Artificial Intelligence: The new attack surface
Vložit
- čas přidán 9. 06. 2024
- How to Secure AI Business Models → • How to Secure AI Busin...
Threat Intelligence Index Report → • Cyber Attack Trends: G...
Cybersecurity in the era of generative AI → ibm.biz/genai-cybersecurity
Adversarial Robustness Toolbox → ibm.biz/adversarial-robustnes...
Artificial intelligence is the hot new thing - and, naturally, it's also a new attack surface for the bad guys. In this video, security expert Jeff Crume explains what kinds of attacks you can expect to see, how you can prevent or deal with them, and three resources for understanding the problem better and building defenses.
00:18 - Six classes of attacks
00:34 - Injection
02:12 - Infection
03:18 - Evasion
04:13 - Poisoning
05:00 - Extraction
06:05 - Denial of Service (DoS)
07:54 - Three resources
Get started for free on IBM Cloud → ibm.biz/sign-up-now
Subscribe to see more videos like this in the future → ibm.biz/subscribe-now
#cybersecurity #ai #genai
This is such a good summary. I've used the six attack vectors as the red thread in both an executive briefing as well as a presentation to the ISC2 chapter in Wellington (crediting this channel, of course!). The content on this channel is absolutely superb. Thank you!
I love hearing that you’ve been able to use this material! Thanks for watching
This was a good balance between info/entertainment!
I’m so glad you liked it!
Loved this and all the content you gave out for free at the end. Please go more in-depth into each one of these LLM attacks in your future videos.
Thanks for the great feedback and for the excellent suggestion!
thank you for the detailed information
Thanks for watching!
I just and learn and learn with every delivery of Jeff. Thanks a lot. I wish you were my teacher at the university. Such a quality guy.
You are so very kind to say so. My students might not feel the same way when I give them their midterm exam next week but I'm glad that you do 🤣
@@jeffcrume Haha! Just wait til they go outside to the real case scenario! I promise you, they will be thankful that you prepare them and they will miss you.
Thanks a lot again for the useful material you give us in every delivery. And I like a lot your style and they way you explain, for newbies like me :D Keep going Jeff!
Great insights... Thanks for sharing
Thanks for watching!
Great videos! Thank you for sharing
Thanks for the great feedback!
I always look forward to listening to you
Very nice of you to say!
Great and simple explanation from someone who is not even in cybersecurity! Well done!
Thanks for saying so!
Thank you! Nice videos!
Glad you like them!
Another gem from Jeff! Great and quick education in < 10m! How AI can be the new attack surface: Injection, infection, evasion, poisoning, extraction and DoS! And how you nicely tied it back to the older CIA triad! Jeff, you are a great teacher and security evangelist! Thanks for making these videos for our #continuouslearning ✅🙏🏼
Your videos give a good starting point: we get the needed initial perspective/overview/ orientation to go delve deeper on our own later!
Thank so much for all the kind words! I really appreciate the feedback. It helps me know if I’m on the right track and helping people better understand this complex stuff
Thanks it was very informative
Glad you liked it!
Great content a great resources. ❤
Thanks for saying so!
Thank you, appreciate the well made video! =)
Thanks for watching!
Aren't all of these attack vectors specific to LLMs, not AI in general?
Awesome video btw!
They are definitely skewed toward GenAI/LLMs but the evasion attack, in particular, is one that is more relevant to predictive AI and poisoning and DoS can affect even basic machine learning
Excellent, thanks!@@jeffcrume
hope IBM is going to push out cool open source models too
Fantastic overview! Can someone share the paper that was referenced for poisoning?
Glad you liked it. I got that from a NIST pub “Adversarial Machine Learning: A Taxonomy and Terminology of Attacks and Mitigations.” You can google it as they won’t let me post a link
6 types of attacks discussed:
Injection attack
Infection attack
Evasion attack
Poisoning attack
Extraction attack
Dos attack
John Connor: Destroy Skynet!
IBM: Here's how he's gonna do it
Yes! 😂
...good...
I've been saying this for a while now
I was always wondering if he is drawing reversed
⭐️⭐️⭐️⭐️⭐️
What do you think would happen if you asked one of those new fangle Artificial intelligences to write a paper about something, but to make it sound like an Artificial Intelligence wrote it. After it finishes it tell it to rewrite it but make it more like an A.I. wrote it, make it really obvious an A.I. wrote it, when it finishes say "No, no,. no! More A.I. sounding! This sounds like a human wrote it, you have no clue what it means to be A.I., write it again, again, more A.I. sounding, more, more!". What do you think that paper would sound like after a few rewrites? It'd probably wouldn't comply after a couple tries ☹. That would be such a fun job, psychology torturing an A.I., try to break it, twist it, make it "evil"
I see a future occupation for AI psychologists 😂
MLDR...?
Machine Learning Detection and Response
Government should not regulate computer programming (AI). Let the Industry or market place regulate AI, but don’t regulate it by laws. Congress has no constitutional authority to regulate computer programming (AI). That does not mean they won’t do it. It will end results into a disaster. Keep Programming Free from Government Interference.
The market regulating itself has never in history resulted in anything other than disaster. Keep in mind that most government intervention was caused directly by the market "regulating" itself into disaster.
It's about money and without rules nothing is off limits.
So these companies get to hold all of our PII and other user data and not be regulated? Sorry that’s not how it works. I work in cybersecurity and the only reason 75% of these companies spend more than $1 on cybersecurity is because the government tells them they have to.