Back to blogs

Blog | AUG 09, 2023

Safeguarding the Future: The Crucial Role of Increased Security in AI

Industrial ML/AICyber Security

Artificial Intelligence (AI) is aiming to revolutionize various industries, from healthcare to finance and agriculture. As this new technology become increasingly pervasive in our lives, ensuring its security becomes more critical than ever before. In this blog post, we'll delve into the relevance of increased security measures for AI and explore the significant role of data notarization in safeguarding these advanced systems.

The rapid proliferation of AI and ML technologies brings forth unprecedented opportunities and challenges. As we continue to rely on these systems to make critical decisions, their security becomes paramount.

The challenge is that data science (data engineering and model engineering) uses an AI pipeline typically outside of the regular application development scope, which is introducing a new attack surface. Data engineering (collecting, storing, and preparing data) is typically a large and important part of machine learning engineering. Together with model engineering, it requires appropriate security to protect against data leaks, data poisoning, leaks of intellectual property, and supply chain attacks.

Relevance of AI for critical industries

AI has transformative potential across various industries, but some sectors stand out as the most critical and promising for its application. These industries can benefit significantly from AI technologies, driving innovation, efficiency, and improved decision-making. Here are some of the most critical industries where AI is making a significant impact:

Healthcare: AI/ML plays a crucial role in healthcare, offering accurate diagnostics, personalized treatment plans, and drug discovery. Machine learning algorithms analyze vast medical datasets to identify patterns and predict patient outcomes, leading to better patient care and improved treatment efficacy.

Finance and Banking: AI/ML transforms finance and banking by driving risk assessment, fraud detection, and personalized customer experiences. Intelligent algorithms analyze financial data in real-time, detecting potential risks, optimizing investment strategies, and providing personalized financial advice to customers.

Manufacturing: In the manufacturing sector, AI/ML enables smart factories with predictive maintenance, process optimization, and supply chain efficiency. By analyzing sensor data, AI-powered systems predict equipment failures, optimize production processes, and improve overall operational efficiency.

Transportation and Autonomous Vehicles: AI/ML is a game-changer in transportation and autonomous vehicles. These technologies enhance navigation, traffic management, and autonomous vehicle decision-making. Self-driving cars use AI algorithms to interpret surroundings, making transportation safer and more efficient.

Energy and Utilities: AI/ML optimizes energy and utilities management by analyzing vast datasets to predict energy consumption, enhance grid management, and optimize resource allocation. These technologies enable a more sustainable and reliable energy ecosystem.

Agriculture: In agriculture, AI/ML facilitates precision farming, allowing farmers to optimize irrigation, monitor crop health, and detect pests. By analyzing data from sensors and drones, AI-powered systems maximize crop yields while conserving resources.

Defense: AI/ML contributes significantly to the defense sector, powering advanced surveillance, cybersecurity, and autonomous military systems. These technologies enhance national security by identifying threats and enabling rapid response.

As an example of the negative impact data poisoning can have, we’d like to highlight a study from Israeli researcher focused on tampering medical IoT data. They were able to tamper with CTs or MRIs which showed that they successfully deceived both radiologists and the artificial intelligence algorithms they used to aid them with the diagnosis. Deliberately tampering with these kinds of scans could facilitate insurance fraud, ransomware, cyberterrorism or even murder, the researchers said in a statement. Therefore, increasing AI Security is highly relevant from inception.

Relevance of AI Security from Inception

Several UK top cyber officials recently stated to BBC, that it is a fundamental challenge of how far we can trust AI. They call for an urgent integration of cyber security strategies into AI systems. The Open Web Application Security Project (OWASP), a nonprofit foundation that provides guidance on how to develop, purchase and maintain trustworthy and secure software applications, is well known for its popular Top 10 list of security issues for several topics. Recently, they published the Top 10 Machine Learning Security Risks:

  • ML01:2023 Adversarial Attack

  • ML02:2023 Data Poisoning Attack

  • ML03:2023 Model Inversion Attack

  • ML04:2023 Membership Inference Attack

  • ML05:2023 Model Stealing

  • ML06:2023 Corrupted Packages

  • ML07:2023 Transfer Learning Attack

  • ML08:2023 Model Skewing

  • ML09:2023 Output Integrity Attack

  • ML10:2023 Neural Net Reprogramming

Focusing on the aspect of trustworthiness, we would like to go into more detail about the following security risks: Adversarial attacks are a type of attack in which an attacker deliberately alters input data to mislead the model. Data poisoning attacks occur when an attacker manipulates the training data to cause the model to behave in an undesirable way. Membership inference attacks occur when an attacker manipulates the model’s training data in order to cause it to behave in a way that exposes sensitive information. Transfer learning attacks occur when an attacker trains a model on one task and then fine-tunes it on another task to cause it to behave in an undesirable way. Model skewing attacks occur when an attacker manipulates the distribution of the training data to cause the model to behave in an undesirable way. In an Output integrity attack scenario, an attacker aims to modify or manipulate the output of a machine learning model in order to change its behavior or cause harm to the system it is used in. Similar risks are also listed by MITRE ATLAS™, which is a knowledge base of adversary tactics, techniques, and case studies for machine learning (ML) systems. Among others they list data poisoning, eroding ML model integrity, and adversarial data attack as tactics used by malicious actors. In June 2023 the European Union Agency for Cybersecurity (ENISA) recently published a Multilayer Framework for Good Cybersecurity Practices for AI. They also identified several open issues and research activities that still need to be conducted and resolved. Some of their recommendations are:

  • Integrity of data sources and data. The trustworthiness of AI algorithms relies on the integrity of the data and the data sources that generate this data, therefore we need to dynamically and continuously assess them before using them. Best practices on how to assess all types of data sources (e.g. surveillance cameras, biometric systems, smart traffic lights) are needed.

  • Continuous monitoring of the data life cycle security. All processes in data management need to be assessed, from data collection to labelling to cleaning to using and storing. Poisoning of data can take place at any stage of the process. Methodologies and dynamic tools need to be developed.

Therefore, ensuring end-to-end data integrity is key to address the above-mentioned risks and recommendations by AI experts and regulators.

Introducing Trustworthy DataOps

Collecting, transmitting, verifying, and utilizing your data for AI models can be an incredibly complex process. Whether it is transferring data across different systems, integrating data from various sources, or trusting it after a system failure or cyberattack, understanding the issue and implementing the necessary protection can seem overwhelming.

Encrypting data end-to-end helps ensure that data is unaltered when in transit or at rest. However, it has limited capabilities during transfers, with time delay and often covers only parts of the data pipeline. Additionally, data gets decrypted for utilization and afterwards encrypted again – with this the link to the origin is broken and data integrity can’t be guaranteed any more. Especially, when developing or running AI models, data is moved across systems and collected from various sources. This leaves an open gap for adversarial manipulation of data – during training and in production.

Tributech’s blockchain technology ensures that you can check the data integrity across its lifetime, regardless of how many times it has been encrypted/decrypted and how many hands (systems, infrastructures, etc.) it has been passed through.

Our data notary functionality helps you to keep deliberate misinformation away from your AI model by acting as an independent party at the data source that verifies origin and integrity of the data.

One part of the data notary service is located directly at the data source and creates cryptographic proofs of the data, which are securely stored in a blockchain-based trust layer.

The second part of the data notary service is integrated in the backend and enables the consumer of the data to verify origin and integrity across systems and companies at any time – even of high-frequency data streams.

Our data integration and security platform give you end-to-end visibility, rapid identification, traceability, performance, and auditability of all your data streams. It allows you to trust your data and utilize it with confidence and without compromising security.

AI Features

In summary, Tributech offers

  • Scalable & standardized data integration, increased security & reduced time to-market by > 50%

  • Protection against data poisoning of the training data pool and in production environment

  • Data provenance & lineage as foundation for compliance with internal & external auditors

Would you like to learn how Tributech can help you close the gaps in your data security? Contact us and let's find the right solution for your use case.

Thomas Plank
CEO, Tributech

Blog | AUG 09, 2023

Contact us

You want to unleash the full potential of your data? Contact us for a first discussion about your data strategy.