The Vulnerability of AI Systems to Adversarial Attacks
Artificial intelligence tools are used everywhere, from autonomous vehicles to medical imaging. However, a recent study found that AI tools are more at risk than previously thought to targeted attacks that force them to make bad decisions.
Adversarial attacks involve manipulating the data fed into an AI system to confuse it. For instance, a specific type of sticker placed on a stop sign would render it invisible to an AI system. A hacker could even alter X-ray images to cause an AI system to make wrong diagnoses.
This study focused on determining how common these vulnerabilities are in AI deep neural networks and found that they are more prevalent than thought. The researchers developed a software, QuadAttack, to test these vulnerabilities.
In their tests, they found that popular deep neural networks are very vulnerable to these types of attacks. They have made QuadAttack publicly available for the research community to use. The next step is to focus on minimizing these vulnerabilities, and potential solutions are forthcoming.
The paper on this research will be presented at the Thirty-seventh Conference on Neural Information Processing Systems (NeurIPS 2023) in New Orleans, Louisiana.
Overall, the study revealed the vulnerabilities of AI systems to targeted attacks and provides potential solutions for minimizing these risks in the future.