AI and Cybersecurity: Guard Against ‘Poisoning’ Attacks
Bad actors could corrupt the data used to train the AI model - with disastrous results
At a Glance
- A type of cyber attack called 'poisoning attacks' corrupts the data used to train the AI model.
- For example, bad actors can 'poison' AI systems but adding bad data to news aggregation sites and social media platforms.
- A solution is to always use data for training from the original source.
AI systems are vulnerable to bad actors infusing them with bad data, a technique known as ‘poisoning attacks,’ according to the co-author of a new U.S. government study.
The National Institute of Standards and Technology study analyzed cyber threats to AI systems amid rising concerns over the safety and reliability of generative AI as the 2024 election cycle heats up.
“Most of these attacks are fairly easy to mount and require minimum knowledge of the AI system and limited adversarial capabilities,” said study co-author Alina Oprea, who is a Northeastern University professor. “Poisoning attacks, for example, can be mounted by controlling a few dozen training samples, which would be a very small percentage of the entire training set.”
By poisoning AI systems used in news aggregation or social media platforms, adversaries could spread misinformation or propaganda more effectively,” Eyal Benishti, the CEO of the cybersecurity company Ironscales, who was not involved in the report, said in an interview.