14 July, 2023

Sailing into the Unique Security Risks of AI Systems Part 1

Sailing into the Unique Security Risks of AI Systems Part 1
Cory Sabol
Author: Cory Sabol

As we venture further into the vast ocean of Artificial Intelligence (AI) - employing it to automate tasks, solve complex problems, and make predictions - we face an unfamiliar sea full of unique security risks. This vast sea of advanced technologies, intricate models, and data islands provides ample opportunities for attackers to exploit. Here, we introduce the beacon to guide our journey: the MITRE Adversarial Tactics, Techniques & Common Knowledge for Learning Systems (ATLAS) framework - our compass in these uncharted waters. You can view the MITRE ATLAS framework by navigating to the following page.

Unique Risks of AI: Navigating Stormy Seas


To plot our course, we first need to understand what makes the AI seas so treacherous. Traditional security measures are designed to protect the sturdy ships of infrastructure, network, and data integrity. However, AI technology represents a new kind of vessel that requires a different approach to security.

AI systems are unique targets for attacks. Traditional cyber attacks typically aim to exploit holes in software code or network design, while attacks on AI systems are more akin to steering the vessel off course. For instance, a malicious actor might aim to trick an AI system into making incorrect predictions or decisions - a form of attack known as adversarial manipulation.

Furthermore, AI systems depend heavily on the integrity of their data. They're trained on vast islands of data, and their accuracy and reliability depend on the quality and validity of this data. Consequently, attacks that seek to corrupt these data - often called poisoning attacks - pose a significant risk. 

These examples provide a glimpse of the looming icebergs in the vast ocean of AI systems. The rapidly evolving field of AI technology continues to churn up new waves of attack vectors, necessitating a dynamic, adaptable approach to security.


Setting Sail with MITRE ATLAS

To successfully navigate the high seas of AI security, we utilize the MITRE ATLAS framework. ATLAS provides a comprehensive map of the adversarial tactics and techniques that can be employed against AI systems. It highlights potential threats, helping organizations chart a course that ensures security.

ATLAS offers a shared language for understanding, discussing, and managing AI vulnerabilities. It illuminates the potential manipulations that AI systems may be subjected to, enabling the development of effective strategies for mitigating risk. The framework doesn't just focus on the AI vessel itself but also includes its wider operational seascape, including the data it's trained on, the systems it interfaces with, and the human sailors it interacts with.

While the ATLAS framework isn't a magic compass that points directly to safe harbors, it offers invaluable guidance for navigating these uncertain waters, helping organizations understand the threats they face and map their journey towards more secure AI implementations.

As we voyage further into this series, we will dive deeper into the ATLAS framework, breaking down its components and examining its role in shaping comprehensive AI security strategies.

Set sail with us on our next post, where we'll examine the finer details of the ATLAS framework and how they aid in mitigating the unique risks associated with AI. Together, we'll chart a course through the stormy seas of AI security, learning to adapt and secure our systems against ever-evolving adversarial tactics.

Join the professionally evil newsletter