Security and Privacy Risks in Artificial Intelligence Systems

Chen Yufei; Shen Chao; Wang Qian; Li Qi; Wang Cong; Ji Shouling; Li Kang; Guan Xiaohong

doi:10.7544/issn1000-1239.2019.20190415

Journal of Computer Research and Development > 2019 > 56(10): 2135-2150. > DOI: 10.7544/issn1000-1239.2019.20190415 CSTR: 32373.14.issn1000-1239.2019.20190415

Chen Yufei, Shen Chao, Wang Qian, Li Qi, Wang Cong, Ji Shouling, Li Kang, Guan Xiaohong. Security and Privacy Risks in Artificial Intelligence Systems[J]. Journal of Computer Research and Development, 2019, 56(10): 2135-2150. DOI: 10.7544/issn1000-1239.2019.20190415

Citation:

PDF (1174 KB)

Security and Privacy Risks in Artificial Intelligence Systems

¹(Key Laboratory for Intelligent Networks and Network Security(Xi’an Jiaotong University), Ministry of Education, Xi’an 710049)
²(Faculty of Electronic and Information Engineering, Xi’an Jiaotong University, Xi’an 710049)
³(School of Cyber Science and Engineering, Wuhan University, Wuhan 430072)
⁴(Institute for Network Sciences and Cyberspace, Tsinghua University, Beijing 100084)
⁵(Department of Computer Science, City University of Hong Kong, Hong Kong 999077)
⁶(Institute of Cyberspace Research, Zhejiang University, Hangzhou 310027)
⁷(College of Computer Science and Technology, Zhejiang University, Hangzhou 310027)
⁸(Department of Computer Science, University of Georgia, Athens, Georgia, the United States 30602)

More Information

Published Date: September 30, 2019

Graphical Abstract

Abstract

Abstract

Human society is witnessing a wave of artificial intelligence (AI) driven by deep learning techniques, bringing a technological revolution for human production and life. In some specific fields, AI has achieved or even surpassed human-level performance. However, most previous machine learning theories have not considered the open and even adversarial environments, and the security and privacy issues are gradually rising. Besides of insecure code implementations, biased models, adversarial examples, sensor spoofing can also lead to security risks which are hard to be discovered by traditional security analysis tools. This paper reviews previous works on AI system security and privacy, revealing potential security and privacy risks. Firstly, we introduce a threat model of AI systems, including attack surfaces, attack capabilities and attack goals. Secondly, we analyze security risks and counter measures in terms of four critical components in AI systems: data input (sensor), data preprocessing, machine learning model and output. Finally, we discuss future research trends on the security of AI systems. The aim of this paper is to arise the attention of the computer security society and the AI society on security and privacy of AI systems, and so that they can work together to unlock AI’s potential to build a bright future.
- intelligent system security,
- system security,
- data processing,
- artificial intelligence (AI),
- deep learning

FullText(HTML)

References (0)

[1]	Zhao Xiaoyang, Li Zhongnian, Wang Wenyu, Xu Xinzheng. ADIC: An Adaptive Disentangled CNN Classifier for Interpretable Image Recognition[J]. Journal of Computer Research and Development, 2023, 60(8): 1754-1767. DOI: 10.7544/issn1000-1239.202330231
[2]	Xie Kunpeng, Yi Dezhi, Liu Yiqing, Liu Hang, He Xinyu, Gong Cheng, Lu Ye. SAF-CNN：A Sparse Acceleration Framework of Convolutional Neural Network forEmbedded FPGAs[J]. Journal of Computer Research and Development, 2023, 60(5): 1053-1072. DOI: 10.7544/issn1000-1239.202220735
[3]	Yin Zhaoxia, Guo Hongnian, Du Yang, Ma Wenjing, Lü Wanli, Zhang Xinpeng. Multi-Domain Reversible Data Hiding in JPEG Images and Payload Distribution Algorithm[J]. Journal of Computer Research and Development, 2022, 59(8): 1831-1840. DOI: 10.7544/issn1000-1239.20210411
[4]	Liu Yanxiao, Wu Ping, Sun Qindong. Secret Image Sharing Schemes Based on Region Convolution Neural Network[J]. Journal of Computer Research and Development, 2021, 58(5): 1065-1074. DOI: 10.7544/issn1000-1239.2021.20200898
[5]	Wang Yangyang, He Hongjie, Chen Fan, Zhang Shanjun. Reversible Data Hiding in JPEG Images Based on Distortion-Extension Cost[J]. Journal of Computer Research and Development, 2020, 57(11): 2271-2282. DOI: 10.7544/issn1000-1239.2020.20200434
[6]	Xing Xinying, Ji Junzhong, Yao Yao. Brain Networks Classification Based on an Adaptive Multi-Task Convolutional Neural Networks[J]. Journal of Computer Research and Development, 2020, 57(7): 1449-1459. DOI: 10.7544/issn1000-1239.2020.20190186
[7]	Lü Guohao, Luo Siwei, Huang Yaping, Jiang Xinlan. A Novel Regularization Method Based on Convolution Neural Network[J]. Journal of Computer Research and Development, 2014, 51(9): 1891-1900. DOI: 10.7544/issn1000-1239.2014.20140266
[8]	Zhang Zhan, Liu Guangjie, Dai Yuewei, Wang Zhiquan. A Self-Adaptive Image Steganography Algorithm Based on Cover-Coding and Markov Model[J]. Journal of Computer Research and Development, 2012, 49(8): 1668-1675.
[9]	Yang Chunfang, Liu Fenlin, and Luo Xiangyang. Histograms Difference and Quantitative Steganalysis of JPEG Steganography Based on Relative Entropy[J]. Journal of Computer Research and Development, 2011, 48(8): 1563-1569.
[10]	Zheng Qingfang, Gao Wen. Adaptive Skin Detection in JPEG Compressed Images[J]. Journal of Computer Research and Development, 2006, 43(7): 1194-1200.