When Your AI Becomes a Target: AI Security Incidents and Best Practices
In contrast to vast academic efforts to study AI security, few real-world reports of AI security incidents exist. Released incidents prevent a thorough investigation of the attackers' motives, as crucial information about the company and AI application is missing. As a consequence, it often remains unknown how to avoid incidents. We tackle this gap and combine previous reports with freshly collected incidents to a small database of 32 AI security incidents. We analyze the attackers' target and goal, influencing factors, causes, and mitigations. Many incidents stem from non-compliance with best practices in security and privacy-enhancing technologies. In the case of direct AI attacks, access control may provide some mitigation, but there is little scientific work on best practices. Our paper is thus a call for action to address these gaps.
2024-03-24
10: 1-57735-887-2
13: 978-1-57735-887-9
Washington, DC, USA
38
21
23041
23046
REVIEWED
Event name | Event place | Event date |
Vancouver, Canada | February 20-27, 2024 | |