Page 39 - info_oct_23
P. 39
Technology Update
real email communications as the dataset. The
Data Poisoning phishing emails generated by this model will
mimic genuine communication, increasing the
Poisons likelihood of successful phishing attacks.
the data To counter AI-generated payloads,
Low accuracy organizations need to enhance email filtering
Misclassification systems with AI-driven anomaly detection to
Backdoors identify and block such malicious messages.
Dataset Training AI/ML Model AI Enhanced social engineering
Attackers leverage AI-driven insights to craft
highly personalized and convincing social
engineering attacks, increasing the likelihood
of successful phishing or impersonation attacks.
Adversarial Attack For example, Attackers use AI to analyze a
target’s social media activity and preferences to
craft tailored phishing emails that appear more
Adversarial convincing.
Input Mitigating AI-enhanced social engineering
attacks necessitates user education, multi-
factor authentication, and advanced behavior
Incorrect Predictions analytics to identify suspicious activities.
Normal/Benign AI/ML Model Extraction Attacks
Input Correct Predictions Attackers employ AI/ML methods to extract
sensitive data or confidential information
from AI models or datasets. An illustration
of the extraction attack is shown in Figure 5.
The attacker queries the AI model providing
AI Generated Payload inputs, and from the responses of the models,
the attacker can reconstruct the original data
set used for training the model or create an
approximate model. For instance, attackers can
use machine learning algorithms to reverse
engineer proprietary algorithms or extract
personal information from a machine learning
Real Email Training AI/ML Model Phishing model.
Dataset Emails Protecting against extraction attacks
involves implementing robust access controls,
encryption, and monitoring mechanisms to
safeguard sensitive data and model outputs.
Evasion of Detection
Conclusion
Crafted / In conclusion, while the integration of AI and
Modified Data ML in applications empowers innovation, it also
introduces new security challenges. Recognizing
and mitigating these emerging threats is
Incorrect Detection imperative. With vigilant understanding and
proactive defenses, organizations can harness
Normal/Benign AI/ML Model the transformative potential of AI/ML while
Input Correct Detection safeguarding their digital landscapes.
As technology evolves, the synergy between
security and innovation becomes paramount,
shaping the future of application security. It
is essential for organizations to stay ahead of
Extraction Attacks
these AI/ML-related risks and continuously
adapt their cybersecurity strategies to defend
against evolving threats.
Querying
Real Email Training AI/ML Model
Dataset
Contact for more details
Bronjon Gogoi
Original Approximate Scientist-C
Data Model RCoEAS, Jayanagar, Beltola
Guwahati - 781022
Email: asm-bronjon@nic.in, Phone: 9365558235
October 2023 informatics.nic.in 39
