What does Adversarial Machine Learning refer to in the MAESTRO model?

Adversarial Machine Learning deals with how inputs can be intentionally manipulated to cause model errors, and how to defend against such attacks. In the MAESTRO context, it covers both the methods attackers use to fool a model and the strategies defenders employ to detect, withstand, or recover from those manipulations. A classic idea is adversarial examples: small, carefully crafted changes to an input that are often imperceptible to humans but cause a model to misclassify or behave unpredictably. This extends across domains like images, text, and audio, and encompasses threat scenarios from evasion attacks to data poisoning. Defenses include techniques such as adversarial training, robust model architectures, input validation, and anomaly or threat detection to maintain reliability even under intentional manipulation. This focus distinguishes adversarial ML from topics like data storage, training speed, or deployment on edge devices.