Grosse, KathrinBieringer, LukasBesold, Tarek R.Biggio, BattistaAlahi, Alexandre2024-04-122024-04-122024-04-122024-03-2410.1609/aaai.v38i21.30347https://infoscience.epfl.ch/handle/20.500.14299/207052In contrast to vast academic efforts to study AI security, few real-world reports of AI security incidents exist. Released incidents prevent a thorough investigation of the attackers' motives, as crucial information about the company and AI application is missing. As a consequence, it often remains unknown how to avoid incidents. We tackle this gap and combine previous reports with freshly collected incidents to a small database of 32 AI security incidents. We analyze the attackers' target and goal, influencing factors, causes, and mitigations. Many incidents stem from non-compliance with best practices in security and privacy-enhancing technologies. In the case of direct AI attacks, access control may provide some mitigation, but there is little scientific work on best practices. Our paper is thus a call for action to address these gaps.Multidisciplinary Topics and ApplicationsHuman-Computer InteractionMachine LearningTrack: AI Incidents and Best Practicestext::conference output::conference proceedings::conference paper