Results for ""
Cyber Security 5 Min Read Jun 03, 2024
User Submission - AI/ML usages and its security challenges
Artificial Intelligence (AI) is a creative field in computer world which deal with creating systems capable of performing tasks that typically require human intelligence. These tasks include, but are not limited to, learning from experiences, recognizing patterns, understanding natural language, and making decisions. As AI is growing so the security challenges comes-up with it as we are processing more data and dealing with difference kind of AI based tools so challenges will be keep on growing. Will highlight the detail about AI, ML and its security challenges.
Published By : Manish Kumar Yadav
AI is changing the world in numerous ways, and it varies across various industries: -
1. Automation: AI is automating repetitive tasks, freeing up time for individuals and businesses to focus on more complex problems.
2. Decision Making: AI can analyze vast amounts of data to identify patterns and make predictions, aiding in decision-making processes in fields like finance, healthcare, marketing, and more.
3. Personalization: AI is used to personalize user experiences, such as recommending products based on past purchases or personalizing content on social media platforms.
4. Healthcare: AI is being used to predict patient outcomes, assist in diagnoses, and even develop new drugs.
5. Transportation: AI is at the heart of self-driving technology, aiming to make transportation safer and more efficient.
Overview of Machine Learning (ML) – AI, NLP & LLM
1. Machine Learning (ML):
- Supervised Learning: This is a type of machine learning where the model is trained on a labeled dataset.
- Unsupervised Learning: This is a type of machine learning where the model is trained on an unlabeled dataset.
2. Natural Language Processing (NLP) is a field of AI that focuses on understanding and processing human language.
3.Deep Learning (DL):
- DL is a subset of machine learning where artificial neural networks, algorithms inspired by the human brain, learn from large amounts of data. While a neural network with a single layer can still make approximate predictions, additional hidden layers can help optimize the accuracy.
SAP using Generative AI:
Generative AI is revolutionizing the business landscape by unlocking valuable insights, aiding in better decision-making, and automating manual tasks. At SAP, we harness the power of this transformative technology by integrating it with our vast industry-specific data and deep process knowledge. This integration empowers our clients to optimize their SAP business applications, thereby enabling them to operate at their highest potential.
Secure ML guidelines:
When developing product which involves machine learning then security should be top-most priority as it deals with huge amount of data –
Security consideration while working with Machine learning technologies-
- Jailbreaking refers to the process where an attacker, often a hacker, intentionally breaches an application with the aim of interacting with its internal functions and accessing stored data. In such an attack scenario, a large language model could potentially be compromised. The attacker may manipulate the model to interact with associated plugins, thereby performing tasks that the attacker intends to execute on the system. This could lead to unauthorized access to sensitive information, highlighting the potential security risks associated with jailbreaking. So it is really important to have proper access control and separation between the front-end and backed systems and user are not allowed to access the underlying model or any kind of direct connection.
- Insecure Output Handling specifically refers to the inadequate validation, sanitization, and management of outputs produced by large language models (LLMs) before they are relayed to other components and systems. This issue arises because the content generated by LLMs can be manipulated by prompt input, which is akin to giving users indirect access to additional functionality. Therefore, it's crucial to ensure secure output handling to prevent potential misuse or misinterpretation of the generated content.
- Training data poisoning is a significant concern in the field of machine learning. It refers to the malicious practice of manipulating training data to compromise the performance of machine learning models. Bill of materials is essentially a comprehensive record of the data, algorithms, parameters, and tools used in the development of a machine learning model. So when you are developing the LLM based application then make sure you verify the content used for training the model and do extra checks when it is coming from external sources.
- A DoS attack can overwhelm a system, rendering it unavailable to users by flooding it with superfluous requests to exhaust its resources. Rate limiting is a technique for controlling the number of requests a client can make to a server within a specified time period.
- LLM plugins are extensions that, when enabled, are called automatically by the model during user interactions. The model integration platform drives them, and the application may have no control over the execution, especially when the model is hosted by another party. Moreover, these plugins often handle free-text inputs from the model without any validation or type-checking, a practice necessitated by context-size limitations. So while developing the application developer need to ensure adequate input validation and sanitization are in place and they can use other open standard for security development of plugins.
