As artificial intelligence (AI) systems become increasingly integrated into critical societal and industrial applications, ensuring their entire production life cycle is secure from malicious attacks has become paramount. This chapter provides a comprehensive analysis of the threat landscape across the entire AI system production process, from initial data acquisition to post-deployment consumption and archiving. A deep dive is conducted into the unique security vulnerabilities inherent in both the software and hardware implementation pathways. Key threats examined include data poisoning and backdoor injection during the model development stage; evasion, model stealing, and privacy attacks during software deployment on cloud and edge devices; and supply chain attacks within the hardware accelerator implementation process, such as hardware Trojans, counterfeit components, and compromised design tools. By systematically mapping threats to each stage of the AI life cycle and exploring corresponding mitigation strategies, this chapter provides a foundational framework for engineers, researchers, and policymakers to develop and deploy safer, more robust, and trustworthy AI systems.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

AI Production Process Security Attacks and Mitigation Techniques

  • Haosen Yu,
  • Basel Halak

摘要

As artificial intelligence (AI) systems become increasingly integrated into critical societal and industrial applications, ensuring their entire production life cycle is secure from malicious attacks has become paramount. This chapter provides a comprehensive analysis of the threat landscape across the entire AI system production process, from initial data acquisition to post-deployment consumption and archiving. A deep dive is conducted into the unique security vulnerabilities inherent in both the software and hardware implementation pathways. Key threats examined include data poisoning and backdoor injection during the model development stage; evasion, model stealing, and privacy attacks during software deployment on cloud and edge devices; and supply chain attacks within the hardware accelerator implementation process, such as hardware Trojans, counterfeit components, and compromised design tools. By systematically mapping threats to each stage of the AI life cycle and exploring corresponding mitigation strategies, this chapter provides a foundational framework for engineers, researchers, and policymakers to develop and deploy safer, more robust, and trustworthy AI systems.