Fighting Fire With Fire: Why AI Is the Best Security Defense for Your AI System
Breakthroughs such as deep learning for visual recognition and natural language processing underpin much of the excitement in artificial intelligence (AI) today. However, like all new innovative technologies, AI comes with its share of security concerns. It is always the way: While breakthrough technologies can revolutionize business and the way we work, they have to be handled carefully to avoid errors, misuse or worse.
Thankfully, that very same technology could hold the key to making AI more robust.
A Double-Edge Sword: Why AI’s Biggest Strength Is Also Its Biggest Risk
Remember that any kind of software system has its security concerns – it is not just AI. However, AI has two unique properties that make security more pressing.
The first is its power. AI systems are typically built to increase human productivity – they are much more efficient than humans, especially at performing repetitive tasks. So, if malicious actors were to take control of such a system, their productivity would also greatly increase. This is a double-edged sword – AI’s immense power is its biggest strength, but this also makes it more dangerous if it falls into the wrong hands.
This danger is magnified as AI becomes more common. In the future, AI systems will become widespread across all kinds of industries. If those tools become controlled by malicious people, that could potentially be a big problem.
The second property is AI’s reliance on data. Most AI systems are data-driven – they need data in order to reach their decisions. That means malicious actors don’t need to take control of an AI system in order to compromise it – they can just manipulate the data instead. If they pollute, alter or compromise the data source, the AI system will become much less effective. So it is not just the AI system that needs protecting, but the source data too.
A New Era of Security Threats: Two Types of Attack
So how do malicious actors manipulate the data to attack AI systems? Broadly speaking, there are two types of attack: black box and white box.
In a black box attack, the attacker has no idea what is inside the AI system. That means they need to collect data on it. They need to observe approximately 1,000 examples of the input and output relationship, and depending on this data, they can speculate on what is inside the system and use that to craft an attack. The more data they collect from your AI system, the more likely it is that the attack will be successful. A black box attack is more likely for a system that has been running longer, because the attacker has more examples from which to choose.
In a white box attack, the attacker already knows what is inside including the system architecture, the parameters and so on. They use this knowledge to change the data just enough to throw the system off. This has a much higher rate of success than a black box attack. However, it isn’t easy either, as it requires the attacker to compromise the system in order to fully understand how it works. Only then they can start manipulating the data. You might think it is a little counterintuitive: Once you have hacked into a system, why not just control it directly? That is because a white box attack allows for sustained and long-term malicious use, which can prove more damaging in the long run.
Hackers can also hack a system very quickly and then copy it in its entirety. They won’t control it directly, but they have an identical version they can use themselves. Then they can still craft a white box attack.
AI to the Rescue
This all sounds very negative, but there is a silver lining to this particular cloud: AI itself can help protect AI systems from attack.
By studying past attacks using machine learning, you can predict how the system changes its behavior when an attack is imminent. You then create a model that will warn you or shut down the system when certain warning triggers are detected. It is much more efficient than humans looking out for these warning signs. You just need to collect sufficient training data.
The problem is, new types of attacks are always being created. In this instance, the machine learning approach won’t work, because the system won’t know what to look out for. However, this could soon change. Research is under way on how to train AI to probe your system to see where the vulnerabilities lie. This is a much more proactive approach than recording training data and teaching the system what to look out for.
Currently, a human will define the AI’s action space in order for it to test for vulnerabilities. It is much harder to do that than just collecting training data – that action space can be pretty large, which complicates things significantly. However, in the future this could be fully automated using AI. Then you have all the advantages of AI – like greater efficiency and productivity – with only a minimal increase in cost.
When people think about the dangers associated with AI, they think about movies like The Terminator. Well, don’t worry – we are a long way from that, and AI’s considerable benefits far outweigh the risks.
People and businesses using AI just need to be aware of the security concerns. Like all software, it is good practice to always keep your AI system up to date in order to fix any potential vulnerabilities. You should also be testing your system’s vulnerabilities to see how much data has to be altered in order for the system to fail. Ideally, you want your system to be able to detect any possible change to the data so you can proactively shut it down or switch to a back-up system.
As computer systems become more complicated, it becomes harder for humans to find security vulnerabilities within them. The best human hacker in the world can’t hack a very complex system, but that doesn’t mean the system is flawless. Instead, we should leverage AI to actively probe for vulnerabilities and in turn create more robust systems that better serve our needs.
WE ARE HERE TO HELP
YOU MIGHT ALSO LIKE
In the world of publishing, times are tough. In Asia Pacific, advertising is dominated by online search and social media platforms (accounting for 92 cents of every dollar spent) – so is it any wonder that digital publishers are increasingly turning to subscriptions for more revenue? However, there is a way to stem the tide. As a digital publisher, you are sitting on a treasure trove of customer data that can be made to work for you, especially when combined with external data to provide you with holistic insight on customer behavior. It helps with more effective ad placement for a higher return on advertising spend (ROAS) while also providing a granular view of your customers’ interests and behaviors in order to drive subscriptions. Used correctly, artificial intelligence (AI) can help in both areas, breathing new life into the digital publishing business and making your publication a brand readers and advertisers alike will keep coming back to. Journeying Towards Personalized Content to Drive Subscriptions Subscriptions are increasingly important for digital publishers. According to a recent study ‘Journalism, Media, and Technology Trends and Predictions 2019’, subscriptions will be the main revenue focus for 52 percent of publishers. Used correctly, AI can
Precision marketing has been around for a while as an exercise in hyper relevance. Now, with advanced technologies such as machine learning, it opens a new avenue of possibilities for marketers to reach and engage their customers. It is data-driven, empowering marketers to make evidence-based decisions, and also makes it easier to retain, cross-sell and upsell existing customers. Just What Is It, Precisely? Defining Precision Marketing It is a maxim of marketing that it is far more cost effective to retain your existing customers than to gain new ones. In fact, it costs five times as much to attract new customers than it does to keep your existing ones. So, it is in every business’ interests to engender loyalty within their existing customer base. Precision marketing can help. Instead of focusing on attracting new customers, like most forms of marketing, precision marketing is about making the most of the customers you have. It aims to make your customers more loyal, hence driving more conversions. It is less about eye-catching adverts, and more about creating hyper-personalized content and deals that appeal to existing customers. In order to do this, you need to segment your audience into smaller, more specific segments with
Every consumer is different. They have their own interests, preferences and concerns. Sending the same message to every one of your customers and prospects is unlikely to win their hearts. Instead, it will only see your efforts quickly ignored and leave a sour taste in their minds. For marketing to be effective in any industry, you need to find a way to speak to your audience on a personal level, and using personalized techniques backed by artificial intelligence (AI) is the way to go. Marketers’ Missing Opportunities for Personalization It is now a common practice to use marketing automation tools to reach a wider audience, but the most obvious mistake that marketers tend to make is simply ignoring the option of personalization. By monitoring how users interact with your site, you can get very clear signals of what they are looking for, which device they use and at what time of the day. Failing to engage them with personalized messages means you are missing out on a hot lead. Other marketers begin personalization first interacting with the audience, but stop short of tailoring messages to the individual throughout the customer journey across devices. For instance, a visitor looked at a