The use of AI-powered tools has increased exponentially, and both Cyber Security professionals and Cyber Criminals are in a constant battle leveraging Artificial Technology. Just like with everything good that technology produces, threat actors keep finding ways to misuse them to carry out their criminal intentions.
The AI model itself is not exempted from malicious exploit. IBM defines a Model as the output of an algorithm that has been applied to a dataset. An AI model is a program that has been trained on a set of data to recognize certain patterns or make certain decisions without further human intervention.
In this article, we will explore how Threat Actors attack an AI Model
Poisoning Attack
In this attack, the training data set that is used for the model is being attacked. False data no matter how insignificant it may seem can render a whole training set erroneous once inserted into the training set. Threat actors can poison a model and corrupt the learning process which will produce false or misleading results.
Prompt Injection Attack
Prompts are inputs or queries made to an AI to which a result is given. Simply like how you make use of ChatGPT. Prompt Injection attacks involve intentionally querying a model with certain prompts that can cause it to generate false, biased, dangerous results which it was trained not to do. This attack could also trick a tool into providing private or dangerous information which threat actors can use cause damage.
There are various types of prompt attacks such as prompt leaking, jailbreaking, etc
Evasion Attack
Evasion attacks are caused by manipulating input data during the testing phase to cause commotion and fool the AI model into producing inaccurate results. The difference between Poisoning attack and Evasion attack is that poisoning is done using training data while evasion is with testing data. An adversarial example is fed into the system which causes commotion in the model.
Infection Attack
AI models are also prone to malware infection and can create backdoors that can be exploited. Threat actors can infect the supply chain for AI Models and create vulnerabilities in the model. When an organization that is unable to develop its model purchases these open-source models, they are at risk of acquiring an infected model. This can render their AI system vulnerable to attacks.
IBM shares more information about how threat actors can attack an AI model.
Artificial Intelligence: The new attack surface by IBM Technology
The possibility that an Artificial Intelligent model can be attacked in many ways, there are increasing concerns and worries about the credibility of AI-powered tools/software. As always, Cyber Security has to be considered at every stage of a technological process and appropriate defense tactics be put in place to curb the threat.