search menu icon-carat-right cmu-wordmark

Train, but Verify: Towards Practical AI Robustness

This presentation describes efforts to train AI systems to enforce at least two security policies and verify security by testing against realistic threat models.

Software Engineering Institute



SEI's Dr. Nathan Van Houdnos discusses how to protect machine learning (ML) systems from attacks that make them learn the wrong thing, do the wrong thing, or reveal sensitive information. His presentation on “Train But Verify” at the 2020 SEI Research Review describes his work on training ML systems to act against two of these threats at the same time and verifying them against realistic threat models. A Q&A session with SEI researchers Mr. John Helland and Ms. Tanisha Smith follows this presentation.