Adversarial AI Attacks, Mitigations, and Defense Strategies: A cybersecurity professional's guide to AI attacks, threat modeling, and securing AI with MLSecOps

John Sotiropoulos

2024年7月 · Packt Publishing Ltd

电子书

602

页

关于此电子书

“The book not only explains how adversarial attacks work but also shows you how to build your own test environment and run attacks to see how they can corrupt ML models. It's a comprehensive guide that walks you through the technical details and then flips to show you how to defend against these very same attacks.” – Elaine Doyle, VP and Cybersecurity Architect, Salesforce Get With Your Book: PDF Copy, AI Assistant, and Next-Gen Reader Free Key Features

Understand the unique security challenges presented by predictive and generative AI
Explore common adversarial attack strategies as well as emerging threats such as prompt injection
Mitigate the risks of attack on your AI system with threat modeling and secure-by-design methods

Book DescriptionAdversarial attacks trick AI systems with malicious data, creating new security risks by exploiting how AI learns. This challenges cybersecurity as it forces us to defend against a whole new kind of threat. This book demystifies adversarial attacks and equips you with the skills to secure AI technologies, moving beyond research hype or business-as-usual activities. Learn how to defend AI and LLM systems against manipulation and intrusion through adversarial attacks such as poisoning, trojan horses, and model extraction, leveraging DevSecOps, MLOps, and other methods to secure systems. This strategy-based book is a comprehensive guide to AI security, combining structured frameworks with practical examples to help you identify and counter adversarial attacks. Part 1 introduces the foundations of AI and adversarial attacks. Parts 2, 3, and 4 cover key attack types, showing how each is performed and how to defend against them. Part 5 presents secure-by-design AI strategies, including threat modeling, MLSecOps, and guidance aligned with OWASP and NIST. The book concludes with a blueprint for maturing enterprise AI security based on NIST pillars, addressing ethics and safety under Trustworthy AI. By the end of this book, you’ll be able to develop, deploy, and secure AI systems against the threat of adversarial attacks effectively.What you will learn

Set up a playground to explore how adversarial attacks work
Discover how AI models can be poisoned and what you can do to prevent this
Learn about the use of trojan horses to tamper with and reprogram models
Understand supply chain risks
Examine how your models or data can be stolen in privacy attacks
See how GANs are weaponized for Deepfake creation and cyberattacks
Explore emerging LLM-specific attacks, such as prompt injection
Leverage DevSecOps, MLOps and MLSecOps to secure your AI system

Who this book is for

This book tackles AI security from both angles - offense and defence. AI developers and engineers will learn how to create secure systems, while cybersecurity professionals, such as security architects, analysts, engineers, ethical hackers, penetration testers, and incident responders will discover methods to combat threats to AI and mitigate the risks posed by attackers. The book also provides a secure-by-design approach for leaders to build AI with security in mind. To get the most out of this book, you’ll need a basic understanding of security, ML concepts, and Python.

作者简介

John Sotiropoulos is a senior security architect at Kainos where he is responsible for AI security and works to secure national-scale systems in government, regulators, and healthcare. John has gained extensive experience in building and securing systems in roles such as developer, CTO, VP of engineering, and chief architect. A co-lead of the OWASP Top 10 for Large Language Model (LLM) Applications and a core member of the AI Exchange, John leads standards alignment for both projects with other standards organizations and national cybersecurity agencies. He is the OWASP lead at the US AI Safety Institute Consortium. An avid geek and marathon runner, he is passionate about enabling builders and defenders to create a safer future.