SlideShare a Scribd company logo

How adversaries interfere with AI and ML systems

aNumak & Company
aNumak & Company

As more firms use machine learning (ML) and artificial intelligence (AI) initiatives, protecting them becomes more crucial. You can counteract threat actors’ strategies, which include a variety of techniques to trick or abuse AI and machine learning systems and models. Defense against hostile machine learning is one of the newer facets of AI and ML security. Some of them aren’t AI-specific.

Technology
1 of 5
Download to read offline
HOW ADVERSARIES INTERFERE WITH AI AND ML SYSTEMS Reetikaa Wani
A s more firms use machine learning (ML) and artificial intelligence (AI) initiatives, pro- tecting them becomes more crucial. You can counteract threat actors’ strategies, which include a variety of techniques to trick or abuse AI and machine learning systems and models. Defense against hostile machine learning is one of the newer facets of AI and ML secu- rity. Some of them aren’t AI-specific. According to a report published by Microsoft this spring, 90% of firms are not prepared to defend themselves against adversarial machine learning. 25 of the 28 firms covered by the report lacked the security measures required to protect their ML systems. In a poll conducted by Gartner this spring, the difficulty of integrating AI technologies into cur- rent infrastructure and security concerns shared the top spot as hindering the adoption of AI. Adversarial Machine Learning (ML) The topic of adversarial machine learning examines how machine learning algorithms are challenged and countered. Contrary to what its name might imply, adversarial machine learn- ing is not a branch of the field. Instead, it is a collection of strategies that adversaries employ to undermine machine learning systems. According to a survey, there is a critical need for improved machine learning system protection in industrial applications. According to Alexey Rubtsov, a professor at Toronto Metropolitan University (formerly Ryerson) and senior research associate at the Global Risk Institute, “adversarial machine learning exploits flaws and specific- ities of ML models.” He recently published a paper on the application of adversarial machine learning in the financial services industry. anumak.ai
Types of ML attacks • Poisoning attack: To make the model perform poorly upon deployment, the attacker manipu- lates the training data or its labels. Poisoning is simply the hostile contamination of training data. Because ML systems can be retrained using the data gathered during operation, an attacker may taint the data by introducing malicious samples, which would interfere with or affect retraining. • Evasion attacks: The most common and studied attacks are evasion attacks. During deploy- ment, the attacker tampers with the data to trick classifiers that have already been trained. They are the most common attacks employed in intrusion and malware scenarios since they are carried out during deployment. Attackers frequently obscure the content of malware or spam emails to avoid detection. Since this classification does not directly affect the training data, alterations are made to samples to avoid detection. Spoofing attacks against biometric verification systems are an example of evasion. • Model Extraction attack: A model thief or model extractor probes a black-box machine learning system to either reconstruct the model or extract the data it was trained on. This is especially important if the training data or the model contains private and sensitive informa- tion. For example, use model extraction attacks to steal a stock market forecasting model that the adversary could utilize for self-financial gain. The enemy could be able to obtain a copy of the model by buying it or via a service if a busi- ness utilizes a commercial AI product. Attackers can, for instance, test their malware against antivirus engines on open platforms. anumak.ai
A few known adversarial attack methods • Limited-memory BFGS (L-BFGS): A non-linear gradient-based numerical optimization tech- nique called the Limited-memory Broyden-Fletcher-Goldfarb-Shannon (L-BFGS) method is used to reduce the number of perturbations that are added to images. One of its benefits is that it is efficient at producing adversarial examples. However, since limited-memory Broy- den-Fletcher-Goldfarb-Shanno (L-BFGS) is an efficient approach with box limitations, it re- quires a lot of processing power. As a result, the process is tedious and untenable. • FastGradient Sign method (FGSM): To reduce as much as possible the amount of distur- bance applied to every image pixel that can result in misclassification. Compared with other techniques, calculating is possible using the FastGradient Sign technique. But every feature also includes perturbations. • Jacobian-based Saliency Map Attack (JSMA): While still producing misclassification, the approach, unlike FGSM, uses feature selection to reduce the number of features updated. Features are regular intervals to flat perturbations in descending order of saliency rating. In contrast to FGSM, only a few functionalities are affected as a result. However, it also re- quires more computation than FGSM. • Deepfool Attack: With this untargeted adversarial sample generation method, the euclidean distance between perturbed samples and original samples is as small as possible. Estimated decision boundaries between classes are introduced iteratively along with perturbations. It produces adversarial instances well, with greater misclassification rates and fewer perturba- tions. Attacks on the AI system According to Gartner, most attacks against common software can also be used against AI. Dif- ferent traditional security measures can be used to safeguard AI systems. For instance, tools that shield data from access or compromise can also shield training data sets from alteration. In addition, Gartner advises businesses to take extra precautions if they need to safeguard AI and machine learning systems. First, Gartner advises businesses to embrace reliable AI prin- ciples and conduct model validation tests to safeguard AI models’ integrity. Second, Gartner advises deploying data poisoning detection technology to safeguard the integrity of AI training data. Conclusion Through the potential for data manipulation and exploitation, machine learning creates a new attack surface and raises security threats. Some machine learning models employ reinforcement learning and pick up new information as it comes in. Companies implementing machine learn- ing technology must know the dangers of hostile samples, stolen models, and data manipula- tion. In addition, enterprises must question providers about how they safeguard their systems from adversarial attacks before utilizing a third-party technology. anumak.ai
ANUMAK & COMPANY aNumak & Company is a global management consulting firm, an India private company limited by warranty. It is a company with expertise in creating scalable business models for different industry verticals. The Company strives to provide solutions through consulting, digital transformation, and innovative products that solve modern business problems. Offering on– site and offshore support and unique strategies, aNumak & Company transforms traditional business models into high–performance, dynamic, and distinctive business enterprises. It brings insights from core domain experts to deliver the best possible solutions to drive growth. aNumak & Company and each of its member firms are legally separate and independent entities. For more detailed information about aNumak & Company and its member companies, please visit https://www.anumak.com This material was prepared by aNumak & Company. This material (including any information it contains) is intended to provide general information on a particular topic(s). This material may contain information obtained from publicly available information or other third–party sources. aNumak & Company does not independently verify such sources and is not responsible for any loss resulting from reliance on information obtained from such sources. aNumak & Company does not provide any investment, legal, or other professional advice or services through this material. You should seek specific advice from the relevant specialist(s) for such services. This material or information is not intended to be considered the sole basis for any decision that could affect you, your business, or the operations of the company. Before making any decision or taking any action that could affect your finances or business, you should consult a professional. No institution at aNumak & Company can be held responsible for any loss suffered by any person or institution due to access to, use, or reliance on this material. By using this material or any information it contains, the user accepts he entirety of this notice and the terms of use. ©2022 aNumak & Company anumak.ai

Recommended

Team 20 Threat Attack AI Cyber Security Company Decision makin.docx
Team 20 Threat Attack AI Cyber Security Company Decision makin.docxTeam 20 Threat Attack AI Cyber Security Company Decision makin.docx
Team 20 Threat Attack AI Cyber Security Company Decision makin.docx
erlindaw
 
Harnessing the Power of Machine Learning in Cybersecurity.pdf
Harnessing the Power of Machine Learning in Cybersecurity.pdfHarnessing the Power of Machine Learning in Cybersecurity.pdf
Harnessing the Power of Machine Learning in Cybersecurity.pdf
CIOWomenMagazine
 
The Role of AI Safety Institutes in Enabling Trustworthy AI
The Role of AI Safety Institutes in Enabling Trustworthy AIThe Role of AI Safety Institutes in Enabling Trustworthy AI
The Role of AI Safety Institutes in Enabling Trustworthy AI
Bob Marcus
 
Ethical hacking a licence to hack
Ethical hacking a licence to hackEthical hacking a licence to hack
Ethical hacking a licence to hack
amrutharam
 
Vulnerability in ai
Vulnerability in ai Vulnerability in ai
Vulnerability in ai
SrajalTiwari1
 
200606_NWC_Strategic Security
200606_NWC_Strategic Security200606_NWC_Strategic Security
200606_NWC_Strategic Security
Chad Korosec
 
Key Cybersecurity Risks and Mitigation Strategies in 2023 | The Enterprise World
Key Cybersecurity Risks and Mitigation Strategies in 2023 | The Enterprise WorldKey Cybersecurity Risks and Mitigation Strategies in 2023 | The Enterprise World
Key Cybersecurity Risks and Mitigation Strategies in 2023 | The Enterprise World
TEWMAGAZINE
 
Machine Learning: Addressing the Disillusionment to Bring Actual Business Ben...
Machine Learning: Addressing the Disillusionment to Bring Actual Business Ben...Machine Learning: Addressing the Disillusionment to Bring Actual Business Ben...
Machine Learning: Addressing the Disillusionment to Bring Actual Business Ben...
Jon Mead
 

Recommended

Team 20 Threat Attack AI Cyber Security Company Decision makin.docx
Team 20 Threat Attack AI Cyber Security Company Decision makin.docxTeam 20 Threat Attack AI Cyber Security Company Decision makin.docx
Team 20 Threat Attack AI Cyber Security Company Decision makin.docx
erlindaw
 
Harnessing the Power of Machine Learning in Cybersecurity.pdf
Harnessing the Power of Machine Learning in Cybersecurity.pdfHarnessing the Power of Machine Learning in Cybersecurity.pdf
Harnessing the Power of Machine Learning in Cybersecurity.pdf
CIOWomenMagazine
 
The Role of AI Safety Institutes in Enabling Trustworthy AI
The Role of AI Safety Institutes in Enabling Trustworthy AIThe Role of AI Safety Institutes in Enabling Trustworthy AI
The Role of AI Safety Institutes in Enabling Trustworthy AI
Bob Marcus
 
Ethical hacking a licence to hack
Ethical hacking a licence to hackEthical hacking a licence to hack
Ethical hacking a licence to hack
amrutharam
 
Vulnerability in ai
Vulnerability in ai Vulnerability in ai
Vulnerability in ai
SrajalTiwari1
 
200606_NWC_Strategic Security
200606_NWC_Strategic Security200606_NWC_Strategic Security
200606_NWC_Strategic Security
Chad Korosec
 
Key Cybersecurity Risks and Mitigation Strategies in 2023 | The Enterprise World
Key Cybersecurity Risks and Mitigation Strategies in 2023 | The Enterprise WorldKey Cybersecurity Risks and Mitigation Strategies in 2023 | The Enterprise World
Key Cybersecurity Risks and Mitigation Strategies in 2023 | The Enterprise World
TEWMAGAZINE
 
Machine Learning: Addressing the Disillusionment to Bring Actual Business Ben...
Machine Learning: Addressing the Disillusionment to Bring Actual Business Ben...Machine Learning: Addressing the Disillusionment to Bring Actual Business Ben...
Machine Learning: Addressing the Disillusionment to Bring Actual Business Ben...
Jon Mead
 
Proofpoint Security Awareness Award Write Up
Proofpoint Security Awareness Award Write UpProofpoint Security Awareness Award Write Up
Proofpoint Security Awareness Award Write Up
Claudia Toscano
 
Technology for Cyber Security - Cyberroot Risk Advisory
Technology for Cyber Security - Cyberroot Risk AdvisoryTechnology for Cyber Security - Cyberroot Risk Advisory
Technology for Cyber Security - Cyberroot Risk Advisory
CR Group
 
machine learning.docx
machine learning.docxmachine learning.docx
machine learning.docx
JadhavArjun2
 
InformationSecurity_11141
InformationSecurity_11141InformationSecurity_11141
InformationSecurity_11141
sraina2
 
intiGrow newsletter-april2022.pdf
intiGrow newsletter-april2022.pdfintiGrow newsletter-april2022.pdf
intiGrow newsletter-april2022.pdf
Mohan C
 
2010 Sc World Congress Nyc
2010 Sc World Congress Nyc2010 Sc World Congress Nyc
2010 Sc World Congress Nyc
Bob Maley
 
Data security in AI systems
Data security in AI systemsData security in AI systems
Data security in AI systems
Benjaminlapid1
 
security-team-guide-reducing-operational-risk.pdf
security-team-guide-reducing-operational-risk.pdfsecurity-team-guide-reducing-operational-risk.pdf
security-team-guide-reducing-operational-risk.pdf
gokuforhelp
 
The Security Challenge: What's Next?
The Security Challenge: What's Next?The Security Challenge: What's Next?
The Security Challenge: What's Next?
Cognizant
 
Click Fraud Detection Of Advertisements using Machine Learning
Click Fraud Detection Of Advertisements using Machine LearningClick Fraud Detection Of Advertisements using Machine Learning
Click Fraud Detection Of Advertisements using Machine Learning
IRJET Journal
 
Incident Response
Incident ResponseIncident Response
Incident Response
MichaelRodriguesdosS1
 
Security Automation and Machine Learning
Security Automation and Machine LearningSecurity Automation and Machine Learning
Security Automation and Machine Learning
Siemplify
 
CROs must be part of the cybersecurity solution by david x martin
CROs must be part of the cybersecurity solution by david x martinCROs must be part of the cybersecurity solution by david x martin
CROs must be part of the cybersecurity solution by david x martin
David X Martin
 
Ethicalhackingalicencetohack 120223062548-phpapp01
Ethicalhackingalicencetohack 120223062548-phpapp01Ethicalhackingalicencetohack 120223062548-phpapp01
Ethicalhackingalicencetohack 120223062548-phpapp01
rajkumar jonuboyena
 
IRJET - A Review on Machine Learning Algorithms and their Applications
IRJET - A Review on Machine Learning Algorithms and their ApplicationsIRJET - A Review on Machine Learning Algorithms and their Applications
IRJET - A Review on Machine Learning Algorithms and their Applications
IRJET Journal
 
Why machine learning is the best way to reduce fraud
Why machine learning is the best way to reduce fraud Why machine learning is the best way to reduce fraud
Why machine learning is the best way to reduce fraud
GlobalTechCouncil
 
Internal or insider threats are far more dangerous than the external - bala g...
Internal or insider threats are far more dangerous than the external - bala g...Internal or insider threats are far more dangerous than the external - bala g...
Internal or insider threats are far more dangerous than the external - bala g...
Bala Guntipalli ♦ MBA
 
The future of cyber security
The future of cyber securityThe future of cyber security
The future of cyber security
Sandip Juthani
 
CMIT 321 Executive Proposal ProjectThe purpose of this project i.docx
CMIT 321 Executive Proposal ProjectThe purpose of this project i.docxCMIT 321 Executive Proposal ProjectThe purpose of this project i.docx
CMIT 321 Executive Proposal ProjectThe purpose of this project i.docx
clarebernice
 
Security Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to KnowSecurity Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to Know
MapR Technologies
 
The Challenges Of Multi-cloud Management.pdf
The Challenges Of Multi-cloud Management.pdfThe Challenges Of Multi-cloud Management.pdf
The Challenges Of Multi-cloud Management.pdf
aNumak & Company
 
5 Pillars Of Effective Data Management In Modern Data Systems.pdf
5 Pillars Of Effective Data Management In Modern Data Systems.pdf5 Pillars Of Effective Data Management In Modern Data Systems.pdf
5 Pillars Of Effective Data Management In Modern Data Systems.pdf
aNumak & Company
 

More Related Content

Similar to How adversaries interfere with AI and ML systems

InformationSecurity_11141
InformationSecurity_11141InformationSecurity_11141
InformationSecurity_11141
sraina2
 
security-team-guide-reducing-operational-risk.pdf
security-team-guide-reducing-operational-risk.pdfsecurity-team-guide-reducing-operational-risk.pdf
security-team-guide-reducing-operational-risk.pdf
gokuforhelp
 
Ethicalhackingalicencetohack 120223062548-phpapp01
Ethicalhackingalicencetohack 120223062548-phpapp01Ethicalhackingalicencetohack 120223062548-phpapp01
Ethicalhackingalicencetohack 120223062548-phpapp01
rajkumar jonuboyena
 
CMIT 321 Executive Proposal ProjectThe purpose of this project i.docx
CMIT 321 Executive Proposal ProjectThe purpose of this project i.docxCMIT 321 Executive Proposal ProjectThe purpose of this project i.docx
CMIT 321 Executive Proposal ProjectThe purpose of this project i.docx
clarebernice
 

Similar to How adversaries interfere with AI and ML systems (20)

Proofpoint Security Awareness Award Write Up
Proofpoint Security Awareness Award Write UpProofpoint Security Awareness Award Write Up
Proofpoint Security Awareness Award Write Up
 
Technology for Cyber Security - Cyberroot Risk Advisory
Technology for Cyber Security - Cyberroot Risk AdvisoryTechnology for Cyber Security - Cyberroot Risk Advisory
Technology for Cyber Security - Cyberroot Risk Advisory
 
machine learning.docx
machine learning.docxmachine learning.docx
machine learning.docx
 
InformationSecurity_11141
InformationSecurity_11141InformationSecurity_11141
InformationSecurity_11141
 
intiGrow newsletter-april2022.pdf
intiGrow newsletter-april2022.pdfintiGrow newsletter-april2022.pdf
intiGrow newsletter-april2022.pdf
 
2010 Sc World Congress Nyc
2010 Sc World Congress Nyc2010 Sc World Congress Nyc
2010 Sc World Congress Nyc
 
Data security in AI systems
Data security in AI systemsData security in AI systems
Data security in AI systems
 
security-team-guide-reducing-operational-risk.pdf
security-team-guide-reducing-operational-risk.pdfsecurity-team-guide-reducing-operational-risk.pdf
security-team-guide-reducing-operational-risk.pdf
 
The Security Challenge: What's Next?
The Security Challenge: What's Next?The Security Challenge: What's Next?
The Security Challenge: What's Next?
 
Click Fraud Detection Of Advertisements using Machine Learning
Click Fraud Detection Of Advertisements using Machine LearningClick Fraud Detection Of Advertisements using Machine Learning
Click Fraud Detection Of Advertisements using Machine Learning
 
Incident Response
Incident ResponseIncident Response
Incident Response
 
Security Automation and Machine Learning
Security Automation and Machine LearningSecurity Automation and Machine Learning
Security Automation and Machine Learning
 
CROs must be part of the cybersecurity solution by david x martin
CROs must be part of the cybersecurity solution by david x martinCROs must be part of the cybersecurity solution by david x martin
CROs must be part of the cybersecurity solution by david x martin
 
Ethicalhackingalicencetohack 120223062548-phpapp01
Ethicalhackingalicencetohack 120223062548-phpapp01Ethicalhackingalicencetohack 120223062548-phpapp01
Ethicalhackingalicencetohack 120223062548-phpapp01
 
IRJET - A Review on Machine Learning Algorithms and their Applications
IRJET - A Review on Machine Learning Algorithms and their ApplicationsIRJET - A Review on Machine Learning Algorithms and their Applications
IRJET - A Review on Machine Learning Algorithms and their Applications
 
Why machine learning is the best way to reduce fraud
Why machine learning is the best way to reduce fraud Why machine learning is the best way to reduce fraud
Why machine learning is the best way to reduce fraud
 
Internal or insider threats are far more dangerous than the external - bala g...
Internal or insider threats are far more dangerous than the external - bala g...Internal or insider threats are far more dangerous than the external - bala g...
Internal or insider threats are far more dangerous than the external - bala g...
 
The future of cyber security
The future of cyber securityThe future of cyber security
The future of cyber security
 
CMIT 321 Executive Proposal ProjectThe purpose of this project i.docx
CMIT 321 Executive Proposal ProjectThe purpose of this project i.docxCMIT 321 Executive Proposal ProjectThe purpose of this project i.docx
CMIT 321 Executive Proposal ProjectThe purpose of this project i.docx
 
Security Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to KnowSecurity Analytics and Big Data: What You Need to Know
Security Analytics and Big Data: What You Need to Know
 

More from aNumak & Company

The Future Of Smart Technology And Its Effect On Business performance.pdf
The Future Of Smart Technology And Its Effect On Business performance.pdfThe Future Of Smart Technology And Its Effect On Business performance.pdf
The Future Of Smart Technology And Its Effect On Business performance.pdf
aNumak & Company
 
Getting Through the Fear Factor When Hiring Tech Talents.pdf
Getting Through the Fear Factor When Hiring Tech Talents.pdfGetting Through the Fear Factor When Hiring Tech Talents.pdf
Getting Through the Fear Factor When Hiring Tech Talents.pdf
aNumak & Company
 
Localization of data privacy laws creates opportunities for competition.pdf
Localization of data privacy laws creates opportunities for competition.pdfLocalization of data privacy laws creates opportunities for competition.pdf
Localization of data privacy laws creates opportunities for competition.pdf
aNumak & Company
 
Effects of High Inflation on Private Equity Performance in Business.pdf
Effects of High Inflation on Private Equity Performance in Business.pdfEffects of High Inflation on Private Equity Performance in Business.pdf
Effects of High Inflation on Private Equity Performance in Business.pdf
aNumak & Company
 
How the CEO's visionary leadership can tip the scales in favor of success in ...
How the CEO's visionary leadership can tip the scales in favor of success in ...How the CEO's visionary leadership can tip the scales in favor of success in ...
How the CEO's visionary leadership can tip the scales in favor of success in ...
aNumak & Company
 

More from aNumak & Company (20)

The Challenges Of Multi-cloud Management.pdf
The Challenges Of Multi-cloud Management.pdfThe Challenges Of Multi-cloud Management.pdf
The Challenges Of Multi-cloud Management.pdf
 
5 Pillars Of Effective Data Management In Modern Data Systems.pdf
5 Pillars Of Effective Data Management In Modern Data Systems.pdf5 Pillars Of Effective Data Management In Modern Data Systems.pdf
5 Pillars Of Effective Data Management In Modern Data Systems.pdf
 
How CFOs Are Helping Corporations Integrate ESG Into Their Business Strategie...
How CFOs Are Helping Corporations Integrate ESG Into Their Business Strategie...How CFOs Are Helping Corporations Integrate ESG Into Their Business Strategie...
How CFOs Are Helping Corporations Integrate ESG Into Their Business Strategie...
 
Impact Of Industry 4.0 Technologies On Business Development And Management.pdf
Impact Of Industry 4.0 Technologies On Business Development And Management.pdfImpact Of Industry 4.0 Technologies On Business Development And Management.pdf
Impact Of Industry 4.0 Technologies On Business Development And Management.pdf
 
The Future Of Smart Technology And Its Effect On Business performance.pdf
The Future Of Smart Technology And Its Effect On Business performance.pdfThe Future Of Smart Technology And Its Effect On Business performance.pdf
The Future Of Smart Technology And Its Effect On Business performance.pdf
 
The effects of Industry 5.pdf
The effects of Industry 5.pdfThe effects of Industry 5.pdf
The effects of Industry 5.pdf
 
Importance Of The Dignity Of Compliance Risk In Organizations.pdf
Importance Of The Dignity Of Compliance Risk In Organizations.pdfImportance Of The Dignity Of Compliance Risk In Organizations.pdf
Importance Of The Dignity Of Compliance Risk In Organizations.pdf
 
NEXT GENERATION SOFTWARE DEVELOPMENT.pdf
NEXT GENERATION SOFTWARE DEVELOPMENT.pdfNEXT GENERATION SOFTWARE DEVELOPMENT.pdf
NEXT GENERATION SOFTWARE DEVELOPMENT.pdf
 
Getting Through the Fear Factor When Hiring Tech Talents.pdf
Getting Through the Fear Factor When Hiring Tech Talents.pdfGetting Through the Fear Factor When Hiring Tech Talents.pdf
Getting Through the Fear Factor When Hiring Tech Talents.pdf
 
Rebuilding social capital and improving business performance.pdf
Rebuilding social capital and improving business performance.pdfRebuilding social capital and improving business performance.pdf
Rebuilding social capital and improving business performance.pdf
 
How Advanced Connectivity__ affects the prospects of the market trends today.pdf
How Advanced Connectivity__ affects the prospects of the market trends today.pdfHow Advanced Connectivity__ affects the prospects of the market trends today.pdf
How Advanced Connectivity__ affects the prospects of the market trends today.pdf
 
How Praise And recognition affect bottom line.pdf
How Praise And recognition affect bottom line.pdfHow Praise And recognition affect bottom line.pdf
How Praise And recognition affect bottom line.pdf
 
DANGERS OF TOXIC WORKPLACE.pdf
DANGERS OF TOXIC WORKPLACE.pdfDANGERS OF TOXIC WORKPLACE.pdf
DANGERS OF TOXIC WORKPLACE.pdf
 
How To Build Mentally Resilience Workforce for An Organization.pdf
How To Build Mentally Resilience Workforce for An Organization.pdfHow To Build Mentally Resilience Workforce for An Organization.pdf
How To Build Mentally Resilience Workforce for An Organization.pdf
 
FUTURE OF RETAIL WILL LOOK LIKE WHAT'S HAPPENED IN THE MUSIC INDUSTRY.pdf
FUTURE OF RETAIL WILL LOOK LIKE WHAT'S HAPPENED IN THE MUSIC INDUSTRY.pdfFUTURE OF RETAIL WILL LOOK LIKE WHAT'S HAPPENED IN THE MUSIC INDUSTRY.pdf
FUTURE OF RETAIL WILL LOOK LIKE WHAT'S HAPPENED IN THE MUSIC INDUSTRY.pdf
 
Localization of data privacy laws creates opportunities for competition.pdf
Localization of data privacy laws creates opportunities for competition.pdfLocalization of data privacy laws creates opportunities for competition.pdf
Localization of data privacy laws creates opportunities for competition.pdf
 
How a Revamped Data Analytics Approach Can Mitigate Healthcare Disparities.pdf
How a Revamped Data Analytics Approach Can Mitigate Healthcare Disparities.pdfHow a Revamped Data Analytics Approach Can Mitigate Healthcare Disparities.pdf
How a Revamped Data Analytics Approach Can Mitigate Healthcare Disparities.pdf
 
Effects of High Inflation on Private Equity Performance in Business.pdf
Effects of High Inflation on Private Equity Performance in Business.pdfEffects of High Inflation on Private Equity Performance in Business.pdf
Effects of High Inflation on Private Equity Performance in Business.pdf
 
How Low-code Can Help Businesses Automate IoT In Their Business.pdf
How Low-code Can Help Businesses Automate IoT In Their Business.pdfHow Low-code Can Help Businesses Automate IoT In Their Business.pdf
How Low-code Can Help Businesses Automate IoT In Their Business.pdf
 
How the CEO's visionary leadership can tip the scales in favor of success in ...
How the CEO's visionary leadership can tip the scales in favor of success in ...How the CEO's visionary leadership can tip the scales in favor of success in ...
How the CEO's visionary leadership can tip the scales in favor of success in ...
 

Recently uploaded

Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
Overkill Security
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 

Recently uploaded (20)

Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 

How adversaries interfere with AI and ML systems

  • 1. HOW ADVERSARIES INTERFERE WITH AI AND ML SYSTEMS Reetikaa Wani
  • 2. A s more firms use machine learning (ML) and artificial intelligence (AI) initiatives, pro- tecting them becomes more crucial. You can counteract threat actors’ strategies, which include a variety of techniques to trick or abuse AI and machine learning systems and models. Defense against hostile machine learning is one of the newer facets of AI and ML secu- rity. Some of them aren’t AI-specific. According to a report published by Microsoft this spring, 90% of firms are not prepared to defend themselves against adversarial machine learning. 25 of the 28 firms covered by the report lacked the security measures required to protect their ML systems. In a poll conducted by Gartner this spring, the difficulty of integrating AI technologies into cur- rent infrastructure and security concerns shared the top spot as hindering the adoption of AI. Adversarial Machine Learning (ML) The topic of adversarial machine learning examines how machine learning algorithms are challenged and countered. Contrary to what its name might imply, adversarial machine learn- ing is not a branch of the field. Instead, it is a collection of strategies that adversaries employ to undermine machine learning systems. According to a survey, there is a critical need for improved machine learning system protection in industrial applications. According to Alexey Rubtsov, a professor at Toronto Metropolitan University (formerly Ryerson) and senior research associate at the Global Risk Institute, “adversarial machine learning exploits flaws and specific- ities of ML models.” He recently published a paper on the application of adversarial machine learning in the financial services industry. anumak.ai
  • 3. Types of ML attacks • Poisoning attack: To make the model perform poorly upon deployment, the attacker manipu- lates the training data or its labels. Poisoning is simply the hostile contamination of training data. Because ML systems can be retrained using the data gathered during operation, an attacker may taint the data by introducing malicious samples, which would interfere with or affect retraining. • Evasion attacks: The most common and studied attacks are evasion attacks. During deploy- ment, the attacker tampers with the data to trick classifiers that have already been trained. They are the most common attacks employed in intrusion and malware scenarios since they are carried out during deployment. Attackers frequently obscure the content of malware or spam emails to avoid detection. Since this classification does not directly affect the training data, alterations are made to samples to avoid detection. Spoofing attacks against biometric verification systems are an example of evasion. • Model Extraction attack: A model thief or model extractor probes a black-box machine learning system to either reconstruct the model or extract the data it was trained on. This is especially important if the training data or the model contains private and sensitive informa- tion. For example, use model extraction attacks to steal a stock market forecasting model that the adversary could utilize for self-financial gain. The enemy could be able to obtain a copy of the model by buying it or via a service if a busi- ness utilizes a commercial AI product. Attackers can, for instance, test their malware against antivirus engines on open platforms. anumak.ai
  • 4. A few known adversarial attack methods • Limited-memory BFGS (L-BFGS): A non-linear gradient-based numerical optimization tech- nique called the Limited-memory Broyden-Fletcher-Goldfarb-Shannon (L-BFGS) method is used to reduce the number of perturbations that are added to images. One of its benefits is that it is efficient at producing adversarial examples. However, since limited-memory Broy- den-Fletcher-Goldfarb-Shanno (L-BFGS) is an efficient approach with box limitations, it re- quires a lot of processing power. As a result, the process is tedious and untenable. • FastGradient Sign method (FGSM): To reduce as much as possible the amount of distur- bance applied to every image pixel that can result in misclassification. Compared with other techniques, calculating is possible using the FastGradient Sign technique. But every feature also includes perturbations. • Jacobian-based Saliency Map Attack (JSMA): While still producing misclassification, the approach, unlike FGSM, uses feature selection to reduce the number of features updated. Features are regular intervals to flat perturbations in descending order of saliency rating. In contrast to FGSM, only a few functionalities are affected as a result. However, it also re- quires more computation than FGSM. • Deepfool Attack: With this untargeted adversarial sample generation method, the euclidean distance between perturbed samples and original samples is as small as possible. Estimated decision boundaries between classes are introduced iteratively along with perturbations. It produces adversarial instances well, with greater misclassification rates and fewer perturba- tions. Attacks on the AI system According to Gartner, most attacks against common software can also be used against AI. Dif- ferent traditional security measures can be used to safeguard AI systems. For instance, tools that shield data from access or compromise can also shield training data sets from alteration. In addition, Gartner advises businesses to take extra precautions if they need to safeguard AI and machine learning systems. First, Gartner advises businesses to embrace reliable AI prin- ciples and conduct model validation tests to safeguard AI models’ integrity. Second, Gartner advises deploying data poisoning detection technology to safeguard the integrity of AI training data. Conclusion Through the potential for data manipulation and exploitation, machine learning creates a new attack surface and raises security threats. Some machine learning models employ reinforcement learning and pick up new information as it comes in. Companies implementing machine learn- ing technology must know the dangers of hostile samples, stolen models, and data manipula- tion. In addition, enterprises must question providers about how they safeguard their systems from adversarial attacks before utilizing a third-party technology. anumak.ai
  • 5. ANUMAK & COMPANY aNumak & Company is a global management consulting firm, an India private company limited by warranty. It is a company with expertise in creating scalable business models for different industry verticals. The Company strives to provide solutions through consulting, digital transformation, and innovative products that solve modern business problems. Offering on– site and offshore support and unique strategies, aNumak & Company transforms traditional business models into high–performance, dynamic, and distinctive business enterprises. It brings insights from core domain experts to deliver the best possible solutions to drive growth. aNumak & Company and each of its member firms are legally separate and independent entities. For more detailed information about aNumak & Company and its member companies, please visit https://www.anumak.com This material was prepared by aNumak & Company. This material (including any information it contains) is intended to provide general information on a particular topic(s). This material may contain information obtained from publicly available information or other third–party sources. aNumak & Company does not independently verify such sources and is not responsible for any loss resulting from reliance on information obtained from such sources. aNumak & Company does not provide any investment, legal, or other professional advice or services through this material. You should seek specific advice from the relevant specialist(s) for such services. This material or information is not intended to be considered the sole basis for any decision that could affect you, your business, or the operations of the company. Before making any decision or taking any action that could affect your finances or business, you should consult a professional. No institution at aNumak & Company can be held responsible for any loss suffered by any person or institution due to access to, use, or reliance on this material. By using this material or any information it contains, the user accepts he entirety of this notice and the terms of use. ©2022 aNumak & Company anumak.ai