Attacking Artificial Intelligence
What is an AI attack?
An artificial intelligence attack or we can say AI attack is the purposeful manipulation of an AI system with the goal of causing it to malfunction. These attacks can be in different forms that strike on different weaknesses in the underlying working algorithms of AI system.
An Overview on AI attack
As previously mentioned, AI attack is a purposeful manipulation of an AI system. That can be done in several ways
Input Attack: In this an attacker manipulate the input of an AI system to alter the output of the system so that system serve the attacker’s goal. Because the core of almost every AI system is a machine that takes an input, do some calculations, and returns an output. So, manipulating the input allows an attacker to change the output.
Poisoning Attacks: One other way is to corrupt AI system during the time it is created, so that the resulting system malfunctions in attacker’s way. One direct way to execute this to corrupt the data used during the process. Because for an AI system data is its air, water, food and even its true love. So, poison the data = poison the AI system.
As AI systems are integrated into military applications and critical commercial, these attacks can have serious, even life-and-death consequences. These attacks can be used in a number of ways to achieve the desire goal:
- Cause Damage: An attacker can damage how an AI system malfunction. An example of this attack is to cause an autonomous vehicle to ignore stop sign boards. By attacking an AI system so that it ignores or incorrectly recognizes a stop sign as a different sign, the attacker can cause the autonomous vehicle to ignore the stop sign and crash into other vehicles.
- Hide Something: the attacker can use it to evade detection by an AI system. For an example social media platform uses AI to block terrorist propaganda to post on social media, therefore letting the material propagate unencumbered.
- Degrade Faith in a System: the attacker wants an operator to lose faith in the AI system, leading to the system being shut down. Here an attacker cause the AI based security system to give false positive alert.
Why Do These Attacks Exist?
AI attacks exist because there are some fundamental limitations in the underlying AI algorithms that can exploit in order to make the system fail. Unlike other cyber security attacks, these weaknesses are not due to mistakes made by programmers or are some bugs in the code itself. These vulnerabilities occur in the main machine learning algorithm itself it means they exist in the core of AI.
Example of these attack
In input attack an attacker manipulate the input of an AI system to alter the output of the system for example an attacker can attach some malicious symbol to a stop sign so that it will work as a green light for an automotive vehicle.
It can also happen with digital image for example an attacker can insert some noise in the image to fool the AI. You can’t see these certain changes from naked eyes.
In poisoning attack, the attacker tries to damage the AI model itself so that once it is deployed, the attacker can use it to fulfill his own purpose. With poisoning an attacker can create backdoor in the system for further use.