In their latest publication, NIST researchers and their partners highlight these AI and machine learning vulnerabilities.
AI integration and the challenges of data reliability.
AI systems are now integrated into various aspects of modern life, serving roles from driving vehicles to being online chatbots for customer interaction and even aiding doctors in diagnosing diseases.
These systems are trained using extensive data sets.
An autonomous vehicle is trained with images of roads and traffic signs.
This data is crucial for the AI to respond appropriately in different scenarios.
A significant concern is the reliability of this data.
Often sourced from websites and public interactions, the data is vulnerable to manipulation by malicious actors.
This risk exists during the AI system's training phase and later as the AI adapts its behavior through real-world interactions.
Such tampering can lead to undesirable AI performance.
Partly due to the immense size of datasets used in AI training, which are too vast for effective human monitoring and filtering, there currently isn't a fail-safe method to shield AI from being misled.
To support developers, the new report provides a comprehensive guide on potential attacks that AI products may face and suggests strategies to mitigate their impact.
The report examines the four primary categories of attacks: evasion, poisoning, privacy, and abuse.
It categorizes these attacks based on various factors, including the attacker's intentions and goals, their capabilities, and their level of knowledge.
Evasion attacks happen post-deployment of an AI system and involve modifying an input to alter the system's response.
Poisoning attacks take place during the training phase through the introduction of corrupted data.
Privacy attacks happen at the deployment stage and aim to extract confidential information about the AI or its training data for malicious purposes.
An attacker might pose numerous questions to a chatbot, then analyze the responses to deduce the model's vulnerabilities or infer its data sources.
Introducing harmful examples into these sources could lead to inappropriate behavior by the AI. Moreover, it can be challenging to make the AI disregard these specific harmful examples afterwards.
Abuse attacks entail embedding false information into a source, like a website, which is then assimilated by an AI. Differing from the previously mentioned poisoning attacks, abuse attacks focus on feeding the AI erroneous data from a genuine, yet tampered source, with the aim of redirecting the AI system's original purpose.
This Cyber News was published on www.helpnetsecurity.com. Publication date: Tue, 09 Jan 2024 04:43:06 +0000