Securing AI-based Security Systems

Sandra Scott-Hayward

Securing AI-based Security Systems

Sandra Scott-Hayward

School of Electronics, Electrical Engineering and Computer Science

Research output: Contribution to specialist publication › Article

461 Downloads (Pure)

Abstract

Together with the innovations in systems and services based on advances in artificial intelligence (AI), the vulnerabilities associated with its increasing use in a broad range of areas have been reported.Of these vulnerabilities, embedded bias or algorithmic discrimination is well recognised, such as racial and gender biases in algorithmic tools used for recruitment decision-making, criminal risk assessment, healthcare resource allocation, etc. To address the issue of embedded bias,steps have been proposed such as identifying the algorithms used,understanding the target of the solution (e.g. considering the diversity and representativeness of end users and/or subjects in the data),assessing performance toward that goal (e.g. testing for specific target groups or cases of problematic use), retraining based on the performance assessment and introducing oversight bodies.Beyond bias, AI systems are also recognised to suffer from brittleness(the inability to generalise or adapt to conditions outside a narrow set of assumptions), catastrophic forgetting (when a model has to process new data and can no longer classify the old data), and lack of explainability (the absence of details and reasons given by a model to make its functioning clear or easy to understand). This GCSP Strategic Security Analysis paper addresses the question of AI robustness when AI techniques and models are adopted in security systems. Robustness refers to the reliable operation of a system across a range of conditions (including attacks). Firstly, the distinction between AI and machine learning (ML) is highlighted, with reference to the Artificial Intelligence and UK National Security report.5 Whereas “general AI” refers to machine intelligence with the agency, reasoning and adaptability of a human brain, “narrow AI” refers to machine intelligence trained to perform narrowly defined cognitive tasks, such as playing chess, driving a car or translating documents. This paper addresses “narrow AI”, for which the terms AI and ML are used interchangeably.

Original language	English
No.	25
Specialist publication	GCSP Strategic Security Analysis
Publisher	Geneva Centre for Security Policy (GCSP)
Publication status	Published - 01 Jun 2022

Access to Document

Securing AI-based Security Systems
Copyright 2022, the Author. This work is made available online in accordance with the publisher’s policies. Please refer to any applicable terms of use of the publisher.
Final published version, 1.15 MBLicence: Unspecified

https://www.gcsp.ch/publications Licence: Unspecified

3 Public lecture/debate/seminar
2 Invited talk
1 Membership of external research organisation
1 Invited or keynote talk at national or international conference
More
- 1 Oral presentation

Swarming and the future of warfare: feasibility, impacts, governance
Scott-Hayward, S. (Invited speaker)
15 Feb 2023
Activity: Talk or presentation types › Public lecture/debate/seminar
AI: Adversarial Attacks
Scott-Hayward, S. (Invited speaker)
08 Feb 2023
Activity: Talk or presentation types › Invited talk
99.99% accurate - What's the problem?
Scott-Hayward, S. (Keynote speaker)
02 Sept 2022
Activity: Talk or presentation types › Invited or keynote talk at national or international conference

2 Conference contribution
1 Article

Critical international infrastructure: a case for secure, sustainable non-terrestrial networking
Scott-Hayward, S., 18 Jan 2024, GCSP Strategic Security Analysis, 35 12 p.
Research output: Contribution to specialist publication › Article

Open Access
File
GaDoT: GAN-based Adversarial Training for Robust DDoS Attack Detection
Abdelaty, M., Scott-Hayward, S., Doriguzzi-Corin, R. & Siracusa, D., 10 Feb 2022, Ninth IEEE Conference on Communications and Network Security (IEEE CNS 2021): Proceedings. Institute of Electrical and Electronics Engineers Inc.
Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Open Access
File
24 Citations (Scopus)

344 Downloads (Pure)
Investigating Adversarial Attacks against Network Intrusion Detection Systems in SDNs
Aiken, J. & Scott-Hayward, S., 19 Mar 2020, IEEE Conference on Network Functions Virtualization and Software Defined Networks 12/11/2019 → 14/11/2019 Dallas, United States. Institute of Electrical and Electronics Engineers Inc.
Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Open Access
File
52 Citations (Scopus)

1637 Downloads (Pure)

Cite this

@misc{4a2ad2ad74b8495f90c5fbe91fd3080c,

title = "Securing AI-based Security Systems",

abstract = "Together with the innovations in systems and services based on advances in artificial intelligence (AI), the vulnerabilities associated with its increasing use in a broad range of areas have been reported.Of these vulnerabilities, embedded bias or algorithmic discrimination is well recognised, such as racial and gender biases in algorithmic tools used for recruitment decision-making, criminal risk assessment, healthcare resource allocation, etc. To address the issue of embedded bias,steps have been proposed such as identifying the algorithms used,understanding the target of the solution (e.g. considering the diversity and representativeness of end users and/or subjects in the data),assessing performance toward that goal (e.g. testing for specific target groups or cases of problematic use), retraining based on the performance assessment and introducing oversight bodies.Beyond bias, AI systems are also recognised to suffer from brittleness(the inability to generalise or adapt to conditions outside a narrow set of assumptions), catastrophic forgetting (when a model has to process new data and can no longer classify the old data), and lack of explainability (the absence of details and reasons given by a model to make its functioning clear or easy to understand). This GCSP Strategic Security Analysis paper addresses the question of AI robustness when AI techniques and models are adopted in security systems. Robustness refers to the reliable operation of a system across a range of conditions (including attacks). Firstly, the distinction between AI and machine learning (ML) is highlighted, with reference to the Artificial Intelligence and UK National Security report.5 Whereas “general AI” refers to machine intelligence with the agency, reasoning and adaptability of a human brain, “narrow AI” refers to machine intelligence trained to perform narrowly defined cognitive tasks, such as playing chess, driving a car or translating documents. This paper addresses “narrow AI”, for which the terms AI and ML are used interchangeably.",

author = "Sandra Scott-Hayward",

year = "2022",

month = jun,

day = "1",

language = "English",

journal = "GCSP Strategic Security Analysis",

publisher = "Geneva Centre for Security Policy (GCSP)",

}

TY - GEN

T1 - Securing AI-based Security Systems

AU - Scott-Hayward, Sandra

PY - 2022/6/1

Y1 - 2022/6/1

N2 - Together with the innovations in systems and services based on advances in artificial intelligence (AI), the vulnerabilities associated with its increasing use in a broad range of areas have been reported.Of these vulnerabilities, embedded bias or algorithmic discrimination is well recognised, such as racial and gender biases in algorithmic tools used for recruitment decision-making, criminal risk assessment, healthcare resource allocation, etc. To address the issue of embedded bias,steps have been proposed such as identifying the algorithms used,understanding the target of the solution (e.g. considering the diversity and representativeness of end users and/or subjects in the data),assessing performance toward that goal (e.g. testing for specific target groups or cases of problematic use), retraining based on the performance assessment and introducing oversight bodies.Beyond bias, AI systems are also recognised to suffer from brittleness(the inability to generalise or adapt to conditions outside a narrow set of assumptions), catastrophic forgetting (when a model has to process new data and can no longer classify the old data), and lack of explainability (the absence of details and reasons given by a model to make its functioning clear or easy to understand). This GCSP Strategic Security Analysis paper addresses the question of AI robustness when AI techniques and models are adopted in security systems. Robustness refers to the reliable operation of a system across a range of conditions (including attacks). Firstly, the distinction between AI and machine learning (ML) is highlighted, with reference to the Artificial Intelligence and UK National Security report.5 Whereas “general AI” refers to machine intelligence with the agency, reasoning and adaptability of a human brain, “narrow AI” refers to machine intelligence trained to perform narrowly defined cognitive tasks, such as playing chess, driving a car or translating documents. This paper addresses “narrow AI”, for which the terms AI and ML are used interchangeably.

AB - Together with the innovations in systems and services based on advances in artificial intelligence (AI), the vulnerabilities associated with its increasing use in a broad range of areas have been reported.Of these vulnerabilities, embedded bias or algorithmic discrimination is well recognised, such as racial and gender biases in algorithmic tools used for recruitment decision-making, criminal risk assessment, healthcare resource allocation, etc. To address the issue of embedded bias,steps have been proposed such as identifying the algorithms used,understanding the target of the solution (e.g. considering the diversity and representativeness of end users and/or subjects in the data),assessing performance toward that goal (e.g. testing for specific target groups or cases of problematic use), retraining based on the performance assessment and introducing oversight bodies.Beyond bias, AI systems are also recognised to suffer from brittleness(the inability to generalise or adapt to conditions outside a narrow set of assumptions), catastrophic forgetting (when a model has to process new data and can no longer classify the old data), and lack of explainability (the absence of details and reasons given by a model to make its functioning clear or easy to understand). This GCSP Strategic Security Analysis paper addresses the question of AI robustness when AI techniques and models are adopted in security systems. Robustness refers to the reliable operation of a system across a range of conditions (including attacks). Firstly, the distinction between AI and machine learning (ML) is highlighted, with reference to the Artificial Intelligence and UK National Security report.5 Whereas “general AI” refers to machine intelligence with the agency, reasoning and adaptability of a human brain, “narrow AI” refers to machine intelligence trained to perform narrowly defined cognitive tasks, such as playing chess, driving a car or translating documents. This paper addresses “narrow AI”, for which the terms AI and ML are used interchangeably.

M3 - Article

JO - GCSP Strategic Security Analysis

JF - GCSP Strategic Security Analysis

PB - Geneva Centre for Security Policy (GCSP)

ER -

Securing AI-based Security Systems

Abstract

Access to Document

Fingerprint

Activities

Swarming and the future of warfare: feasibility, impacts, governance

AI: Adversarial Attacks

99.99% accurate - What's the problem?

Research output

Critical international infrastructure: a case for secure, sustainable non-terrestrial networking

GaDoT: GAN-based Adversarial Training for Robust DDoS Attack Detection

Investigating Adversarial Attacks against Network Intrusion Detection Systems in SDNs

Cite this