Threats and Challenges for AI/ML Based Solutions (A22c)
AI/ML based solutions provide machines with intelligence where these solutions have the ability to process input from big data sets and provide outcomes. This is basically a prediction based on the history and data model in use within the solution. As well as various implementations in different domains AI/ML based solutions are in use in cybersecurity mainly because of their capability to analyze millions of events and identify significant threats or anomalies or any defined security objectives. However these AI/ML based solutions have that capability with their pretrained data models and using a well-known data model, which is actually very common, can create an unfamiliar attack type for security engineers.
“T.AI MODEL DECEPTION: An attacker can decieve a task-specific ML model in order to change the behaviour of the solutions including the critical security functionality” will be a new type of threat where we faced right after these AI/ML based solutions will be widely used and the CC community including all relevant shareholders should define the possible security objectives and security functionalities in order to cover this threat.
In this presentation, potential objectives and function definitions will be discussed mainly for security products with AI/ML but also since the nature of the attack also entails to the AI/ML based solutions in other domains commonly used solutions will be under discussion for being prepared for next generation threats and evaluation issues.