登录查看更多内容

How can AI software systems be designed to resist adversarial examples?

由人工智能和领英社区提供技术支持

Adversarial examples are malicious inputs that can fool or manipulate AI software systems, such as image classifiers, speech recognizers, or natural language processors. They can pose serious security and ethical risks, especially for critical applications like self-driving cars, biometric authentication, or medical diagnosis. How can AI software systems be designed to resist adversarial examples? In this article, you will learn some basic concepts and techniques to make your AI software systems more robust and reliable.

此文章中的业界达人

由社区从 4 条内容中精选。了解更多

Shingai Manjengwa

AI Education & Solutions Engineering @ Theoriq AI (ChainML Labs)

1 What are adversarial examples?

Adversarial examples are inputs that are intentionally modified to cause an AI software system to produce an incorrect or undesired output. For example, adding a small amount of noise to an image of a panda can make an image classifier think it is a gibbon, or changing a few words in a sentence can alter the sentiment analysis of a natural language processor. Adversarial examples can be crafted by exploiting the vulnerabilities or limitations of the AI software system, such as its training data, its architecture, or its optimization algorithm.

添加您的观点

Sahil Pasricha

Fintech || M.Sc.(General bias in AI/XAI(eXplainable AI)) Uni Konstanz,Germany || Ex-Amdocs || Ex-Deloitte || Ethical AI Advocate || SDE 2, Fiserv
举报内容
Last time you entered a captcha code right, you helped google engine train on classifying and hence helped its algorithm train.

已翻译

赞

2 Why are adversarial examples a problem?

Adversarial examples are a problem because they can compromise the performance, the security, and the trustworthiness of AI software systems. For instance, adversarial examples can be used to bypass face recognition systems, to mislead autonomous vehicles, to generate fake news, or to manipulate social media platforms. Moreover, adversarial examples can be hard to detect and prevent, as they can be subtle, diverse, and adaptive. Therefore, adversarial examples pose a serious challenge for AI software engineering, as they require careful design, testing, and evaluation of AI software systems.

添加您的观点

3 How can adversarial examples be detected?

One way to detect adversarial examples is to use anomaly detection techniques, which aim to identify inputs that deviate from the normal or expected distribution of the AI software system. For example, you can use statistical methods, such as hypothesis testing or outlier detection, to measure the likelihood or the distance of an input from the training data. Alternatively, you can use adversarial training, which is a technique that involves exposing the AI software system to adversarial examples during the training phase, to make it learn to recognize and reject them.

添加您的观点

4 How can adversarial examples be prevented?

Another way to prevent adversarial examples is to use defense techniques, which aim to enhance the robustness or the resilience of the AI software system against adversarial attacks. For example, you can use input preprocessing, such as filtering, smoothing, or cropping, to remove or reduce the adversarial perturbations from the inputs. Or, you can use output postprocessing, such as confidence thresholding, voting, or ensemble methods, to verify or correct the outputs of the AI software system.

添加您的观点

Sahil Pasricha

Fintech || M.Sc.(General bias in AI/XAI(eXplainable AI)) Uni Konstanz,Germany || Ex-Amdocs || Ex-Deloitte || Ethical AI Advocate || SDE 2, Fiserv
举报内容
There are new tools in market to do same. One such is adversarial-robustness-toolbox. However , there is no on soliton for all adverbial attacks , as its an evolving problem.

已翻译

赞

5 How can adversarial examples be evaluated?

A third way to evaluate adversarial examples is to use benchmarking techniques, which aim to measure and compare the vulnerability or the performance of different AI software systems under adversarial attacks. For example, you can use attack methods, such as gradient-based, optimization-based, or score-based methods, to generate adversarial examples for a given AI software system. Or, you can use metrics, such as accuracy, robustness, or transferability, to quantify the impact of adversarial examples on the AI software system.

添加您的观点

6 How can adversarial examples be mitigated?

A final way to mitigate adversarial examples is to use holistic techniques, which aim to address the root causes or the broader implications of adversarial attacks. For example, you can use data augmentation, such as adding noise, rotation, or translation, to diversify and improve the quality of the training data. Or, you can use ethical principles, such as transparency, accountability, or fairness, to ensure that the AI software system is aligned with the values and the expectations of the users and the stakeholders.

添加您的观点

Shingai Manjengwa

AI Education & Solutions Engineering @ Theoriq AI (ChainML Labs)
举报内容
Testing. Testing. Testing. The amount of testing to be done in developing AI tools cannot be understated. Developing robust testing frameworks that run across systems for benchmarking and broader data collection is critical for identifying vulnerabilities and proactively addressing them. — Pro Tip??: Penetration Testing has been a growing trend in cybersecurity. AI builders must consider the option of having external teams simulate attacks.

已翻译

赞

7 Here’s what else to consider

This is a space to share examples, stories, or insights that don’t fit into any of the previous sections. What else would you like to add?

添加您的观点

Sahil Pasricha

Fintech || M.Sc.(General bias in AI/XAI(eXplainable AI)) Uni Konstanz,Germany || Ex-Amdocs || Ex-Deloitte || Ethical AI Advocate || SDE 2, Fiserv
举报内容
Now that we have new villain in adversial market i.e. CW/DeepFool which is capable of launching an ever sophisticated attacks. By the time a solution arrive in karket, enrich yourself with how they work so that you can spot them.

已翻译

赞

Software Engineering

+ 关注

给文章评分

我们借助人工智能创建了此文章。您认为这篇文章怎么样？

很棒不太好

举报此文章

查看全部

How can AI software systems be designed to resist adversarial examples?

1

2

3

4

5

6

7

1 What are adversarial examples?

2 Why are adversarial examples a problem?

3 How can adversarial examples be detected?

4 How can adversarial examples be prevented?

5 How can adversarial examples be evaluated?

6 How can adversarial examples be mitigated?

7 Here’s what else to consider

Software Engineering

给文章评分

感谢您的反馈

更多Software Engineering相关文章

更多相关阅读内容