Soumia Zohra El Mestari,Gabriele Lenzini,Huseyin Demirci

DOI: https://doi.org/10.1016/j.cose.2023.103605

IF: 5.105

2023-11-01

Computers & Security

Abstract:The wide adoption of Machine Learning to solve a large set of real-life problems came with the need to collect and process large volumes of data, some of which are considered personal and sensitive, raising serious concerns about data protection. Privacy-enhancing technologies (PETs) are often indicated as a solution to protect personal data and to achieve a general trustworthiness as required by current EU regulations on data protection and AI. However, an off-the-shelf application of PETs is insufficient to ensure a high-quality of data protection, which one needs to understand. This work systematically discusses the risks against data protection in modern Machine Learning systems taking the original perspective of the data owners, who are those who hold the various data sets, data models, or both, throughout the machine learning life cycle and considering the different Machine Learning architectures. It argues that the origin of the threats, the risks against the data, and the level of protection offered by PETs depend on the data processing phase, the role of the parties involved, and the architecture where the machine learning systems are deployed. By offering a framework in which to discuss privacy and confidentiality risks for data owners and by identifying and assessing privacy-preserving countermeasures for machine learning, this work could facilitate the discussion about compliance with EU regulations and directives. We discuss current challenges and research questions that are still unsolved in the field. In this respect, this paper provides researchers and developers working on machine learning with a comprehensive body of knowledge to let them advance in the science of data protection in machine learning field as well as in closely related fields such as Artificial Intelligence.

computer science, information systems

Ivan A. Fernandez,Subash Neupane,Trisha Chakraborty,Shaswata Mitra,Sudip Mittal,Nisha Pillai,Jingdao Chen,Shahram Rahimi

2024-06-27

Abstract:Industry 4.0 has witnessed the rise of complex robots fueled by the integration of Artificial Intelligence/Machine Learning (AI/ML) and Digital Twin (DT) technologies. While these technologies offer numerous benefits, they also introduce potential privacy and security risks. This paper surveys privacy attacks targeting robots enabled by AI and DT models. Exfiltration and data leakage of ML models are discussed in addition to the potential extraction of models derived from first-principles (e.g., physics-based). We also discuss design considerations with DT-integrated robotics touching on the impact of ML model training, responsible AI and DT safeguards, data governance and ethical considerations on the effectiveness of these attacks. We advocate for a trusted autonomy approach, emphasizing the need to combine robotics, AI, and DT technologies with robust ethical frameworks and trustworthiness principles for secure and reliable AI robotic systems.

Robotics,Artificial Intelligence

Stephen Meisenbacher,Alexandra Klymenko,Patrick Gage Kelley,Sai Teja Peddinti,Kurt Thomas,Florian Matthes

2024-07-02

Abstract:The rise of powerful AI models, more formally $\textit{General-Purpose AI Systems}$ (GPAIS), has led to impressive leaps in performance across a wide range of tasks. At the same time, researchers and practitioners alike have raised a number of privacy concerns, resulting in a wealth of literature covering various privacy risks and vulnerabilities of AI models. Works surveying such risks provide differing focuses, leading to disparate sets of privacy risks with no clear unifying taxonomy. We conduct a systematic review of these survey papers to provide a concise and usable overview of privacy risks in GPAIS, as well as proposed mitigation strategies. The developed privacy framework strives to unify the identified privacy risks and mitigations at a technical level that is accessible to non-experts. This serves as the basis for a practitioner-focused interview study to assess technical stakeholder perceptions of privacy risks and mitigations in GPAIS.

Computers and Society

William Villegas-Ch,Joselin García-Ortiz

DOI: https://doi.org/10.3390/electronics12183786

IF: 2.9

2023-09-08

Electronics

Abstract:The rapid expansion of artificial intelligence poses significant challenges in terms of data security and privacy. This article proposes a comprehensive approach to develop a framework to address these issues. First, previous research on security and privacy in artificial intelligence is reviewed, highlighting the advances and existing limitations. Likewise, open research areas and gaps that require attention to improve current frameworks are identified. Regarding the development of the framework, data protection in artificial intelligence is addressed, explaining the importance of safeguarding the data used in artificial intelligence models and describing policies and practices to guarantee their security, as well as approaches to preserve the integrity of said data. In addition, the security of artificial intelligence is examined, analyzing the vulnerabilities and risks present in artificial intelligence systems and presenting examples of potential attacks and malicious manipulations, together with security frameworks to mitigate these risks. Similarly, the ethical and regulatory framework relevant to security and privacy in artificial intelligence is considered, offering an overview of existing regulations and guidelines.

engineering, electrical & electronic,computer science, information systems,physics, applied

Ayodeji Oseni,Nour Moustafa,Helge Janicke,Peng Liu,Zahir Tari,Athanasios Vasilakos

DOI: https://doi.org/10.48550/arXiv.2102.04661

2021-02-09

Cryptography and Security

Abstract:The increased adoption of Artificial Intelligence (AI) presents an opportunity to solve many socio-economic and environmental challenges; however, this cannot happen without securing AI-enabled technologies. In recent years, most AI models are vulnerable to advanced and sophisticated hacking techniques. This challenge has motivated concerted research efforts into adversarial AI, with the aim of developing robust machine and deep learning models that are resilient to different types of adversarial scenarios. In this paper, we present a holistic cyber security review that demonstrates adversarial attacks against AI applications, including aspects such as adversarial knowledge and capabilities, as well as existing methods for generating adversarial examples and existing cyber defence models. We explain mathematical AI models, especially new variants of reinforcement and federated learning, to demonstrate how attack vectors would exploit vulnerabilities of AI models. We also propose a systematic framework for demonstrating attack techniques against AI applications and reviewed several cyber defences that would protect AI applications against those attacks. We also highlight the importance of understanding the adversarial goals and their capabilities, especially the recent attacks against industry applications, to develop adaptive defences that assess to secure AI applications. Finally, we describe the main challenges and future research directions in the domain of security and privacy of AI technologies.

Yupeng Hu,Wenxin Kuang,Zheng Qin,Kenli Li,Jiliang Zhang,Yansong Gao,Wenjia Li,Keqin Li

DOI: https://doi.org/10.1145/3487890

IF: 16.6

2023-01-31

ACM Computing Surveys

Abstract:In recent years, with rapid technological advancement in both computing hardware and algorithm, Artificial Intelligence (AI) has demonstrated significant advantage over human being in a wide range of fields, such as image recognition, education, autonomous vehicles, finance, and medical diagnosis. However, AI-based systems are generally vulnerable to various security threats throughout the whole process, ranging from the initial data collection and preparation to the training, inference, and final deployment. In an AI-based system, the data collection and pre-processing phase are vulnerable to sensor spoofing attacks and scaling attacks, respectively, while the training and inference phases of the model are subject to poisoning attacks and adversarial attacks, respectively. To address these severe security threats against the AI-based systems, in this article, we review the challenges and recent research advances for security issues in AI, so as to depict an overall blueprint for AI security. More specifically, we first take the lifecycle of an AI-based system as a guide to introduce the security threats that emerge at each stage, which is followed by a detailed summary for corresponding countermeasures. Finally, some of the future challenges and opportunities for the security issues in AI will also be discussed.

computer science, theory & methods

Petar Radanliev,Omar Santos

2023-11-12

Abstract:As Artificial Intelligence (AI) becomes more prevalent, protecting personal privacy is a critical ethical issue that must be addressed. This article explores the need for ethical AI systems that safeguard individual privacy while complying with ethical standards. By taking a multidisciplinary approach, the research examines innovative algorithmic techniques such as differential privacy, homomorphic encryption, federated learning, international regulatory frameworks, and ethical guidelines. The study concludes that these algorithms effectively enhance privacy protection while balancing the utility of AI with the need to protect personal data. The article emphasises the importance of a comprehensive approach that combines technological innovation with ethical and regulatory strategies to harness the power of AI in a way that respects and protects individual privacy.

Computers and Society,Human-Computer Interaction,Social and Information Networks,Systems and Control

Yazan Alaya Al-Khassawneh

DOI: https://doi.org/10.17509/ijost.v8i1.52709

2022-09-20

Indonesian Journal of Science and Technology

Abstract:Artificial intelligence has the potential to address many societal, economic, and environmental challenges, but only if AI-enabled gadgets are kept secure. Many artificial intelligence (AI) models produced in recent years can be hacked by utilizing cutting-edge techniques. This issue has sparked intense research into adversarial AI to develop machine and deep learning models that can withstand various types of attacks. We provide a detailed summary of artificial intelligence in this paper to prove how adversarial attacks against AI applications can be mounted, covering topics such as confrontational knowledge and capabilities, existing methods for actually producing adversarial examples, and existing cyber defense models. In addition, we investigated numerous cyber countermeasures that could defend AI applications against these attacks and offered a systematic approach for demonstrating war strategies against machine learning and artificial intelligence. To safeguard AI applications, we emphasize the importance of understanding the intentions and methods of possible attackers. In the end, we list the biggest problems and most interesting research areas in the field of AI privacy and security.

Gonzalo Munilla Garrido,Kaja Schmidt,Christopher Harth-Kitzerow,Johannes Klepsch,Andre Luckow,Florian Matthes

DOI: https://doi.org/10.1109/BigData52589.2021.9671528

2022-09-12

Abstract:Privacy-enhancing technologies (PETs) are becoming increasingly crucial for addressing customer needs, security, privacy (e.g., enhancing anonymity and confidentiality), and regulatory requirements. However, applying PETs in organizations requires a precise understanding of use cases, technologies, and limitations. This paper investigates several industrial use cases, their characteristics, and the potential applicability of PETs to these. We conduct expert interviews to identify and classify uses cases, a gray literature review of relevant open-source PET tools, and discuss how the use case characteristics can be addressed using PETs' capabilities. While we focus mainly on automotive use cases, the results also apply to other use case domains.

Cryptography and Security

Ero Balsa,Yan Shvartzshnaider

2023-12-05

Abstract:Privacy enhancing technologies, or PETs, have been hailed as a promising means to protect privacy without compromising on the functionality of digital services. At the same time, and partly because they may encode a narrow conceptualization of privacy as confidentiality that is popular among policymakers, engineers and the public, PETs risk being co-opted to promote privacy-invasive practices. In this paper, we resort to the theory of Contextual Integrity to explain how privacy technologies may be misused to erode privacy. To illustrate, we consider three PETs and scenarios: anonymous credentials for age verification, client-side scanning for illegal content detection, and homomorphic encryption for machine learning model training. Using the theory of Contextual Integrity, we reason about the notion of privacy that these PETs encode, and show that CI enables us to identify and reason about the limitations of PETs and their misuse, and which may ultimately lead to privacy violations.

Cryptography and Security,Computers and Society,Information Theory

Hyunghoon Cho,David Froelicher,Natnatee Dokmai,Anupama Nandi,Shuvom Sadhuka,Matthew M Hong,Bonnie Berger

DOI: https://doi.org/10.1146/annurev-biodatasci-120423-120107

Abstract:The rapidly growing scale and variety of biomedical data repositories raise important privacy concerns. Conventional frameworks for collecting and sharing human subject data offer limited privacy protection, often necessitating the creation of data silos. Privacy-enhancing technologies (PETs) promise to safeguard these data and broaden their usage by providing means to share and analyze sensitive data while protecting privacy. Here, we review prominent PETs and illustrate their role in advancing biomedicine. We describe key use cases of PETs and their latest technical advances and highlight recent applications of PETs in a range of biomedical domains. We conclude by discussing outstanding challenges and social considerations that need to be addressed to facilitate a broader adoption of PETs in biomedical data science.

REN Kui,MENG Quanrun,YAN Shoukun,QIN Zhan

DOI: https://doi.org/10.11959/j.issn.2096-109x.2021001

2021-01-01

Abstract:Artificial intelligence and deep learning algorithms are developing rapidly. These emerging techniques have been widely used in audio and video recognition, natural language processing and other fields. However, in recent years, researchers have found that there are many security risks in the current mainstream artificial intelligence model, and these problems will limit the development of AI. Therefore, the data security and privacy protection was studied in AI. For data and privacy leakage, the model output based and model update based problem of data leakage were studied. In the model output based problem of data leakage, the principles and research status of model extraction attack, model inversion attack and membership inference attack were discussed. In the model update based problem of data leakage, how attackers steal private data in the process of distributed training was discussed. For data and privacy protection, three kinds of defense methods, namely model structure defense, information confusion defense and query control defense were studied. In summarize, the theoretical foundations, classic algorithms of data inference attack techniques were introduced. A few research efforts on the defense techniques were described in order to provoke further research efforts in this critical area.

Nicolas Papernot,Patrick McDaniel,Arunesh Sinha,Michael Wellman

DOI: https://doi.org/10.48550/arXiv.1611.03814

2016-11-11

Cryptography and Security

Abstract:Advances in machine learning (ML) in recent years have enabled a dizzying array of applications such as data analytics, autonomous systems, and security diagnostics. ML is now pervasive---new systems and models are being deployed in every domain imaginable, leading to rapid and widespread deployment of software based inference and decision making. There is growing recognition that ML exposes new vulnerabilities in software systems, yet the technical community's understanding of the nature and extent of these vulnerabilities remains limited. We systematize recent findings on ML security and privacy, focusing on attacks identified on these systems and defenses crafted to date. We articulate a comprehensive threat model for ML, and categorize attacks and defenses within an adversarial framework. Key insights resulting from works both in the ML and security communities are identified and the effectiveness of approaches are related to structural elements of ML algorithms and the data used to train them. We conclude by formally exploring the opposing relationship between model accuracy and resilience to adversarial manipulation. Through these explorations, we show that there are (possibly unavoidable) tensions between model complexity, accuracy, and resilience that must be calibrated for the environments in which they will be used.

Hao-Ping Lee,Yu-Ju Yang,Thomas Serban von Davier,Jodi Forlizzi,Sauvik Das

DOI: https://doi.org/10.48550/arXiv.2310.07879

2024-02-11

Abstract:Privacy is a key principle for developing ethical AI technologies, but how does including AI technologies in products and services change privacy risks? We constructed a taxonomy of AI privacy risks by analyzing 321 documented AI privacy incidents. We codified how the unique capabilities and requirements of AI technologies described in those incidents generated new privacy risks, exacerbated known ones, or otherwise did not meaningfully alter the risk. We present 12 high-level privacy risks that AI technologies either newly created (e.g., exposure risks from deepfake pornography) or exacerbated (e.g., surveillance risks from collecting training data). One upshot of our work is that incorporating AI technologies into a product can alter the privacy risks it entails. Yet, current approaches to privacy-preserving AI/ML (e.g., federated learning, differential privacy, checklists) only address a subset of the privacy risks arising from the capabilities and data requirements of AI.

Human-Computer Interaction

Emiliano De Cristofaro

DOI: https://doi.org/10.48550/arXiv.2005.08679

IF: 5.414

2020-05-18

Machine Learning

Abstract:Over the past few years, providers such as Google, Microsoft, and Amazon have started to provide customers with access to software interfaces allowing them to easily embed machine learning tasks into their applications. Overall, organizations can now use Machine Learning as a Service (MLaaS) engines to outsource complex tasks, e.g., training classifiers, performing predictions, clustering, etc. They can also let others query models trained on their data. Naturally, this approach can also be used (and is often advocated) in other contexts, including government collaborations, citizen science projects, and business-to-business partnerships. However, if malicious users were able to recover data used to train these models, the resulting information leakage would create serious issues. Likewise, if the inner parameters of the model are considered proprietary information, then access to the model should not allow an adversary to learn such parameters. In this document, we set to review privacy challenges in this space, providing a systematic review of the relevant research literature, also exploring possible countermeasures. More specifically, we provide ample background information on relevant concepts around machine learning and privacy. Then, we discuss possible adversarial models and settings, cover a wide range of attacks that relate to private and/or sensitive information leakage, and review recent results attempting to defend against such attacks. Finally, we conclude with a list of open problems that require more work, including the need for better evaluations, more targeted defenses, and the study of the relation to policy and data protection efforts.

Kelly D Martin,Johanna Zimmermann

DOI: https://doi.org/10.1016/j.copsyc.2024.101829

Abstract:Contemporary, multidisciplinary research sheds light on data privacy implications of artificial intelligence (AI). This review adopts an AI ecosystem perspective and proposes a process-outcome continuum to classify AI technologies; this perspective helps to understand the nuances of AI relative to psychological aspects of privacy decision-making. Specifically, different types of AI affect traditionally studied privacy decision-making frameworks including the privacy calculus, psychological ownership, and social influence in varied ways. By understanding how the process- or outcome-orientation of an AI technology affects privacy decision-making, we explain how AI creates privacy benefits but also poses challenges. Future research is needed across privacy decision-making, but also more generally at the intersection of privacy and AI, to help foster an ethical, sustainable society.

Raihan Khan,Sayak Sarkar,Sainik Kumar Mahata,Edwin Jose

2024-10-16

Abstract:This research paper explores the privacy and security threats posed to an Agentic AI system with direct access to database systems. Such access introduces significant risks, including unauthorized retrieval of sensitive information, potential exploitation of system vulnerabilities, and misuse of personal or confidential data. The complexity of AI systems combined with their ability to process and analyze large volumes of data increases the chances of data leaks or breaches, which could occur unintentionally or through adversarial manipulation. Furthermore, as AI agents evolve with greater autonomy, their capacity to bypass or exploit security measures becomes a growing concern, heightening the need to address these critical vulnerabilities in agentic systems.

Cryptography and Security,Multiagent Systems

Tingting Bi,Guangsheng Yu,Qin Wang

2024-12-10

Abstract:AI and its relevant technologies, including machine learning, deep learning, chatbots, virtual assistants, and others, are currently undergoing a profound transformation of development and organizational processes within companies. Foundation models present both significant challenges and incredible opportunities. In this context, ensuring the quality attributes of foundation model-based systems is of paramount importance, and with a particular focus on the challenging issue of privacy due to the sensitive nature of the data and information involved. However, there is currently a lack of consensus regarding the comprehensive scope of both technical and non-technical issues that the privacy evaluation process should encompass. Additionally, there is uncertainty about which existing methods are best suited to effectively address these privacy concerns. In response to this challenge, this paper introduces a novel conceptual framework that integrates various responsible AI patterns from multiple perspectives, with the specific aim of safeguarding privacy.

Cryptography and Security

Lan Huang

DOI: https://doi.org/10.15354/sief.23.re202

2023-06-30

Science Insights Education Frontiers

Abstract:Rapid advances in artificial intelligence (AI) technology are profoundly altering human societies and lifestyles. Individuals face a variety of information security threats while enjoying the conveniences and customized services made possible by AI. The widespread use of AI in education has prompted widespread public concern regarding AI ethics in this field. The protection of pupil data privacy is an urgent matter that must be addressed. On the basis of a review of extant interpretations of AI ethics and student data privacy, this article examines the ethical risks posed by AI technology to student personal information and provides recommendations for addressing concerns regarding student data security.

English Else

Ricardo Morla

DOI: https://doi.org/10.48550/arXiv.1912.06817

2019-12-14

Cryptography and Security

Abstract:With the turmoil in cybersecurity and the mind-blowing advances in AI, it is only natural that cybersecurity practitioners consider further employing learning techniques to help secure their organizations and improve the efficiency of their security operation centers. But with great fears come great opportunities for both the good and the evil, and a myriad of bad deals. This paper discusses ten issues in cybersecurity that hopefully will make it easier for practitioners to ask detailed questions about what they want from an AI system in their cybersecurity operations. We draw on the state of the art to provide factual arguments for a discussion on well-established AI in cybersecurity issues, including the current scope of AI and its application to cybersecurity, the impact of privacy concerns on the cybersecurity data that can be collected and shared externally to the organization, how an AI decision can be explained to the person running the operations center, and the implications of the adversarial nature of cybersecurity in the learning techniques. We then discuss the use of AI by attackers on a level playing field including several issues in an AI battlefield, and an AI perspective on the old cat-and-mouse game including how the adversary may assess your AI power.