Ensurance of artificial intelligence systems cyber security: analysis of vulnerabilities, attacks and countermeasures

Vìsnik Nacìonalʹnogo unìversitetu "Lʹvìvsʹka polìtehnìka". Serìâ Ìnformacìjnì sistemi ta merežì Pub Date : 2022-12-15 DOI:10.23939/sisn2022.12.007

Oleksii Neretin, V. Kharchenko

{"title":"Ensurance of artificial intelligence systems cyber security: analysis of vulnerabilities, attacks and countermeasures","authors":"Oleksii Neretin, V. Kharchenko","doi":"10.23939/sisn2022.12.007","DOIUrl":null,"url":null,"abstract":"In recent years, many companies have begun to integrate artificial intelligence systems (AIS) into their infrastructures. AIS is used in sensitive areas of society, such as the judicial system, critical infrastructure, video surveillance, and others. This determines the need for a reliable assessment and guaranteed provision of cyber security of AIS. The study analyzed the state of affairs regarding the cyber security of these systems. Possible types of attacks are classified and the main ones are considered in detail. Threats and attacks were analyzed by level of severity and security risks were assessed using the IMECA method. “Adversarial attacks” and “Data poisoning” attacks are found to have the highest risks of danger, but the countermeasures are not at the appropriate level. It was concluded that there is a need for formalization and standardization of the life cycle of the development and use of secure AIS. The directions of further research regarding the need to develop methods for evaluating and ensuring cyber security of the AIS are substantiated, including for systems that provide AI as a service.","PeriodicalId":444399,"journal":{"name":"Vìsnik Nacìonalʹnogo unìversitetu \"Lʹvìvsʹka polìtehnìka\". Serìâ Ìnformacìjnì sistemi ta merežì","volume":"11 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-12-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Vìsnik Nacìonalʹnogo unìversitetu \"Lʹvìvsʹka polìtehnìka\". Serìâ Ìnformacìjnì sistemi ta merežì","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.23939/sisn2022.12.007","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

In recent years, many companies have begun to integrate artificial intelligence systems (AIS) into their infrastructures. AIS is used in sensitive areas of society, such as the judicial system, critical infrastructure, video surveillance, and others. This determines the need for a reliable assessment and guaranteed provision of cyber security of AIS. The study analyzed the state of affairs regarding the cyber security of these systems. Possible types of attacks are classified and the main ones are considered in detail. Threats and attacks were analyzed by level of severity and security risks were assessed using the IMECA method. “Adversarial attacks” and “Data poisoning” attacks are found to have the highest risks of danger, but the countermeasures are not at the appropriate level. It was concluded that there is a need for formalization and standardization of the life cycle of the development and use of secure AIS. The directions of further research regarding the need to develop methods for evaluating and ensuring cyber security of the AIS are substantiated, including for systems that provide AI as a service.

查看原文本刊更多论文

人工智能系统网络安全保障:漏洞、攻击和对策分析

近年来，许多公司已经开始将人工智能系统(AIS)集成到他们的基础设施中。AIS应用于社会的敏感领域，如司法系统、关键基础设施、视频监控等。这就决定了需要对AIS系统进行可靠的评估并提供有保障的网络安全。该研究分析了这些系统的网络安全状况。对可能的攻击类型进行了分类，并详细考虑了主要的攻击类型。威胁和攻击按严重程度进行分析，使用IMECA方法评估安全风险。“对抗性攻击”和“数据中毒”攻击被认为具有最高的危险风险，但应对措施却没有达到适当的水平。结论是需要对安全AIS系统的开发和使用的生命周期进行正规化和标准化。进一步研究的方向是需要制定评估和确保人工智能的网络安全的方法，包括提供人工智能服务的系统。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Vìsnik Nacìonalʹnogo unìversitetu "Lʹvìvsʹka polìtehnìka". Serìâ Ìnformacìjnì sistemi ta merežì

自引率

0.00%

发文量