Researchers find a new way to train AI’s to protect them from deadly adversarial attacks

0 2

By Matthew Griffin Security and Privacy 14th July 2020

WHY THIS MATTERS IN BRIEF

As more of the world comes to rely on AI adversarial attacks pose a particular challenge to companies and people in critical industries who are responsible for the safety of people and systems.

Interested in the Exponential Future? Join our XPotential Community, future proof yourself with courses from our XPotential Academy, connect, watch a keynote, or browse my blog.

Adversarial attacks, where hackers use the way that Artificial Intelligence (AI) sees the world against itself in order to trick into doing things it shouldn’t, are getting more widespread – whether it’s tricking Tesla’s into speeding into oncoming traffic or tricking hospital systems into giving patients the all clear when in fact they have terminal cancer.

As part of their research Bo Li and her colleagues at UI are have proposed a new method for training these deep learning systems so they’re more failproof and therefore trustworthy in what they call “safety critical scenarios.”

During their research they pitted the neural networks responsible for image reconstruction against other neural networks responsible for generating adversarial examples, in a style similar to GAN algorithms. Throughout iterative rounds the adversarial network attempts to fool the reconstruction network into producing things that aren’t part of the original data, or “ground truth.” The reconstruction network then continuously tweaks itself to avoid being fooled, which in turn makes it safer to use in the real world.

And as for the results when the researchers tested their adversarially trained neural network on two popular image data sets it was able to reconstruct the ground truth better than other neural networks that had been “fail proofed” with different methods.

The results still aren’t perfect though obviously and this is a work in progress but it’s a start. The work will be presented next week at the International Conference on Machine Learning.

Matthew Griffin / About Author

Matthew Griffin, described as a "Walking encyclopaedia of the future" by NASA and a futurist polymath, is one of the world's most renowned futurists and strategic foresight experts. A serial entrepreneur Matthew is the Founder and Futurist in Chief of the 311 Institute, a global Futures and Deep Futures advisory firm working across the next 50 years, XPotential University, the world's first free futures and foresight university, and the World Futures Forum which works with the United Nations to solve the worlds greatest challenges. 13 times author of the Codex of the Future series, Matthew is an in demand international keynote, acclaimed university lecturer, and host of the hit Fanatical Futurist podcast.

A rare talent in his past Matthew helped build and run several multi-billion dollar business units for Atos, Dell-EMC, and IBM, and his ability to identify, track, and explain the impacts of hundreds of emerging technologies and trends on global business, culture, and society has earned him a powerful reputation and a roster of clients that include royal households, world leaders, G7, G20, and G77+ governments, and many of the world's most respected brands including ABB, Accenture, Adidas, AON, ARM, BCG, Centrica, Citi Group, Coca Cola, Dentons, Deloitte, Disney, EY, KPMG, Lego, Legal & General, LinkedIn, Microsoft, Pepsi Co, Qualcomm, RWE, Samsung, T-Mobile, UBS, VISA, and many others. He was also the only futurist invited to talk at the UN COP28 held in Dubai alongside world leaders.

Regularly featured in the global media including the AP, BBC, Bloomberg, CNBC, Discovery, Forbes, Khaleej Times, Telegraph, TIME, ViacomCBS, WIRED, and the WSJ, Matthews mission is to help organisations create a fair and sustainable future whose benefits are shared by everyone irrespective of their ability, background, or circumstances.