Each machine learning model deployed into production has a risk of adversarial attack. Quantifying the contributing factors and uncertainties using empirical measures could assist the industry with assessing the risk of downloading and deploying common machine learning model types. The Drake Equation is famously used for parameterizing uncertainties and estimating the number of radio-capable extra-terrestrial civilizations. This work proposes modifying the traditional Drake Equation's formalism to estimate the number of potentially successful adversarial attacks on a deployed model. While previous work has outlined methods for discovering vulnerabilities in public model architectures, the proposed equation seeks to provide a semi-quantitative benchmark for evaluating the potential risk factors of adversarial attacks.

中文翻译：

---

评估机器学习模型的对抗风险的改进Drake方程

部署到生产环境中的每个机器学习模型都有对抗攻击的风险。使用经验方法量化影响因素和不确定性可以帮助行业评估下载和部署常见机器学习模型类型的风险。德雷克方程式著名地用于参数化不确定性和估计具有无线电能力的地球外文明的数量。这项工作建议修改传统的Drake方程式的形式主义，以估计对已部署模型的潜在成功对抗攻击的次数。尽管先前的工作概述了发现公共模型体系结构中的漏洞的方法，但建议的方程式旨在提供一种半定量基准，用于评估对抗性攻击的潜在风险因素。