Sahil Girhepuje,Aviral Verma,Gaurav Raina

2024-09-27

Abstract:Artificial Intelligence (AI) has witnessed major growth and integration across various domains. As AI systems become increasingly prevalent, they also become targets for threat actors to manipulate their functionality for malicious purposes. This survey paper on offensive AI will comprehensively cover various aspects related to attacks against and using AI systems. It will delve into the impact of offensive AI practices on different domains, including consumer, enterprise, and public digital infrastructure. The paper will explore adversarial machine learning, attacks against AI models, infrastructure, and interfaces, along with offensive techniques like information gathering, social engineering, and weaponized AI. Additionally, it will discuss the consequences and implications of offensive AI, presenting case studies, insights, and avenues for further research.

Cryptography and Security,Artificial Intelligence

Bibhu Dash,Meraj Farheen Ansari,Pawankumar Sharma,Azad Ali

DOI: https://doi.org/10.5121/ijsea.2022.13502

2022-09-30

International Journal of Software Engineering & Applications

Abstract:Internet usage has increased quickly, particularly in the previous decade. With the widespread use of the internet, cybercrime is growing at an alarming rate in our daily lives. However, with the growth of artificial intelligence (AI), businesses are concentrating more on preventing cybercrime. AI is becoming an essential component of every business, affecting individuals worldwide. Cybercrime is one of the most prominent domains where AI has begun demonstrating valuable inputs. As a result, AI is being deployed as the first line of defense in most firms' systems. Because AI can detect new assaults faster than humans, it is the best alternative for constructing better protection against cybercrime. AI technologies also offer more significant potential in the development of such technology. This paper discusses recent cyber intrusions and how the AI-enabled industry is preparing to defend itself in the long run.

REN Kui,MENG Quanrun,YAN Shoukun,QIN Zhan

DOI: https://doi.org/10.11959/j.issn.2096-109x.2021001

2021-01-01

Abstract:Artificial intelligence and deep learning algorithms are developing rapidly. These emerging techniques have been widely used in audio and video recognition, natural language processing and other fields. However, in recent years, researchers have found that there are many security risks in the current mainstream artificial intelligence model, and these problems will limit the development of AI. Therefore, the data security and privacy protection was studied in AI. For data and privacy leakage, the model output based and model update based problem of data leakage were studied. In the model output based problem of data leakage, the principles and research status of model extraction attack, model inversion attack and membership inference attack were discussed. In the model update based problem of data leakage, how attackers steal private data in the process of distributed training was discussed. For data and privacy protection, three kinds of defense methods, namely model structure defense, information confusion defense and query control defense were studied. In summarize, the theoretical foundations, classic algorithms of data inference attack techniques were introduced. A few research efforts on the defense techniques were described in order to provoke further research efforts in this critical area.

Ayodeji Oseni,Nour Moustafa,Helge Janicke,Peng Liu,Zahir Tari,Athanasios Vasilakos

DOI: https://doi.org/10.48550/arXiv.2102.04661

2021-02-09

Cryptography and Security

Abstract:The increased adoption of Artificial Intelligence (AI) presents an opportunity to solve many socio-economic and environmental challenges; however, this cannot happen without securing AI-enabled technologies. In recent years, most AI models are vulnerable to advanced and sophisticated hacking techniques. This challenge has motivated concerted research efforts into adversarial AI, with the aim of developing robust machine and deep learning models that are resilient to different types of adversarial scenarios. In this paper, we present a holistic cyber security review that demonstrates adversarial attacks against AI applications, including aspects such as adversarial knowledge and capabilities, as well as existing methods for generating adversarial examples and existing cyber defence models. We explain mathematical AI models, especially new variants of reinforcement and federated learning, to demonstrate how attack vectors would exploit vulnerabilities of AI models. We also propose a systematic framework for demonstrating attack techniques against AI applications and reviewed several cyber defences that would protect AI applications against those attacks. We also highlight the importance of understanding the adversarial goals and their capabilities, especially the recent attacks against industry applications, to develop adaptive defences that assess to secure AI applications. Finally, we describe the main challenges and future research directions in the domain of security and privacy of AI technologies.

Alka Luqman,Riya Mahesh,Anupam Chattopadhyay

2024-01-31

Abstract:This paper details the privacy and security landscape in today's cloud ecosystem and identifies that there is a gap in addressing the risks introduced by machine learning models. As machine learning algorithms continue to evolve and find applications across diverse domains, the need to categorize and quantify privacy and security risks becomes increasingly critical. With the emerging trend of AI-as-a-Service (AIaaS), machine learned AI models (or ML models) are deployed on the cloud by model providers and used by model consumers. We first survey the AIaaS landscape to document the various kinds of liabilities that ML models, especially Deep Neural Networks pose and then introduce a taxonomy to bridge this gap by holistically examining the risks that creators and consumers of ML models are exposed to and their known defences till date. Such a structured approach will be beneficial for ML model providers to create robust solutions. Likewise, ML model consumers will find it valuable to evaluate such solutions and understand the implications of their engagement with such services. The proposed taxonomies provide a foundational basis for solutions in private, secure and robust ML, paving the way for more transparent and resilient AI systems.

Cryptography and Security,Artificial Intelligence,Machine Learning

Yazan Alaya Al-Khassawneh

DOI: https://doi.org/10.17509/ijost.v8i1.52709

2022-09-20

Indonesian Journal of Science and Technology

Abstract:Artificial intelligence has the potential to address many societal, economic, and environmental challenges, but only if AI-enabled gadgets are kept secure. Many artificial intelligence (AI) models produced in recent years can be hacked by utilizing cutting-edge techniques. This issue has sparked intense research into adversarial AI to develop machine and deep learning models that can withstand various types of attacks. We provide a detailed summary of artificial intelligence in this paper to prove how adversarial attacks against AI applications can be mounted, covering topics such as confrontational knowledge and capabilities, existing methods for actually producing adversarial examples, and existing cyber defense models. In addition, we investigated numerous cyber countermeasures that could defend AI applications against these attacks and offered a systematic approach for demonstrating war strategies against machine learning and artificial intelligence. To safeguard AI applications, we emphasize the importance of understanding the intentions and methods of possible attackers. In the end, we list the biggest problems and most interesting research areas in the field of AI privacy and security.

Raihan Khan,Sayak Sarkar,Sainik Kumar Mahata,Edwin Jose

2024-10-16

Abstract:This research paper explores the privacy and security threats posed to an Agentic AI system with direct access to database systems. Such access introduces significant risks, including unauthorized retrieval of sensitive information, potential exploitation of system vulnerabilities, and misuse of personal or confidential data. The complexity of AI systems combined with their ability to process and analyze large volumes of data increases the chances of data leaks or breaches, which could occur unintentionally or through adversarial manipulation. Furthermore, as AI agents evolve with greater autonomy, their capacity to bypass or exploit security measures becomes a growing concern, heightening the need to address these critical vulnerabilities in agentic systems.

Cryptography and Security,Multiagent Systems

Yupeng Hu,Wenxin Kuang,Zheng Qin,Kenli Li,Jiliang Zhang,Yansong Gao,Wenjia Li,Keqin Li

DOI: https://doi.org/10.1145/3487890

IF: 16.6

2023-01-31

ACM Computing Surveys

Abstract:In recent years, with rapid technological advancement in both computing hardware and algorithm, Artificial Intelligence (AI) has demonstrated significant advantage over human being in a wide range of fields, such as image recognition, education, autonomous vehicles, finance, and medical diagnosis. However, AI-based systems are generally vulnerable to various security threats throughout the whole process, ranging from the initial data collection and preparation to the training, inference, and final deployment. In an AI-based system, the data collection and pre-processing phase are vulnerable to sensor spoofing attacks and scaling attacks, respectively, while the training and inference phases of the model are subject to poisoning attacks and adversarial attacks, respectively. To address these severe security threats against the AI-based systems, in this article, we review the challenges and recent research advances for security issues in AI, so as to depict an overall blueprint for AI security. More specifically, we first take the lifecycle of an AI-based system as a guide to introduce the security threats that emerge at each stage, which is followed by a detailed summary for corresponding countermeasures. Finally, some of the future challenges and opportunities for the security issues in AI will also be discussed.

computer science, theory & methods

Subash Neupane,Shaswata Mitra,Ivan A. Fernandez,Swayamjit Saha,Sudip Mittal,Jingdao Chen,Nisha Pillai,Shahram Rahimi

DOI: https://doi.org/10.1109/access.2024.3363657

IF: 3.9

2024-02-16

IEEE Access

Abstract:Robotics and Artificial Intelligence (AI) have been inextricably intertwined since their inception. Today, AI-Robotics systems have become an integral part of our daily lives, from robotic vacuum cleaners to semi-autonomous cars. These systems are built upon three fundamental architectural elements: perception, navigation and planning, and control. However, while the integration of AI in Robotics systems has enhanced the quality of our lives, it has also presented a serious problem - these systems are vulnerable to security attacks. The physical components, algorithms, and data that makeup AI-Robotics systems can be exploited by malicious actors, potentially leading to dire consequences. Motivated by the need to address the security concerns in AI-Robotics systems, this paper presents a comprehensive survey and taxonomy across three dimensions: attack surfaces, ethical and legal concerns, and Human-Robot Interaction (HRI) security. Our goal is to provide readers, developers and other stakeholders with a holistic understanding of these areas to enhance the overall AI-Robotics system security. We begin by identifying potential attack surfaces and provide mitigating defensive strategies. We then delve into ethical issues, such as dependency and psychological impact, as well as the legal concerns regarding accountability for these systems. Besides, emerging trends such as HRI are discussed, considering privacy, integrity, safety, trustworthiness, and explainability concerns. Finally, we present our vision for future research directions in this dynamic and promising field.

computer science, information systems,telecommunications,engineering, electrical & electronic

Zehang Deng,Yongjian Guo,Changzhou Han,Wanlun Ma,Junwu Xiong,Sheng Wen,Yang Xiang

2024-09-06

Abstract:An Artificial Intelligence (AI) agent is a software entity that autonomously performs tasks or makes decisions based on pre-defined objectives and data inputs. AI agents, capable of perceiving user inputs, reasoning and planning tasks, and executing actions, have seen remarkable advancements in algorithm development and task performance. However, the security challenges they pose remain under-explored and unresolved. This survey delves into the emerging security threats faced by AI agents, categorizing them into four critical knowledge gaps: unpredictability of multi-step user inputs, complexity in internal executions, variability of operational environments, and interactions with untrusted external entities. By systematically reviewing these threats, this paper highlights both the progress made and the existing limitations in safeguarding AI agents. The insights provided aim to inspire further research into addressing the security threats associated with AI agents, thereby fostering the development of more robust and secure AI agent applications.

Cryptography and Security,Artificial Intelligence

Yuanhaur Chang,Han Liu,Evin Jaff,Chenyang Lu,Ning Zhang

2024-09-12

Abstract:The integration of technology and healthcare has ushered in a new era where software systems, powered by artificial intelligence and machine learning, have become essential components of medical products and services. While these advancements hold great promise for enhancing patient care and healthcare delivery efficiency, they also expose sensitive medical data and system integrity to potential cyberattacks. This paper explores the security and privacy threats posed by AI/ML applications in healthcare. Through a thorough examination of existing research across a range of medical domains, we have identified significant gaps in understanding the adversarial attacks targeting medical AI systems. By outlining specific adversarial threat models for medical settings and identifying vulnerable application domains, we lay the groundwork for future research that investigates the security and resilience of AI-driven medical systems. Through our analysis of different threat models and feasibility studies on adversarial attacks in different medical domains, we provide compelling insights into the pressing need for cybersecurity research in the rapidly evolving field of AI healthcare technology.

Cryptography and Security,Artificial Intelligence,Machine Learning

Mamoona Humayun,Noshina Tariq,Majed Alfayad,Muhammad Zakwan,Ghadah Alwakid,Mohammed Assiri

DOI: https://doi.org/10.1109/access.2024.3365634

IF: 3.9

2024-02-23

IEEE Access

Abstract:The Internet of Things (IoT) has revolutionized various domains, enabling interconnected devices to communicate and exchange data. The integration of Artificial Intelligence (AI) in IoT systems further enhances their capabilities and potential benefits. Unfortunately, in the era of AI, ensuring the privacy and security of the IoT faces novel and specific challenges. IoT security is imperative, necessitating comprehensive strategies, including comprehension of IoT security challenges, implementation of AI methodologies, adoption of resilient security frameworks, and handling of privacy and ethical concerns to construct dependable and secure IoT systems. It is vital to note that the term 'security' encompasses a more comprehensive view than cyberattacks alone. Therefore, with an emphasis on securing against cyberattacks, this comprehensive survey also includes physical security threats on the IoT. It investigates the complexities and solutions for IoT systems, placing particular emphasis on AI-based security techniques. The paper undertakes a categorization of the challenges associated with ensuring IoT security, investigates the utilization of AI in IoT security, presents security frameworks and strategies, underscores privacy and ethical considerations, and provides insights derived from practical case studies. Furthermore, the survey sheds light on emerging trends concerning IoT security in the AI era. This survey provides significant contributions to the understanding of establishing dependable and secure IoT systems through an exhaustive examination of the present condition of IoT security and the ramifications of AI on it.

computer science, information systems,telecommunications,engineering, electrical & electronic

Ivan A. Fernandez,Subash Neupane,Trisha Chakraborty,Shaswata Mitra,Sudip Mittal,Nisha Pillai,Jingdao Chen,Shahram Rahimi

2024-06-27

Abstract:Industry 4.0 has witnessed the rise of complex robots fueled by the integration of Artificial Intelligence/Machine Learning (AI/ML) and Digital Twin (DT) technologies. While these technologies offer numerous benefits, they also introduce potential privacy and security risks. This paper surveys privacy attacks targeting robots enabled by AI and DT models. Exfiltration and data leakage of ML models are discussed in addition to the potential extraction of models derived from first-principles (e.g., physics-based). We also discuss design considerations with DT-integrated robotics touching on the impact of ML model training, responsible AI and DT safeguards, data governance and ethical considerations on the effectiveness of these attacks. We advocate for a trusted autonomy approach, emphasizing the need to combine robotics, AI, and DT technologies with robust ethical frameworks and trustworthiness principles for secure and reliable AI robotic systems.

Robotics,Artificial Intelligence

Dave Mbiazi,Meghana Bhange,Maryam Babaei,Ivaxi Sheth,Patrik Joslin Kenfack

DOI: https://doi.org/10.48550/arXiv.2311.17228

2023-11-28

Computers and Society

Abstract:The past decade has observed a great advancement in AI with deep learning-based models being deployed in diverse scenarios including safety-critical applications. As these AI systems become deeply embedded in our societal infrastructure, the repercussions of their decisions and actions have significant consequences, making the ethical implications of AI deployment highly relevant and important. The ethical concerns associated with AI are multifaceted, including challenging issues of fairness, privacy and data protection, responsibility and accountability, safety and robustness, transparency and explainability, and environmental impact. These principles together form the foundations of ethical AI considerations that concern every stakeholder in the AI system lifecycle. In light of the present ethical and future x-risk concerns, governments have shown increasing interest in establishing guidelines for the ethical deployment of AI. This work unifies the current and future ethical concerns of deploying AI into society. While we acknowledge and appreciate the technical surveys for each of the ethical principles concerned, in this paper, we aim to provide a comprehensive overview that not only addresses each principle from a technical point of view but also discusses them from a social perspective.

Hui Wu,Haiting Han,Xiao Wang,Shengli Sun

DOI: https://doi.org/10.1109/access.2020.3018170

IF: 3.9

2020-01-01

IEEE Access

Abstract:Through three development routes of authentication, communication, and computing, the Internet of Things (IoT) has become a variety of innovative integrated solutions for specific applications. However, due to the openness, extensiveness and resource constraints of IoT, each layer of the three-tier IoT architecture suffers from a variety of security threats. In this work, we systematically review the particularity and complexity of IoT security protection, and then find that Artificial Intelligence (AI) methods such as Machine Learning (ML) and Deep Learning (DL) can provide new powerful capabilities to meet the security requirements of IoT. We analyze the technical feasibility of AI in solving IoT security problems and summarize a general process of AI solutions for IoT security. For four serious IoT security threats: device authentication, Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks defense, intrusion detection and malware detection, we summarize representative AI solutions and compare the different algorithms and technologies used by various solutions. It should be noted that although AI provides many new capabilities for the security protection of IoT, it also brings new potential challenges and possible negative effects to IoT in terms of data, algorithm and architecture. In the future, how to solve these challenges can serve as potential research directions.

Dipankar Dasgupta,Zahid Akhtar,Sajib Sen

DOI: https://doi.org/10.1177/1548512920951275

2020-09-19

Abstract:Today’s world is highly network interconnected owing to the pervasiveness of small personal devices (e.g., smartphones) as well as large computing devices or services (e.g., cloud computing or online banking), and thereby each passing minute millions of data bytes are being generated, processed, exchanged, shared, and utilized to yield outcomes in specific applications. Thus, securing the data, machines (devices), and user’s privacy in cyberspace has become an utmost concern for individuals, business organizations, and national governments. In recent years, machine learning (ML) has been widely employed in cybersecurity, for example, intrusion or malware detection and biometric-based user authentication. However, ML algorithms are vulnerable to attacks both in the training and testing phases, which usually leads to remarkable performance decreases and security breaches. Comparatively, limited studies have been conducted to understand the essence and degree of the vulnerabilities of ML techniques against security threats and their defensive mechanisms. It is imperative to systematize recent works related to cybersecurity using ML to seek the attention of researchers, scientists, and engineers. Therefore, in this paper, we provide a comprehensive survey of the works that have been carried out most recently (from 2013 to 2018) on ML in cybersecurity, describing the basics of cyber-attacks and corresponding defenses, the basics of the most commonly used ML algorithms, and proposed ML and data mining schemes for cybersecurity in terms of features, dimensionality reduction, and classification/detection techniques. In this context, this article also provides an overview of adversarial ML, including the security characteristics of deep learning methods. Finally, open issues and challenges in cybersecurity are highlighted and potential future research directions are discussed.

Zixiao Kong,Jingfeng Xue,Yong Wang,Lu Huang,Zequn Niu,and Feng Li

DOI: https://doi.org/1093.18538.5bbabc95-3425-49bb-9ef9-cbb08a9594cc.1624415358

2021-06-23

Wireless Communications and Mobile Computing

Abstract:With the rapid evolution of the Internet, the application of artificial intelligence fields is more and more extensive, and the era of AI has come. At the same time, adversarial attacks in the AI field are also frequent. Therefore, the research into adversarial attack security is extremely urgent. An increasing number of researchers are working in this field. We provide a comprehensive review of the theories and methods that enable researchers to enter the field of adversarial attack. This article is according to the "Why? → What? → How?" research line for elaboration. Firstly, we explain the significance of adversarial attack. Then, we introduce the concepts, types, and hazards of adversarial attack. Finally, we review the typical attack algorithms and defense techniques in each application area. Facing the increasingly complex neural network model, this paper focuses on the fields of image, text, and malicious code and focuses on the adversarial attack classifications and methods of these three data types, so that researchers can quickly find their own type of study. At the end of this review, we also raised some discussions and open issues and compared them with other similar reviews.

computer science, information systems,telecommunications,engineering, electrical & electronic

Vimal Kumar,Juliette Mayo,Khadija Bahiss

2024-01-16

Abstract:Machine learning (ML) and artificial intelligence (AI) techniques have now become commonplace in software products and services. When threat modelling a system, it is therefore important that we consider threats unique to ML and AI techniques, in addition to threats to our software. In this paper, we present a threat model that can be used to systematically uncover threats to AI based software. The threat model consists of two main parts, a model of the software development process for AI based software and an attack taxonomy that has been developed using attacks found in adversarial AI research. We apply the threat model to two real life AI based software and discuss the process and the threats found.

Cryptography and Security

Emad Alsuwat

DOI: https://doi.org/10.1166/jno.2023.3436

2023-05-01

Journal of Nanoelectronics and Optoelectronics

Abstract:One of the primary challenges of artificial intelligence in modern computing is providing privacy and security against adversarial opponents. This survey study covers the most representative poisoning attacks against supervised ML models. The major purpose of this survey is to highlight the most essential facts on security vulnerabilities in context of ML classifiers. Data poisoning attacks entail tampering with data samples provided to method during training stage, which may lead to a drop in the correctness and accuracy during inference stage. This research gathers most significant insights as well as discoveries from most recent existing literature on this topic. Furthermore, this work discusses several defence strategies that promise to provide feasible detection as well as mitigation procedures, as well as extra robustness against malicious attacks.

engineering, electrical & electronic,nanoscience & nanotechnology,physics, applied

Yingzhe He,Guozhu Meng,Kai Chen,Xingbo Hu,Jinwen He

DOI: https://doi.org/10.1109/tse.2020.3034721

IF: 7.4

2021-01-01

IEEE Transactions on Software Engineering

Abstract:Deep learning has gained tremendous success and great popularity in the past few years. However, deep learning systems are suffering several inherent weaknesses, which can threaten the security of learning models. Deep learning's wide use further magnifies the impact and consequences. To this end, lots of research has been conducted with the purpose of exhaustively identifying intrinsic weaknesses and subsequently proposing feasible mitigation. Yet few are clear about how these weaknesses are incurred and how effective these attack approaches are in assaulting deep learning. In order to unveil the security weaknesses and aid in the development of a robust deep learning system, we undertake an investigation on attacks towards deep learning, and analyze these attacks to conclude some findings in multiple views. In particular, we focus on four types of attacks associated with security threats of deep learning: model extraction attack, model inversion attack, poisoning attack and adversarial attack. For each type of attack, we construct its essential workflow as well as adversary capabilities and attack goals. Pivot metrics are devised for comparing the attack approaches, by which we perform quantitative and qualitative analyses. From the analysis, we have identified significant and indispensable factors in an attack vector, e.g., how to reduce queries to target models, what distance should be used for measuring perturbation. We shed light on 18 findings covering these approaches' merits and demerits, success probability, deployment complexity and prospects. Moreover, we discuss other potential security weaknesses and possible mitigation which can inspire relevant research in this area.

engineering, electrical & electronic,computer science, software engineering