Event Title: Abuses and Misuses of AI: Prevention vs. Reaction
Date: Friday, July 24, 1:00 PM ET/10:00 AM PT
Duration: 1 hr
Speaker:
Cristian Canton, Facebook AI Red Team
READOUT: Since 2014, publications of adversarial DNN attack papers, increased from near 0, to 2,000 in six years. When thinking about AI adversarial attacks it requires a complete shift from what people traditionally think about as a "computer-mediated attack using AI. (See below)."
Ai attacks can be about thwarting the identification of objectionable content, or the reverse - making acceptable content objectional. Also, attacks on vision systems can force unfavorable re-interpretations of existing commonly accepted signage to its opposite (e.g. black and white tape patterns on stop signs being interpreted as "maximum speed 60 MPH").
With traditional pen testing all targets are physical (doors, locks) or digital (computing). With the added dimension of AI, machine learning models are now targets and physical targets include signage and images. Additionally, AI can target biases in data sets, and amplify biases, or poison images so that they are not recognizable for what they are. Last, but emerging< is the synthetic fake and deep fakes which is a form of AI hacking.
For further context (throw back to 2017 - during the hype phases, but before the second 'AI boom' happening now)
Bishop Fox Introduces the Hacking AI "DeepHack" at DEF CON 25
https://www.prnewswire.com/news-releases/bishop-fox-introduces-the-hacking-ai-deephack-at-def-con-25-300496633.htmlDan "AltF4" Petro and
Ben Morris presented DeepHack to the world at their DEF CON 25 talk, "
Weaponizing Machine Learning: Humanity Was Overrated Anyway," on
July 30, 2017 in
Las Vegas. (
URL). During the demo the AI they put to use came up with its own SQL injection not previously known (
URL).
------------------------------
Mark Yanalitis
------------------------------