The report also highlights the issue of untrustworthy data, which can be corrupted by bad actors during an AI system’s training period and afterward. This can lead to undesirable behavior in AI systems, such as chatbots responding with abusive language. The authors stress the need for better defenses and encourage the community to develop them, acknowledging that securing AI algorithms is a complex problem that has not yet been fully solved.
Key takeaways:
- AI systems can be deliberately confused or 'poisoned' by adversaries to make them malfunction, with no foolproof defense currently available, according to a new publication by NIST.
- The publication, titled 'Adversarial Machine Learning: A Taxonomy and Terminology of Attacks and Mitigations', outlines the types of attacks AI systems might face and suggests approaches to mitigate them.
- The report identifies four major types of attacks on AI systems: evasion, poisoning, privacy, and abuse attacks, each with different goals, capabilities, and knowledge requirements.
- Despite significant progress in AI and machine learning, these technologies are vulnerable to attacks that can cause significant failures, and there are theoretical problems with securing AI algorithms that have not yet been solved.