2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health...

45
Digital New Deal Technology Essentials 디지털 뉴딜 기술 핵심 IT 21 Global Conference 2020 Session 5-1 AI를 속이는 보안 공격과 대응 방안 연구 최대선 교수 (숭실대학교) [요약문] AI 기술이 다양한 분야에 적용되어 활용되고 있다. 정보보호 분야에서도 AI 기술을 악성코드 탐지, 침입탐지, 이상거래 탐지 등에 활용하고 있다. 그런데, AI를 대상으로 하는 여러 가지 보안 공격이 존재하며, 데이터에 간단한 변경을 가해서 AI를 속이고 오분류를 유도하는 기만공격이 심각한 문제로 부각되고 있다. 본 발표에서는 AI를 속이는 보안 공격의 다양한 형태와 실제 연구 결과를 소개한다. 얼굴인식기를 속이는 공격, 음성인식을 속이는 공격 등의 실제 원리와 효과를 살펴본 다. 또한, 이에 대한 기술적, 절차적 보안 대책의 현황을 살펴본다. 실제 상기 공격에 대응하는 연구 내용과 결과를 소개한다. [발표자 약력] 2009년 KAIST 전산학과 박사 1999년~2015년 ETRI 정보보호연구본부 인증기술연구실장 2015년~2020년8월 공주대학교 의료정보학과 교수 2020년9월~현재 숭실대학교 소프트웨어학부 교수 2019년~현재 한국정보보호학회 차세대인증연구회장 관심분야 : 정보보호, 사용자 인증, 인공지능 보안, 프라이버시 등

Transcript of 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health...

Page 1: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

Digital New Deal Technology Essentials

디지털 뉴딜 기술 핵심

IT21Global Conference2020

Session 5-1

AI를 속이는 보안 공격과 대응 방안 연구

최대선 교수 (숭실대학교)

[요약문]

AI 기술이 다양한 분야에 적용되어 활용되고 있다. 정보보호 분야에서도 AI 기술을 악성코드 탐지, 침입탐지, 이상거래 탐지 등에 활용하고 있다.

그런데, AI를 대상으로 하는 여러 가지 보안 공격이 존재하며, 데이터에 간단한 변경을 가해서 AI를 속이고 오분류를 유도하는 기만공격이 심각한 문제로 부각되고 있다.

본 발표에서는 AI를 속이는 보안 공격의 다양한 형태와 실제 연구 결과를 소개한다. 얼굴인식기를 속이는 공격, 음성인식을 속이는 공격 등의 실제 원리와 효과를 살펴본

다. 또한, 이에 대한 기술적, 절차적 보안 대책의 현황을 살펴본다. 실제 상기 공격에 대응하는 연구 내용과 결과를 소개한다.

[발표자 약력]

2009년 KAIST 전산학과 박사

1999년~2015년 ETRI 정보보호연구본부 인증기술연구실장

2015년~2020년8월 공주대학교 의료정보학과 교수

2020년9월~현재 숭실대학교 소프트웨어학부 교수

2019년~현재 한국정보보호학회 차세대인증연구회장

관심분야 : 정보보호, 사용자 인증, 인공지능 보안, 프라이버시 등

Page 2: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 926 -

Page 3: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 927 -

Page 4: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 928 -

Page 5: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 929 -

Page 6: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 930 -

Page 7: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 931 -

Page 8: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 932 -

Page 9: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 933 -

Page 10: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 934 -

Page 11: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 935 -

Page 12: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 936 -

Page 13: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 937 -

Page 14: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 938 -

Page 15: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 939 -

Page 16: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 940 -

Page 17: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 941 -

Page 18: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 942 -

Page 19: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 943 -

Page 20: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 944 -

Page 21: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 945 -

Page 22: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 946 -

Page 23: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 947 -

Page 24: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 948 -

Page 25: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 949 -

Page 26: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 950 -

Page 27: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 951 -

Page 28: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 952 -

Page 29: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 953 -

Page 30: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 954 -

Page 31: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 955 -

Page 32: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 956 -

Page 33: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 957 -

Page 34: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 958 -

Page 35: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 959 -

Page 36: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 960 -

Page 37: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 961 -

Page 38: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 962 -

Page 39: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 963 -

Page 40: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 964 -

Page 41: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 965 -

Page 42: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 966 -

Page 43: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 967 -

Page 44: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 968 -

Page 45: 2020 IT21 · 2020. 9. 23. · Systematic Poisoning Attacks„ IEEE Journal Of Bio & Health Informatics) MODEL EXTRACTION ATTACK OHN f 011 Inversion attack, Poisoning attack, Evasion

- 969 -


SECURITY LAB 2 MAN IN THE MIDDLE ATTACK. Objectives To understand ARP Poisoning, and how it forms MITM. To understand DNS poisoning, and how it uses in.

SECURITY LAB 2 MAN IN THE MIDDLE ATTACK. Objectives To understand ARP Poisoning, and how it forms MITM. To understand DNS poisoning, and how it uses in.

Adaptive Deterrence of DNS Cache Poisoning...DNS response to be a sign of active cache poisoning attack; we want to point out that a mismatched response can also occur in a benign

Adaptive Deterrence of DNS Cache Poisoning...DNS response to be a sign of active cache poisoning attack; we want to point out that a mismatched response can also occur in a benign

2020 IT21...Digital New Deal Technology Essentials 싢힎 쁂싪 믾쿮 킺 IT21 Gobal onference 2020 Session 6-5 클라우드 기반 머신러닝 서비스 (Machine learning as a

2020 IT21...Digital New Deal Technology Essentials 싢힎 쁂싪 믾쿮 킺 IT21 Gobal onference 2020 Session 6-5 클라우드 기반 머신러닝 서비스 (Machine learning as a

2020 IT21 - journal-home.s3.ap-northeast-2.amazonaws.com

2020 IT21 - journal-home.s3.ap-northeast-2.amazonaws.com

An analysis of the DNS cache poisoning attackA DNS cache poisoning attack tries to forge the response from an authoritative NS thus forcing a recursive NS to store forged information

An analysis of the DNS cache poisoning attackA DNS cache poisoning attack tries to forge the response from an authoritative NS thus forcing a recursive NS to store forged information

DNS Cache Poisoners Lazy, Stupid, or Evil?dns.measurement-factory.com/writings/poisoning-nanog36.pdf · The Poisoning Attack • An authoritative nameserver is conflgured (intentionally

DNS Cache Poisoners Lazy, Stupid, or Evil?dns.measurement-factory.com/writings/poisoning-nanog36.pdf · The Poisoning Attack • An authoritative nameserver is conflgured (intentionally

Transferable Environment Poisoning: Training-time Attack on … · 2021. 3. 25. · Transferable Environment Poisoning: Training-time Attack on Reinforcement Learning Hang Xu Nanyang

Transferable Environment Poisoning: Training-time Attack on … · 2021. 3. 25. · Transferable Environment Poisoning: Training-time Attack on Reinforcement Learning Hang Xu Nanyang

Attack under Disguise: An Intelligent Data Poisoning Attack …cmiao/papers/ · Attack under Disguise: An Intelligent Data Poisoning Attack Mechanism in Crowdsourcing Chenglin Miao

Attack under Disguise: An Intelligent Data Poisoning Attack …cmiao/papers/ · Attack under Disguise: An Intelligent Data Poisoning Attack Mechanism in Crowdsourcing Chenglin Miao

2020 IT21 · 2020. 9. 23. · %JHJUBMö /FXö %FBMö 5FDIOPMPHZö &TTFOUJBMTö Ââ× ßö ÀBÂêö »þÏîö ãCк IT21 Gobal onference 2020 Session 3-5 6G 네트워크 최적화

2020 IT21 · 2020. 9. 23. · %JHJUBMö /FXö %FBMö 5FDIOPMPHZö &TTFOUJBMTö Ââ× ßö ÀBÂêö »þÏîö ãCк IT21 Gobal onference 2020 Session 3-5 6G 네트워크 최적화

Poisoning in Children. Poisoning in Childhood Definition of Poisoning: Definition of Poisoning: –Exposure to a chemical or other agent that adversely.

Poisoning in Children. Poisoning in Childhood Definition of Poisoning: Definition of Poisoning: –Exposure to a chemical or other agent that adversely.

Security of Patched DNS - BIUu.cs.biu.ac.il › ~herzbea › security › 12-04-derandomisation.pdf · IndexTerms—DNS security, DNS poisoning, Kamisky attack, Network Address Translator,

Security of Patched DNS - BIUu.cs.biu.ac.il › ~herzbea › security › 12-04-derandomisation.pdf · IndexTerms—DNS security, DNS poisoning, Kamisky attack, Network Address Translator,

The Index Poisoning Attack in P2P File Sharing Systems Keith W. Ross Polytechnic University.

The Index Poisoning Attack in P2P File Sharing Systems Keith W. Ross Polytechnic University.

MITM ARP Poison Attack - simms-teach.com · CIS 76 MITM via ARP Poisoning MITM ARP Poison Attack 1 DRAFT Last updated 9/4/2017

MITM ARP Poison Attack - simms-teach.com · CIS 76 MITM via ARP Poisoning MITM ARP Poison Attack 1 DRAFT Last updated 9/4/2017

INFOCOMMUNICATIONS JOURNAL Methodology for DNS Cache ... · attack model of DNS cache poisoning. In section III, we survey the available test tools for DNS cache poisoning analysis

INFOCOMMUNICATIONS JOURNAL Methodology for DNS Cache ... · attack model of DNS cache poisoning. In section III, we survey the available test tools for DNS cache poisoning analysis

2020 IT21 - journal-home.s3.ap-northeast-2.amazonaws.com...%JHJUBMö /FXö %FBMö 5FDIOPMPHZö &TTFOUJBMTö Ââ× ßö ÀBÂêö »þÏîö ãCк IT21 Gobal onference 2020 Session

2020 IT21 - journal-home.s3.ap-northeast-2.amazonaws.com...%JHJUBMö /FXö %FBMö 5FDIOPMPHZö &TTFOUJBMTö Ââ× ßö ÀBÂêö »þÏîö ãCк IT21 Gobal onference 2020 Session

20170430 SWHE Spring Concert Setting - swhe.global-it21.comswhe.global-it21.com/20170430_setting.pdf · Xy 20170430 SWHE Spring Concert Setting SD Gr Vib CSy Tumb Tri T i m p SSy

20170430 SWHE Spring Concert Setting - swhe.global-it21.comswhe.global-it21.com/20170430_setting.pdf · Xy 20170430 SWHE Spring Concert Setting SD Gr Vib CSy Tumb Tri T i m p SSy

DNS Poisoning: Developments, Attacks and Research Directionsgt-logo DNS Poisoning Attack Scenarios Vulnerability Analysis Remedies Traditional DNS Poisoning Kaminsky-Class Poisoning

DNS Poisoning: Developments, Attacks and Research Directionsgt-logo DNS Poisoning Attack Scenarios Vulnerability Analysis Remedies Traditional DNS Poisoning Kaminsky-Class Poisoning

Switch’s CAM Table Poisoning Attack: Hands on Lab ...crpit.com/confpapers/CRPITV123Trabelsi.pdfon Lab Exercises for Network Security Education Zouheir Trabelsi. Faculty of Information

Switch’s CAM Table Poisoning Attack: Hands on Lab ...crpit.com/confpapers/CRPITV123Trabelsi.pdfon Lab Exercises for Network Security Education Zouheir Trabelsi. Faculty of Information

Biometric Backdoors: A Poisoning Attack against ... · 4.2. Challenges The challenges in designing the attack are based on the limited injection capabilities (which bring input uncer-attacker

Biometric Backdoors: A Poisoning Attack against ... · 4.2. Challenges The challenges in designing the attack are based on the limited injection capabilities (which bring input uncer-attacker

Arp Poisoning Attack Mitigation

Arp Poisoning Attack Mitigation