To protect your AI systems, it is essential to understand the risks they may face. Common types of attacks include data poisoning, where malicious or misleading data is injected into training or testing datasets. There is also model stealing, where the parameters or logic of an AI system are copied or extracted. And in model inversion, sensitive or private information is inferred from outputs. And there are adversarial examples, which are crafted inputs that fool AI systems into making wrong decisions. Each of these types of attacks can have serious implications for AI systems, so it is important to take them seriously.
In the case of generative AI, one can prompt engineer an AI system to train from bad examples and produce undesirable outputs.
We all know that AI thrives on data and that some of its most complex algorithms such as deep learning need tens of thousands of data. It is this hungriness that also represents one of the biggest weaknesses when talking about AI models security. Studies have shown that data has been top target for hackers to compromise AI models. Unlike traditional attacks, most of the attacks on AI models aim to take control of the model rather than take it down. This make sthe consequences even greater and more significant.
Implement appropriate security measures and controls throughout the AI's lifecycle. This includes data encryption and data anonymization, plus model hardening, which makes AI models more resistant to attacks, and model verification, which uses formal methods to verify the correctness, reliability, or performance of AI models. All of these measures are essential for ensuring the security of your AI systems.
Having strict protocols covering the end to end data chain is key! Records and authentiation of AI operations and data handling need to be in place so when an anomaly takes place it is swiftly flagged by the system. Also mitigation practice needs to tackle both before and after event. Objective before event is to minimise and avoid all attacks whereas the objective after an attack taking place is to recover and resolve the issue a soon as possible with minimum impacts. So we also need recovery plans and mechanism to kick in. Also, similar to traditional cyber attaks the human element is important thus the need to educate staff on AI security risk and teh dos and the don'ts to minimise risks.
Monitor and update your AI systems regularly to detect and respond to any anomalies or incidents that may affect their functionality or security. Data auditing involves reviewing and analyzing data sources, quality, and usage to ensure validity, consistency, and relevance. Model evaluation is when you assess the behavior and impact of AI models to ensure they meet your objectives. And model updating refers to when you update or retrain AI models with new data or parameters to enhance accuracy and efficiency. This will also incorporate any feedback or requirements that may emerge from the environment or stakeholders.
It's important to stay on top of your AI systems and ensure they are functioning properly. Regularly monitoring and updating can help you identify any issues that may arise and take corrective action quickly. Additionally, data auditing, model evaluation, and model updating are all essential components of a successful AI system. Taking the time to review and analyze data, assess the behavior and impact of AI models, and update or retrain AI models with new data or parameters can help you ensure your AI system is functioning optimally.
Educate and empower your users and stakeholders, which include employees, customers, partners, or regulators, to use your AI systems safely and ethically. To do this, equip them with data literacy skills to collect, analyze, and interpret data while recognizing potential pitfalls or biases. Additionally, you can provide clear explanations of how your AI models work, what data they use, their assumptions, their results, and their limitations. Also offer mechanisms and channels to monitor or challenge your AI models by setting standards for their use, providing feedback options, or establishing oversight bodies.
We have heard a lot about AI hallucinations in the context of generative AI. Let's say we give a legal contract as context to a LLM-based AI system and ask it when it will be effective. It might respond with the date on which the contract becomes effective and omit other requirements such as all parties have to sign the contract. This is because of how it interprets the word when. In other words, LLMs can also lead to omissions of facts in addition to producing hallucinations. Prompt engineering might minimize omissions and hallucinations. This needs further exploration on many use cases.
Collaborate and learn from others who are also involved in AI and cybersecurity, such as researchers, practitioners, or experts. Sharing your data with trusted parties is an important part of this process. Model sharing involves sharing model components with open-source communities. Additionally, knowledge sharing means sharing your insights through conferences, workshops, or publications. All of these collaboration and learning opportunities enable mutual learning, validation, and innovation of your AI systems, plus gives you an awareness of the systems' capabilities. Furthermore, it contributes to the advancement of AI and cybersecurity research and the development of common standards for AI and cybersecurity.
In my experience, I have found that a robust framework can aid onboarding and securing of a new technology. For example, a Governance Framework focused on following aspects can be helpful:- - Defined Purpose and objectives - Establish Accountability - Develop Ethical Principles and Policies - Data Governance - Model Development and Validation - Risk Management - Training and Awareness - Continuous Monitoring and Evaluation