Deployed machine learning systems create a new class of computer security vulnerabilities where, rather than attacking the integrity of the software itself, malicious actors exploit the statistical nature of the learning algorithms. For instance, attackers can add fake training data, or strategically manipulate input covariates at test time. Attempts so far to defend against these...