Abstract
Artificial Intelligence (AI) has witnessed significant advancements in recent years, enabling its widespread adoption across various domains. However, this progress has also given rise to new challenges, particularly in the context of adversarial machine learning. Adversarial attacks exploit vulnerabilities in AI models, resulting in their misclassification or misbehaviour. To address this critical issue, it is crucial to develop trustworthy AI systems that can withstand such adversarial threats. This paper presents a comprehensive study that covers the types of adversarial machine learning cyber-attacks, methods employed by adversaries to launch such attacks, effective defence mechanisms, and potential future directions in the field. It starts by exploring various types of adversarial ML attacks, characteristics and potential consequences of each attack type, emphasizing the risks they pose to privacy, security, and fairness in AI systems and delving into the methods employed by adversaries to launch adversarial ML attacks. By understanding the tactics used by adversaries, researchers and practitioners can develop robust defence mechanisms that can withstand these attacks. Building upon this understanding, a range of defence strategies can be invented for defending against adversarial ML attacks and emerging research areas, such as the integration of secure multi-party computation, differential privacy, and federated learning are used to enhance the resilience of AI models. By understanding the nature of adversarial attacks and implementing effective defence strategies, AI systems can be fortified against malicious manipulations. The findings of this study contribute to the development of trustworthy AI systems, ensuring their resilience, transparency, and fairness.
References
Pierazzi, Fabio, et al. "Intriguing properties of adversarial ml attacks in the problem space." 2020 IEEE symposium on security and privacy (SP). IEEE, 2020.
Liu, Jinxin, et al. "Adversarial machine learning: A multilayer review of the state-of-the-art and challenges for wireless and mobile systems." IEEE Communications Surveys & Tutorials 24.1 (2021): 123-159.
Kumar, Ram Shankar Siva, et al. "Adversarial machine learning-industry perspectives." 2020 IEEE Security and Privacy Workshops (SPW). IEEE, 2020.
Newaz, AKM Iqtidar, et al. "Adversarial attacks to machine learning-based smart healthcare systems." GLOBECOM 2020-2020 IEEE Global Communications Conference. IEEE, 2020.
Sadeghi, Koosha, Ayan Banerjee, and Sandeep KS Gupta. "A system-driven taxonomy of attacks and defenses in adversarial machine learning." IEEE transactions on emerging topics in computational intelligence 4.4 (2020): 450-467.
Wang, Xianmin, et al. "The security of machine learning in an adversarial setting: A survey." Journal of Parallel and Distributed Computing 130 (2019): 12-23.
Hartl, Alexander, et al. "Explainability and adversarial robustness for rnns." 2020 IEEE Sixth International Conference on Big Data Computing Service and Applications (BigDataService). IEEE, 2020.
Vorobeychik, Yevgeniy. "The Many Faces of Adversarial Machine Learning." Proceedings of the AAAI Conference on Artificial Intelligence. Vol. 37. No. 13. 2023.
Eshete, Birhanu. "Making machine learning trustworthy." Science 373.6556 (2021): 743-744.
Adversarial Attacks on Graph Neural Network: Techniques and Countermeasures
A Systematic Literature Review on Malicious Use of Reinforcement Learning
Wild patterns: Ten years after the rise of adversarial machine learning
Huang, Ling, Anthony D. Joseph, Blaine Nelson, Benjamin IP Rubinstein, and J. Doug Tygar. "Adversarial machine learning." In Proceedings of the 4th ACM workshop on Security and artificial intelligence, pp. 43-58. 2011.
Udi Weinsberg, Smriti Bhagat, Stratis Ioannidis, and Nina Taft. Blurme: Inferring and obfuscating user gender based on ratings. In RecSys, 2012.
Arvind Narayanan, Hristo Paskov, Neil Zhenqiang Gong, John Bethencourt, Emil Stefanov, Eui Chul Richard Shin, and Dawn Song. On the feasibility of internet-scale author identification. In IEEE S&P, 2012.