Machine Learning Security with Azure

Machine Learning Security with Azure

by Georgia Kalyva
Released December 2023
Publisher(s): Packt Publishing
ISBN: 9781805120483

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Implement industry best practices to identify vulnerabilities and protect your data, models, environment, and applications while learning how to recover from a security breach

Key Features

  • Learn about machine learning attacks and assess your workloads for vulnerabilities
  • Gain insights into securing data, infrastructure, and workloads effectively
  • Discover how to set and maintain a better security posture with the Azure Machine Learning platform
  • Purchase of the print or Kindle book includes a free PDF eBook

Book Description

With AI and machine learning (ML) models gaining popularity and integrating into more and more applications, it is more important than ever to ensure that models perform accurately and are not vulnerable to cyberattacks. However, attacks can target your data or environment as well. This book will help you identify security risks and apply the best practices to protect your assets on multiple levels, from data and models to applications and infrastructure.

This book begins by introducing what some common ML attacks are, how to identify your risks, and the industry standards and responsible AI principles you need to follow to gain an understanding of what you need to protect. Next, you will learn about the best practices to secure your assets. Starting with data protection and governance and then moving on to protect your infrastructure, you will gain insights into managing and securing your Azure ML workspace. This book introduces DevOps practices to automate your tasks securely and explains how to recover from ML attacks. Finally, you will learn how to set a security benchmark for your scenario and best practices to maintain and monitor your security posture.

By the end of this book, you’ll be able to implement best practices to assess and secure your ML assets throughout the Azure Machine Learning life cycle.

What you will learn

  • Explore the Azure Machine Learning project life cycle and services
  • Assess the vulnerability of your ML assets using the Zero Trust model
  • Explore essential controls to ensure data governance and compliance in Azure
  • Understand different methods to secure your data, models, and infrastructure against attacks
  • Find out how to detect and remediate past or ongoing attacks
  • Explore methods to recover from a security breach
  • Monitor and maintain your security posture with the right tools and best practices

Who this book is for

This book is for anyone looking to learn how to assess, secure, and monitor every aspect of AI or machine learning projects running on the Microsoft Azure platform using the latest security and compliance, industry best practices, and standards. This is a must-have resource for machine learning developers and data scientists working on ML projects. IT administrators, DevOps, and security engineers required to secure and monitor Azure workloads will also benefit from this book, as the chapters cover everything from implementation to deployment, AI attack prevention, and recovery.

Table of contents

  1. Machine Learning Security with Azure
  2. Foreword
  3. Contributors
  4. About the authors
  5. About the reviewer
  6. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
    4. Download the example code files
    5. Conventions used
    6. Get in touch
    7. Share Your Thoughts
    8. Download a free PDF copy of this book
  7. Part 1: Planning for Azure Machine Learning Security
  8. Chapter 1: Assessing the Vulnerability of Your Algorithms, Models, and AI Environments
    1. Technical requirements
      1. Azure subscription and resources
    2. Reviewing the Azure Machine Learning life cycle
      1. ML life cycle
      2. Azure Machine Learning
    3. Introducing an ML project
      1. Dataset
      2. Training the model
      3. Deploying the model
      4. Making predictions using the deployed model
    4. Exploring the Zero Trust model
      1. Introducing the Zero Trust principles
      2. Explaining Zero Trust defense areas
    5. Assessing the vulnerability of ML assets and apps
      1. Identity management
      2. Data and data sources
      3. Infrastructure
      4. Network and endpoints
      5. Monitoring and maintenance
      6. AI/ML applications
    6. Summary
    7. Further reading
  9. Chapter 2: Understanding the Most Common Machine Learning Attacks
    1. Introducing the MITRE ATLAS Matrix
      1. Reconnaissance
      2. Resource development
      3. Initial access
      4. ML model access
      5. Execution
      6. Persistence
      7. Defense evasion
      8. Discovery
      9. Collection
      10. ML attack staging
      11. Exfiltration
      12. Impact
    2. Understanding ML and AI attacks
      1. Reconnaissance techniques
      2. Resource development techniques
      3. Initial access techniques
      4. ML model access techniques
      5. Execution techniques
      6. Persistence techniques
      7. Defense evasion techniques
      8. Discovery techniques
      9. Collection techniques
      10. ML attack staging techniques
      11. Exfiltration techniques
      12. Impact techniques
    3. Exploring Azure services involved in ML attacks
      1. Access
      2. Data
      3. Network
      4. Applications
      5. Compute
      6. Azure Machine Learning
    4. Summary
    5. Further reading
  10. Chapter 3: Planning for Regulatory Compliance
    1. Exploring Responsible AI development
      1. Responsible AI principles
      2. Getting started with Responsible AI in your organization
    2. Regulatory compliance in Azure Policy for Azure Machine Learning
      1. Azure Security Benchmark
      2. Federal Risk and Authorization Management Program
      3. New Zealand Information Security Manual (restricted)
      4. NIST SP 800-53 Rev. 5
      5. Reserve Bank of India IT Framework for Banks v2016
    3. Compliance auditing and reporting
      1. Azure portal
      2. Azure Resource Graph Explorer
    4. Compliance automation in Azure
      1. Azure Blueprints
      2. IaC
    5. Summary
  11. Part 2: Securing Your Data
  12. Chapter 4: Data Protection and Governance
    1. Working with data governance in Azure
      1. Identifying challenges
      2. Exploring benefits
      3. Getting started using cloud data best practices
      4. Exploring Azure tools and resources
    2. Storing and retrieving data in Azure Machine Learning
      1. Connecting datastores
      2. Adding data assets
    3. Encrypting and securing data
      1. Encryption at rest
      2. Encryption in transit
    4. Exploring backup and recovery
      1. Reviewing backup options for your datastores
      2. Recovering your workspace
    5. Summary
  13. Chapter 5: Data Privacy and Responsible AI Best Practices
    1. Technical requirements
      1. Working with Python
      2. Running a notebook in Azure Machine Learning
      3. Installing the SmartNoise SDK
      4. Installing Fairlearn
    2. Discovering and protecting sensitive data
      1. Identifying sensitive data
      2. Exploring data anonymization
    3. Introducing differential privacy
    4. Mitigating fairness
      1. Fairlearn
    5. Working with model interpretability
      1. Exploring the Responsible AI dashboard
    6. Exploring FL and secure multi-party computation
      1. FL with Azure Machine Learning
    7. Summary
    8. Further reading
  14. Part 3: Securing and Monitoring Your AI Environment
  15. Chapter 6: Managing and Securing Access
    1. Working with the PoLP
    2. Authenticating with Microsoft Entra ID
    3. Implementing RBAC
      1. Working with built-in roles
      2. Creating a custom role for Azure Machine Learning
    4. Authenticating with application identities
      1. Creating a service principal
      2. Working with managed identities
    5. Enhancing access security
      1. Conditional Access
      2. PIM
      3. Azure Key Vault
    6. Summary
  16. Chapter 7: Managing and Securing Your Azure Machine Learning Workspace
    1. Technical requirements
    2. Exploring network security
      1. Creating a VNet
      2. Securing the workspace
      3. Securing associated resources
      4. Validating connectivity
    3. Working with Azure Machine Learning compute
      1. Securing compute instances
      2. Securing compute clusters
    4. Managing container registries and containers
      1. Securing images with Azure Container Registry
      2. Working with ML endpoints
    5. Summary
  17. Chapter 8: Managing and Securing the MLOps Life Cycle
    1. Technical requirements
    2. Working with MLOps in Azure Machine Learning
    3. Leveraging IaC
      1. Combining IaC with Azure Machine Learning
    4. Implementing CI/CD
      1. Working with Azure DevOps
    5. Exploring event-driven workflows in Azure
      1. Exploring Event Grid
      2. Working with events in Azure Machine Learning
      3. Discovering event handlers in Azure
    6. Summary
  18. Chapter 9: Logging, Monitoring, and Threat Detection
    1. Technical requirements
    2. Enabling logging and configuring data retention for Azure services
      1. Working with Azure Monitor
      2. Enabling diagnostic settings
      3. Working with alerts
      4. Working with Application Insights
      5. Visualizing the data
    3. Securing resources with Microsoft Defender
      1. Improving our security posture
    4. Exploring threat management with Sentinel
    5. Summary
  19. Part 4: Best Practices for Enterprise Security in Azure Machine Learning
  20. Chapter 10: Setting a Security Baseline for Your Azure Machine Learning Workloads
    1. Setting a baseline for Azure Machine Learning
      1. Discovering services for added security
      2. Exploring an example solution architecture
    2. Threat modeling for Azure Machine Learning
      1. Exploring the STRIDE methodology
      2. Getting started with the Microsoft Threat Modeling Tool
    3. Reviewing the shared responsibility model for cloud security
      1. Exploring the cloud provider responsibilities
      2. Reviewing customers’ responsibilities
    4. Summary
  21. Index
    1. Why subscribe?
  22. Other Books You May Enjoy
    1. Packt is searching for authors like you
    2. Share Your Thoughts
    3. Download a free PDF copy of this book

Product information

  • Title: Machine Learning Security with Azure
  • Author(s): Georgia Kalyva
  • Release date: December 2023
  • Publisher(s): Packt Publishing
  • ISBN: 9781805120483