`- Our public email group is advmlthreatmatrix@googlegroups.com. This emails all the contributors.`
			`- For private questions/comments, please email: <Ram.Shankar@microsoft.com> and <Mikel@mitre.org>`
Moved the ToC around 2020-10-13 09:10:45 -07:00