《人工智能安全揭秘.pdf》由会员分享,可在线阅读,更多相关《人工智能安全揭秘.pdf(20页珍藏版)》请在三个皮匠报告上搜索。
1、/SOFTWARE IMPROVEMENT GROUP LINKEDIN.COM/IN/ROBVANDERVEER/AI security demystifiedRob van der VeerMay 14 2025SANS Emerging Threats Summit/SOFTWARE IMPROVEMENT GROUP LINKEDIN.COM/IN/ROBVANDERVEER/Security professionals,what is our most important goal for AI?ResponsibleTrustworthyAI writes secure codeF
2、airSafeBiasedDiscriminatingAI verifies securitySkewedGeneralizingTransprarentExplainableSecure AI systemPrivacy-preservingLawfulEthicalHarmfulAI defendsPerformantRobustFundamental rightsHallucinatingAI attacksStaleAccurate2/SOFTWARE IMPROVEMENT GROUP LINKEDIN.COM/IN/ROBVANDERVEER/What is special abo
3、ut AI security?3Application&infrastructureInputOutputAIModelAI engineeringStandardengineeringAugmentation dataTraining dataDevelopment-timeRuntime/SOFTWARE IMPROVEMENT GROUP LINKEDIN.COM/IN/ROBVANDERVEER/The six special things about AI securityApplication&infrastructureInputOutputAIModelAI engineeri
4、ng4Poisoning attacks:Alter data(train/model/augmentation)-changes behaviour.Standardengineering1Augmentation dataConventionalattack vectorsTraining data/SOFTWARE IMPROVEMENT GROUP LINKEDIN.COM/IN/ROBVANDERVEER/FriendlyFriendlyFriendlyFriendlyFriendlyFriendlyEnemyEnemyEnemyEnemyEnemyEnemyTrain setMod
5、elFriendly or Enemy?Data poisoning5/SOFTWARE IMPROVEMENT GROUP LINKEDIN.COM/IN/ROBVANDERVEER/EnemyEnemyFriendlyFriendlyFriendlyFriendlyEnemyEnemyEnemyEnemyEnemyEnemyTrain setModelFriendly or Enemy?Data poisoning6/SOFTWARE IMPROVEMENT GROUP LINKEDIN.COM/IN/ROBVANDERVEER/The six special things about A
6、I securityApplication&infrastructureInputOutputAIModelTraining dataAI engineering7Poisoning attacks:Alter data(train/model/augmentation)-changes behaviour.Model stealing attacks:-makes input attacks easierStandardengineering12Augmentation data/SOFTWARE IMPROVEMENT GROUP LINKEDIN.COM/IN/ROBVANDERVEER