SlideShare ist ein Scribd-Unternehmen logo

Digital Forensics for Artificial Intelligence (AI ) Systems.pdf

Mahdi_Fahmideh
Mahdi_Fahmideh

Digital Forensics for Artificial Intelligence (AI ) Systems: AI systems make decisions impacting our daily life Their actions might cause accidents, harm or, more generally, violate regulations either intentionally or not and consequently might be considered suspects for various events. In this lecture we explore how digital forensics can be performed for AI based systems.

Technologie
1 von 18
Downloaden Sie, um offline zu lesen
Digital Forensics for Artificial Intelligence (AI) Systems Module 10 1 CIS8708-Digital Forensics (Guide to Computer Forensics and Investigations) Dr. Mahdi Fahmideh School of Business University of Southern Queensland (UniSQ) Semester 1 - 2023
AI systems make decisions impacting our daily life. Their actions might cause accidents, harm or, more generally, violate regulations – either intentionally or not – and consequently might be considered suspects for various events. Malicious by design (Malicious developers) ! ◦ Performing a malicious act and the AI system is simply a means to this end. That is, an AI might be used as any other tool, e.g., a crowbar for burglary, to conduct a criminal act. ◦ Data injection using sophisticated adversarial examples Examples: ◦ Did the drone drop the object on purpose? ◦ Did the chat bot contact a person, attempting to lure her into a scam? ◦ Did the autonomous car cause the accident due to risky driving? 2
Options to tamper with an AI depend on the system’s capabilities and design ◦ Train a model to conduct a malicious act ◦ Use AI system as is, but specify malicious objectives ◦ Altering system internals ◦ Leave model as is but manipulate through adversarial inputs ◦ What else??? Generating cyber crims 3
Today, AI systems are ultimately controlled by humans, but they are already capable of conducting tasks autonomously with learning capabilities which makes them superior to traditional computer programs. ◦ Thus, AI systems provide novel opportunities for attackers! AI systems might be modified to be malicious where the only security boundary is the acquisition of the AI, which is in contrast to classical attacks targeting typically protected systems during their operation. What are other examples of attacker actions and tampering drone? Malicious by design 4
Digital evidence in AI forensic What are other important digital evidence in AI forensic to be used during crim investigation? 5
In the near future, we can imagine foods and groceries being drone-dropped not just to the time-crunched dual- income couple with children, but also to the doorstep of an older adult who is no longer comfortable or capable of driving to the local market. ◦ List examples of cyber forensic crims that may threat elderly using this technology ◦ In example that you listed, what are key digital evidence for the forensic investigation? ◦ What is your countermeasure to tackle these threats in advance? Real world example 1: Delivering Meals to the Elderly With Drones 6
Cargo drones can soon move goods across the globe. ◦ List examples of cyber forensic crims that may threat sender and receivers using cargo drones technology. ◦ In example that you listed, what are key digital evidence for the forensic investigation? ◦ Discuss (Recall Module 4) ◦ The data acquisition methods, e.g., Bit-stream disk-to-image file, Bit-stream disk-to-disk, etc. ◦ Types of acquisitions static acquisitions and live acquisitions Real world example 2: Cargo drones 7
Strategies for Investigation Strategies can focus on each of AI components that determine behaviour: model, model objective and data ◦ Data focused: Since training data determines model behaviour and operational data reflects model behaviour, data on its own might be sufficient to determine malicious intent ◦ Model focused: Model analysis might use abstract reasoning based on model definitions. Models might also be analysed through empirical investigation, i.e. input-responses ◦ Investigate the input-output relationship of a model: The model can be treated as a black-box. The analysis relies on investigating model behaviour based on its decisions ◦ Investigate the reaction of model internals to inputs: This strategy requires more access to allow for white or grey-box testing. It includes analysing the AI system components. For instance, a deep learning network consists of layers and each layer has neurons that perform simple computations 8
Strategies for Investigation (continue) Example: Data mining of bank statement may help to provide some insights into criminal activities A strange change in expenditure behaviour (cost) in certain days or dates, etc Superficial bank statement (with kind permission from Commonwealth Bank) 9
Reviewing a Case (Recall from Module 3) General tasks you perform in any computer forensics case: ◦ Identify the case requirements ◦ Plan your investigation ◦ Conduct the investigation ◦ Complete the case report ◦ Critique the case Strategies for Investigation (continue) 10
Strategies for Investigation (continue) ◦ Investigative Questions ◦ what is the likelihood of a given suspected AI performing these decisions compared to those of other models? ◦ is the suspected AI reacting to objects related to the incident more strongly than other models? ◦ is the suspected AI behaving normally? ◦ Access to System Internals ◦ black-box model ◦ white-box model ◦ grey-box model ◦ Access to training and test data ◦ Attacker Model ◦ The attacker wants to trigger an action A, e.g. dropping of the parcel given a person’s face ◦ Challenges of Data-driven Investigation ◦ Analyzing input output behavior which comes with specific difficulties ◦ Check if all input samples produce the correct output. If not, the system is suspicious. In practice, the situation is more difficult. There might be too many inputs to test and not all of them are typically available! ◦ Technical Setup ◦ Training data 11
An example of Deep Learning Cyber Framework (DLCF) 12
◦ Initialization Process ◦ the initialization process deals with the procedures of initiating an investigation whenever an incident is detected. This is mostly a post-event response mechanism and includes first response after incident detection, planning and preparing a digital investigation process. ◦ PDE (Potential Digital Evidence) Data Sources Identification ◦ different types of PDE that can be captured ◦ identify reliable sources and/or the origin of each of the different types of PDE at hand before the analysis process begins ◦ Deep learning enabled cyber forensic investigation engine ◦ this layer is meant to handle the investigative process. The phases integrated in this layer include: evidence acquisition, evidence preservation, evidence analysis and finally evidence interpretation ◦ Forensic Reporting and Presentation ◦ once the investigative process is complete, a forensic report needs to be provided ◦ this report is what is then presented to the different stakeholders ◦ draw a conclusion from observed values and determine to what category new observations belong ◦ Report ◦ a detailed analysis of all the PDE captured ◦ proof and justification of all sources of each captured item of the evidence ◦ a detailed descriptions of each captured item of evidence and how it was preserved ◦ links and relationships that exist between sources and evidence captured ◦ detailed descriptions of the intentions of the attacker to the targeted victims ◦ explanations on the effects of the attack to the targeted victims ◦ and any other relevant information to the investigation at hand An example of Deep Learning Cyber Framework (Continue) 13
◦ Decision making and case closure ◦ the last layer handles decision making and case closure ◦ the jury and the law enforcement agencies in most cases are human beings hence the inability to fully automate this phase An example of Deep Learning Cyber Framework (Continue) 14
Responsible AI. When it comes to AI and Ethics/Law, there are two interrelated aspects of the topic. One is on how to design, develop, and validate AI technologies and systems responsibly (i.e., Responsible AI) so that we can adequately assure ethical and legal concerns, especially pertaining to human values. The use of AI itself as a means to achieve the Responsible AI ends! The inherent and technical trustworthiness of an AI system can be directly reflected in technologies/products via code, algorithms, data or system design or indirectly reflected via the software development processes). Ethical principles in designing Responsible AI 15
Australia’s ethical AI principles contain eight key principles (CSIRO Data61 team proposal) P1: Human, social and environmental wellbeing: Throughout their lifecycle, AI systems should benefit individuals, society and the environment. P2: Human-centred values: Throughout their lifecycle, AI systems should respect human rights, diversity, and the autonomy of individuals. P3: Fairness: Throughout their lifecycle, AI systems should be inclusive and accessible, and should not involve or result in unfair discrimination against individuals, communities or groups. P4: Privacy protection and security: Throughout their lifecycle, AI systems should respect and uphold privacy rights and data protection, and ensure the security of data. P5: Reliability and safety: Throughout their lifecycle, AI systems should reliably operate in accordance with their intended purpose. P6: Transparency and explainability: There should be transparency and responsible disclosure to ensure people know when they are being significantly impacted by an AI system, and can find out when an AI system is engaging with them. P7: Contestability: When an AI system significantly impacts a person, community, group or environment, there should be a timely process to allow people to challenge the use or output of the AI system. 16
Twitter allows businesses to engage personally with consumers. However, there’s so much data on Twitter that it can be hard for brands to prioritize which tweets or mentions to respond to first. That's why sentiment analysis has become a key instrument in social media marketing strategies. Sentiment analysis is a tool that automatically monitors emotions in conversations on social media platforms and can aid twitter users or policy makers in decision making, e.g., newspaper, disaster management, gossip, fake news A poor sentiment analysis application design may cause some forensics threats for example: (i) false information or misleading its users (ii) polarization, e.g., dividing communities and hindering constructive dialogue (iii) malicious users exploit the outputs of a sentiment analysis to identify and target specific individuals for online harassment or bullying (iv) And other examples.. What are the examples of AI principles that should be supported by a Twitter Sentiment Analysis application to avoid forensic threats? AI principle Example P1: Human, social, and environmental wellbeing Provide a safe and respectful environment for users and take action against accounts or content that violate community guidelines or terms of service such as online harassment and hate speech P3: Fairness Ensure that the sentiment analysis application does not favour or discriminate against specific individuals, groups, or opinions P4: Privacy protection and security Anonymize or aggregate data to prevent the identification of individuals P5: Reliability and safety Collect comments that are from valid users, e.g., not fake, comment/post pre-processing P6: Transparency and explainability Help users understand how their comments/posts is being analysed and reduces the potential for misunderstandings or mistrust Case study: Application of AI principles in developing Twitter Sentiment Analysis applications 17
For more information: - Schneider, Johannes, and Frank Breitinger, “AI Forensics: Did the artificial intelligence system do it? why?” (2020). - Karie, Nickson M., Victor R. Kebande, and H. S. Venter, “Diverging deep learning cognitive computing techniques into cyber forensics”, Forensic Science International: Synergy 1 (2019): 61-67. - Zhu, Liming, et al., “AI and Ethics—Operationalizing Responsible AI” Humanity Driven AI. Springer, Cham, 2022. 15-33. - Sarker, Iqbal H. "Machine learning: Algorithms, real-world applications and research directions." SN Computer Science 2.3 (2021): 1-21. 18

Empfohlen

Internet of Things Forensics
Internet of Things ForensicsInternet of Things Forensics
Internet of Things Forensics
Aakashjit Bhattacharya
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
Mithileysh Sathiyanarayanan
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensic
Online
 
Privacy and security in IoT
Privacy and security in IoTPrivacy and security in IoT
Privacy and security in IoT
Vasco Veloso
 
Digital Forensic
Digital ForensicDigital Forensic
Digital Forensic
Cleverence Kombe
 
Security Challenges in Emerging Technologies
Security Challenges in Emerging TechnologiesSecurity Challenges in Emerging Technologies
Security Challenges in Emerging Technologies
Smart Assessment
 
Sued or Suing: Introduction to Digital Forensics
Sued or Suing: Introduction to Digital ForensicsSued or Suing: Introduction to Digital Forensics
Sued or Suing: Introduction to Digital Forensics
Anyck Turgeon, CFE/GRCP/CEFI/CCIP/C|CISO/CBA
 
Network forensic
Network forensicNetwork forensic
Network forensic
Manjushree Mashal
 

Empfohlen

Internet of Things Forensics
Internet of Things ForensicsInternet of Things Forensics
Internet of Things Forensics
Aakashjit Bhattacharya
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
Mithileysh Sathiyanarayanan
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensic
Online
 
Privacy and security in IoT
Privacy and security in IoTPrivacy and security in IoT
Privacy and security in IoT
Vasco Veloso
 
Digital Forensic
Digital ForensicDigital Forensic
Digital Forensic
Cleverence Kombe
 
Security Challenges in Emerging Technologies
Security Challenges in Emerging TechnologiesSecurity Challenges in Emerging Technologies
Security Challenges in Emerging Technologies
Smart Assessment
 
Sued or Suing: Introduction to Digital Forensics
Sued or Suing: Introduction to Digital ForensicsSued or Suing: Introduction to Digital Forensics
Sued or Suing: Introduction to Digital Forensics
Anyck Turgeon, CFE/GRCP/CEFI/CCIP/C|CISO/CBA
 
Network forensic
Network forensicNetwork forensic
Network forensic
Manjushree Mashal
 
IOT Forensic Challenges
IOT Forensic ChallengesIOT Forensic Challenges
IOT Forensic Challenges
AnukaJinadasa
 
Computer forensics and Investigation
Computer forensics and InvestigationComputer forensics and Investigation
Computer forensics and Investigation
Neha Raju k
 
Iot forensics
Iot forensicsIot forensics
Iot forensics
Abeis Ab
 
Digital investigation
Digital investigationDigital investigation
Digital investigation
unnilala11
 
pda forensics
pda forensicspda forensics
pda forensics
saddamhusain hadimani
 
social engineering
social engineering social engineering
social engineering
Ravi Patel
 
Big data analysis and Internet of Things(IoT)
Big data analysis and Internet of Things(IoT)Big data analysis and Internet of Things(IoT)
Big data analysis and Internet of Things(IoT)
Monica Kambala
 
Cyber Forensics
Cyber Forensics Cyber Forensics
Cyber Forensics
Deepak Kumar (D3)
 
IOT Forensics
IOT ForensicsIOT Forensics
IOT Forensics
MuhammadAwaisQureshi6
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentation
Somya Johri
 
Digital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeDigital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research Challenge
Aung Thu Rha Hein
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
Shreya Singireddy
 
Digital forensics
Digital forensics Digital forensics
Digital forensics
vishnuv43
 
Fundamentals of IoT Security
Fundamentals of IoT SecurityFundamentals of IoT Security
Fundamentals of IoT Security
SHAAMILIVARSAGV
 
Security in IoT
Security in IoTSecurity in IoT
Security in IoT
gr9293
 
The future of IoT paper
The future of IoT paperThe future of IoT paper
The future of IoT paper
Jayanth Vinay
 
Security and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of ThingsSecurity and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of Things
Somasundaram Jambunathan
 
A brief Intro to Digital Forensics
A brief Intro to Digital ForensicsA brief Intro to Digital Forensics
A brief Intro to Digital Forensics
Manik Bhola
 
Iot Security
Iot SecurityIot Security
Iot Security
MAITREYA MISRA
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025
Radar Cyber Security
 
Computer ForensicsDiscussion 1Forensics Certifications Ple.docx
Computer ForensicsDiscussion 1Forensics Certifications Ple.docxComputer ForensicsDiscussion 1Forensics Certifications Ple.docx
Computer ForensicsDiscussion 1Forensics Certifications Ple.docx
donnajames55
 
“Responsible AI: Tools and Frameworks for Developing AI Solutions,” a Present...
“Responsible AI: Tools and Frameworks for Developing AI Solutions,” a Present...“Responsible AI: Tools and Frameworks for Developing AI Solutions,” a Present...
“Responsible AI: Tools and Frameworks for Developing AI Solutions,” a Present...
Edge AI and Vision Alliance
 

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

IOT Forensic Challenges
IOT Forensic ChallengesIOT Forensic Challenges
IOT Forensic Challenges
 
Computer forensics and Investigation
Computer forensics and InvestigationComputer forensics and Investigation
Computer forensics and Investigation
 
Iot forensics
Iot forensicsIot forensics
Iot forensics
 
Digital investigation
Digital investigationDigital investigation
Digital investigation
 
pda forensics
pda forensicspda forensics
pda forensics
 
social engineering
social engineering social engineering
social engineering
 
Big data analysis and Internet of Things(IoT)
Big data analysis and Internet of Things(IoT)Big data analysis and Internet of Things(IoT)
Big data analysis and Internet of Things(IoT)
 
Cyber Forensics
Cyber Forensics Cyber Forensics
Cyber Forensics
 
IOT Forensics
IOT ForensicsIOT Forensics
IOT Forensics
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentation
 
Digital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeDigital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research Challenge
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
Digital forensics
Digital forensics Digital forensics
Digital forensics
 
Fundamentals of IoT Security
Fundamentals of IoT SecurityFundamentals of IoT Security
Fundamentals of IoT Security
 
Security in IoT
Security in IoTSecurity in IoT
Security in IoT
 
The future of IoT paper
The future of IoT paperThe future of IoT paper
The future of IoT paper
 
Security and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of ThingsSecurity and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of Things
 
A brief Intro to Digital Forensics
A brief Intro to Digital ForensicsA brief Intro to Digital Forensics
A brief Intro to Digital Forensics
 
Iot Security
Iot SecurityIot Security
Iot Security
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025
 

Ähnlich wie Digital Forensics for Artificial Intelligence (AI ) Systems.pdf

Computer ForensicsDiscussion 1Forensics Certifications Ple.docx
Computer ForensicsDiscussion 1Forensics Certifications Ple.docxComputer ForensicsDiscussion 1Forensics Certifications Ple.docx
Computer ForensicsDiscussion 1Forensics Certifications Ple.docx
donnajames55
 
“Responsible AI: Tools and Frameworks for Developing AI Solutions,” a Present...
“Responsible AI: Tools and Frameworks for Developing AI Solutions,” a Present...“Responsible AI: Tools and Frameworks for Developing AI Solutions,” a Present...
“Responsible AI: Tools and Frameworks for Developing AI Solutions,” a Present...
Edge AI and Vision Alliance
 
BASICS OF ETHICAL HACKING
BASICS OF ETHICAL HACKINGBASICS OF ETHICAL HACKING
BASICS OF ETHICAL HACKING
Drm Kapoor
 
Securing And Protecting Information
Securing And Protecting InformationSecuring And Protecting Information
Securing And Protecting Information
Laura Martin
 

Ähnlich wie Digital Forensics for Artificial Intelligence (AI ) Systems.pdf (20)

Computer ForensicsDiscussion 1Forensics Certifications Ple.docx
Computer ForensicsDiscussion 1Forensics Certifications Ple.docxComputer ForensicsDiscussion 1Forensics Certifications Ple.docx
Computer ForensicsDiscussion 1Forensics Certifications Ple.docx
 
“Responsible AI: Tools and Frameworks for Developing AI Solutions,” a Present...
“Responsible AI: Tools and Frameworks for Developing AI Solutions,” a Present...“Responsible AI: Tools and Frameworks for Developing AI Solutions,” a Present...
“Responsible AI: Tools and Frameworks for Developing AI Solutions,” a Present...
 
Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016Aujas incident management webinar deck 08162016
Aujas incident management webinar deck 08162016
 
Ashar Shaikh A-84 SEMINAR.pptx
Ashar Shaikh A-84 SEMINAR.pptxAshar Shaikh A-84 SEMINAR.pptx
Ashar Shaikh A-84 SEMINAR.pptx
 
BASICS OF ETHICAL HACKING
BASICS OF ETHICAL HACKINGBASICS OF ETHICAL HACKING
BASICS OF ETHICAL HACKING
 
Managing Frequently Overlooked Risks & Threats (FORTS) in Corporations
Managing Frequently Overlooked Risks & Threats (FORTS) in CorporationsManaging Frequently Overlooked Risks & Threats (FORTS) in Corporations
Managing Frequently Overlooked Risks & Threats (FORTS) in Corporations
 
Malware analysis
Malware analysisMalware analysis
Malware analysis
 
Securing And Protecting Information
Securing And Protecting InformationSecuring And Protecting Information
Securing And Protecting Information
 
Computer forensic
Computer forensicComputer forensic
Computer forensic
 
Putting data science into perspective
Putting data science into perspectivePutting data science into perspective
Putting data science into perspective
 
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal CounselBug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
 
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal CounselBug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
 
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
 
4.content (computer forensic)
4.content (computer forensic)4.content (computer forensic)
4.content (computer forensic)
 
Intrusion Detection System using Data Mining
Intrusion Detection System using Data MiningIntrusion Detection System using Data Mining
Intrusion Detection System using Data Mining
 
First line of defense for cybersecurity : AI
First line of defense for cybersecurity : AIFirst line of defense for cybersecurity : AI
First line of defense for cybersecurity : AI
 
IRJET- Ethical Hacking
IRJET- Ethical HackingIRJET- Ethical Hacking
IRJET- Ethical Hacking
 
Adversarial Attacks and Defense
Adversarial Attacks and DefenseAdversarial Attacks and Defense
Adversarial Attacks and Defense
 
Threat intelligence minority report
Threat intelligence minority reportThreat intelligence minority report
Threat intelligence minority report
 
The Legal Case for Cybersecurity - SecureWorld Denver 2017 (Lunch Keynote)
The Legal Case for Cybersecurity - SecureWorld Denver 2017 (Lunch Keynote)The Legal Case for Cybersecurity - SecureWorld Denver 2017 (Lunch Keynote)
The Legal Case for Cybersecurity - SecureWorld Denver 2017 (Lunch Keynote)
 

Mehr von Mahdi_Fahmideh

Role of ontologies in beach safety management analytics systems
Role of ontologies in beach safety management analytics systemsRole of ontologies in beach safety management analytics systems
Role of ontologies in beach safety management analytics systems
Mahdi_Fahmideh
 
The 27th Australasian Conference on Information Systems
The 27th Australasian Conference on Information SystemsThe 27th Australasian Conference on Information Systems
The 27th Australasian Conference on Information Systems
Mahdi_Fahmideh
 
A Model-Driven Approach to Support Cloud Migration Process- A Language Infras...
A Model-Driven Approach to Support Cloud Migration Process- A Language Infras...A Model-Driven Approach to Support Cloud Migration Process- A Language Infras...
A Model-Driven Approach to Support Cloud Migration Process- A Language Infras...
Mahdi_Fahmideh
 

Mehr von Mahdi_Fahmideh (13)

Adoption Blockchain Smart Contracts in Developing Information Systems.pdf
Adoption Blockchain Smart Contracts in Developing Information Systems.pdfAdoption Blockchain Smart Contracts in Developing Information Systems.pdf
Adoption Blockchain Smart Contracts in Developing Information Systems.pdf
 
University of Borås-full talk-2023-12-09.pptx
University of Borås-full talk-2023-12-09.pptxUniversity of Borås-full talk-2023-12-09.pptx
University of Borås-full talk-2023-12-09.pptx
 
IoT system development.pdf
IoT system development.pdfIoT system development.pdf
IoT system development.pdf
 
Application of Blockchain Technologies in Digital Forensics
Application of Blockchain Technologies in Digital ForensicsApplication of Blockchain Technologies in Digital Forensics
Application of Blockchain Technologies in Digital Forensics
 
Mahdi octal nomination.pdf
Mahdi octal nomination.pdfMahdi octal nomination.pdf
Mahdi octal nomination.pdf
 
Certificate for Contributions as a Reviewer for the Journal of Software and S...
Certificate for Contributions as a Reviewer for the Journal of Software and S...Certificate for Contributions as a Reviewer for the Journal of Software and S...
Certificate for Contributions as a Reviewer for the Journal of Software and S...
 
best paper award.pdf
best paper award.pdfbest paper award.pdf
best paper award.pdf
 
The 1st workshop on engineering processes and practices for quantum software ...
The 1st workshop on engineering processes and practices for quantum software ...The 1st workshop on engineering processes and practices for quantum software ...
The 1st workshop on engineering processes and practices for quantum software ...
 
ACIS2022 Reviewer Certification.pdf
ACIS2022 Reviewer Certification.pdfACIS2022 Reviewer Certification.pdf
ACIS2022 Reviewer Certification.pdf
 
Role of ontologies in beach safety management analytics systems
Role of ontologies in beach safety management analytics systemsRole of ontologies in beach safety management analytics systems
Role of ontologies in beach safety management analytics systems
 
Presentation 2019 08-30
Presentation 2019 08-30Presentation 2019 08-30
Presentation 2019 08-30
 
The 27th Australasian Conference on Information Systems
The 27th Australasian Conference on Information SystemsThe 27th Australasian Conference on Information Systems
The 27th Australasian Conference on Information Systems
 
A Model-Driven Approach to Support Cloud Migration Process- A Language Infras...
A Model-Driven Approach to Support Cloud Migration Process- A Language Infras...A Model-Driven Approach to Support Cloud Migration Process- A Language Infras...
A Model-Driven Approach to Support Cloud Migration Process- A Language Infras...
 

Kürzlich hochgeladen

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 

Kürzlich hochgeladen (20)

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 

Digital Forensics for Artificial Intelligence (AI ) Systems.pdf

  • 1. Digital Forensics for Artificial Intelligence (AI) Systems Module 10 1 CIS8708-Digital Forensics (Guide to Computer Forensics and Investigations) Dr. Mahdi Fahmideh School of Business University of Southern Queensland (UniSQ) Semester 1 - 2023
  • 2. AI systems make decisions impacting our daily life. Their actions might cause accidents, harm or, more generally, violate regulations – either intentionally or not – and consequently might be considered suspects for various events. Malicious by design (Malicious developers) ! ◦ Performing a malicious act and the AI system is simply a means to this end. That is, an AI might be used as any other tool, e.g., a crowbar for burglary, to conduct a criminal act. ◦ Data injection using sophisticated adversarial examples Examples: ◦ Did the drone drop the object on purpose? ◦ Did the chat bot contact a person, attempting to lure her into a scam? ◦ Did the autonomous car cause the accident due to risky driving? 2
  • 3. Options to tamper with an AI depend on the system’s capabilities and design ◦ Train a model to conduct a malicious act ◦ Use AI system as is, but specify malicious objectives ◦ Altering system internals ◦ Leave model as is but manipulate through adversarial inputs ◦ What else??? Generating cyber crims 3
  • 4. Today, AI systems are ultimately controlled by humans, but they are already capable of conducting tasks autonomously with learning capabilities which makes them superior to traditional computer programs. ◦ Thus, AI systems provide novel opportunities for attackers! AI systems might be modified to be malicious where the only security boundary is the acquisition of the AI, which is in contrast to classical attacks targeting typically protected systems during their operation. What are other examples of attacker actions and tampering drone? Malicious by design 4
  • 5. Digital evidence in AI forensic What are other important digital evidence in AI forensic to be used during crim investigation? 5
  • 6. In the near future, we can imagine foods and groceries being drone-dropped not just to the time-crunched dual- income couple with children, but also to the doorstep of an older adult who is no longer comfortable or capable of driving to the local market. ◦ List examples of cyber forensic crims that may threat elderly using this technology ◦ In example that you listed, what are key digital evidence for the forensic investigation? ◦ What is your countermeasure to tackle these threats in advance? Real world example 1: Delivering Meals to the Elderly With Drones 6
  • 7. Cargo drones can soon move goods across the globe. ◦ List examples of cyber forensic crims that may threat sender and receivers using cargo drones technology. ◦ In example that you listed, what are key digital evidence for the forensic investigation? ◦ Discuss (Recall Module 4) ◦ The data acquisition methods, e.g., Bit-stream disk-to-image file, Bit-stream disk-to-disk, etc. ◦ Types of acquisitions static acquisitions and live acquisitions Real world example 2: Cargo drones 7
  • 8. Strategies for Investigation Strategies can focus on each of AI components that determine behaviour: model, model objective and data ◦ Data focused: Since training data determines model behaviour and operational data reflects model behaviour, data on its own might be sufficient to determine malicious intent ◦ Model focused: Model analysis might use abstract reasoning based on model definitions. Models might also be analysed through empirical investigation, i.e. input-responses ◦ Investigate the input-output relationship of a model: The model can be treated as a black-box. The analysis relies on investigating model behaviour based on its decisions ◦ Investigate the reaction of model internals to inputs: This strategy requires more access to allow for white or grey-box testing. It includes analysing the AI system components. For instance, a deep learning network consists of layers and each layer has neurons that perform simple computations 8
  • 9. Strategies for Investigation (continue) Example: Data mining of bank statement may help to provide some insights into criminal activities A strange change in expenditure behaviour (cost) in certain days or dates, etc Superficial bank statement (with kind permission from Commonwealth Bank) 9
  • 10. Reviewing a Case (Recall from Module 3) General tasks you perform in any computer forensics case: ◦ Identify the case requirements ◦ Plan your investigation ◦ Conduct the investigation ◦ Complete the case report ◦ Critique the case Strategies for Investigation (continue) 10
  • 11. Strategies for Investigation (continue) ◦ Investigative Questions ◦ what is the likelihood of a given suspected AI performing these decisions compared to those of other models? ◦ is the suspected AI reacting to objects related to the incident more strongly than other models? ◦ is the suspected AI behaving normally? ◦ Access to System Internals ◦ black-box model ◦ white-box model ◦ grey-box model ◦ Access to training and test data ◦ Attacker Model ◦ The attacker wants to trigger an action A, e.g. dropping of the parcel given a person’s face ◦ Challenges of Data-driven Investigation ◦ Analyzing input output behavior which comes with specific difficulties ◦ Check if all input samples produce the correct output. If not, the system is suspicious. In practice, the situation is more difficult. There might be too many inputs to test and not all of them are typically available! ◦ Technical Setup ◦ Training data 11
  • 12. An example of Deep Learning Cyber Framework (DLCF) 12
  • 13. ◦ Initialization Process ◦ the initialization process deals with the procedures of initiating an investigation whenever an incident is detected. This is mostly a post-event response mechanism and includes first response after incident detection, planning and preparing a digital investigation process. ◦ PDE (Potential Digital Evidence) Data Sources Identification ◦ different types of PDE that can be captured ◦ identify reliable sources and/or the origin of each of the different types of PDE at hand before the analysis process begins ◦ Deep learning enabled cyber forensic investigation engine ◦ this layer is meant to handle the investigative process. The phases integrated in this layer include: evidence acquisition, evidence preservation, evidence analysis and finally evidence interpretation ◦ Forensic Reporting and Presentation ◦ once the investigative process is complete, a forensic report needs to be provided ◦ this report is what is then presented to the different stakeholders ◦ draw a conclusion from observed values and determine to what category new observations belong ◦ Report ◦ a detailed analysis of all the PDE captured ◦ proof and justification of all sources of each captured item of the evidence ◦ a detailed descriptions of each captured item of evidence and how it was preserved ◦ links and relationships that exist between sources and evidence captured ◦ detailed descriptions of the intentions of the attacker to the targeted victims ◦ explanations on the effects of the attack to the targeted victims ◦ and any other relevant information to the investigation at hand An example of Deep Learning Cyber Framework (Continue) 13
  • 14. ◦ Decision making and case closure ◦ the last layer handles decision making and case closure ◦ the jury and the law enforcement agencies in most cases are human beings hence the inability to fully automate this phase An example of Deep Learning Cyber Framework (Continue) 14
  • 15. Responsible AI. When it comes to AI and Ethics/Law, there are two interrelated aspects of the topic. One is on how to design, develop, and validate AI technologies and systems responsibly (i.e., Responsible AI) so that we can adequately assure ethical and legal concerns, especially pertaining to human values. The use of AI itself as a means to achieve the Responsible AI ends! The inherent and technical trustworthiness of an AI system can be directly reflected in technologies/products via code, algorithms, data or system design or indirectly reflected via the software development processes). Ethical principles in designing Responsible AI 15
  • 16. Australia’s ethical AI principles contain eight key principles (CSIRO Data61 team proposal) P1: Human, social and environmental wellbeing: Throughout their lifecycle, AI systems should benefit individuals, society and the environment. P2: Human-centred values: Throughout their lifecycle, AI systems should respect human rights, diversity, and the autonomy of individuals. P3: Fairness: Throughout their lifecycle, AI systems should be inclusive and accessible, and should not involve or result in unfair discrimination against individuals, communities or groups. P4: Privacy protection and security: Throughout their lifecycle, AI systems should respect and uphold privacy rights and data protection, and ensure the security of data. P5: Reliability and safety: Throughout their lifecycle, AI systems should reliably operate in accordance with their intended purpose. P6: Transparency and explainability: There should be transparency and responsible disclosure to ensure people know when they are being significantly impacted by an AI system, and can find out when an AI system is engaging with them. P7: Contestability: When an AI system significantly impacts a person, community, group or environment, there should be a timely process to allow people to challenge the use or output of the AI system. 16
  • 17. Twitter allows businesses to engage personally with consumers. However, there’s so much data on Twitter that it can be hard for brands to prioritize which tweets or mentions to respond to first. That's why sentiment analysis has become a key instrument in social media marketing strategies. Sentiment analysis is a tool that automatically monitors emotions in conversations on social media platforms and can aid twitter users or policy makers in decision making, e.g., newspaper, disaster management, gossip, fake news A poor sentiment analysis application design may cause some forensics threats for example: (i) false information or misleading its users (ii) polarization, e.g., dividing communities and hindering constructive dialogue (iii) malicious users exploit the outputs of a sentiment analysis to identify and target specific individuals for online harassment or bullying (iv) And other examples.. What are the examples of AI principles that should be supported by a Twitter Sentiment Analysis application to avoid forensic threats? AI principle Example P1: Human, social, and environmental wellbeing Provide a safe and respectful environment for users and take action against accounts or content that violate community guidelines or terms of service such as online harassment and hate speech P3: Fairness Ensure that the sentiment analysis application does not favour or discriminate against specific individuals, groups, or opinions P4: Privacy protection and security Anonymize or aggregate data to prevent the identification of individuals P5: Reliability and safety Collect comments that are from valid users, e.g., not fake, comment/post pre-processing P6: Transparency and explainability Help users understand how their comments/posts is being analysed and reduces the potential for misunderstandings or mistrust Case study: Application of AI principles in developing Twitter Sentiment Analysis applications 17
  • 18. For more information: - Schneider, Johannes, and Frank Breitinger, “AI Forensics: Did the artificial intelligence system do it? why?” (2020). - Karie, Nickson M., Victor R. Kebande, and H. S. Venter, “Diverging deep learning cognitive computing techniques into cyber forensics”, Forensic Science International: Synergy 1 (2019): 61-67. - Zhu, Liming, et al., “AI and Ethics—Operationalizing Responsible AI” Humanity Driven AI. Springer, Cham, 2022. 15-33. - Sarker, Iqbal H. "Machine learning: Algorithms, real-world applications and research directions." SN Computer Science 2.3 (2021): 1-21. 18