The Many Faces of Adversarial Machine Learning


  • Yevgeniy Vorobeychik Washington University in St. Louis



Adversarial Machine Learning, Strategic Classification, Algorithmic Recourse, Algorithmic Fairness, Explainability


Adversarial machine learning (AML) research is concerned with robustness of machine learning models and algorithms to malicious tampering. Originating at the intersection between machine learning and cybersecurity, AML has come to have broader research appeal, stretching traditional notions of security to include applications of computer vision, natural language processing, and network science. In addition, the problems of strategic classification, algorithmic recourse, and counterfactual explanations have essentially the same core mathematical structure as AML, despite distinct motivations. I give a simplified overview of the central problems in AML, and then discuss both the security-motivated AML domains, and the problems above unrelated to security. These together span a number of important AI subdisciplines, but can all broadly be viewed as concerned with trustworthy AI. My goal is to clarify both the technical connections among these, as well as the substantive differences, suggesting directions for future research.




How to Cite

Vorobeychik, Y. (2023). The Many Faces of Adversarial Machine Learning. Proceedings of the AAAI Conference on Artificial Intelligence, 37(13), 15402-15409.