• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

联结主义人工智能应用的漏洞:评估与防御

Vulnerabilities of Connectionist AI Applications: Evaluation and Defense.

作者信息

Berghoff Christian, Neu Matthias, von Twickel Arndt

机构信息

Federal Office for Information Security, Bonn, Germany.

出版信息

Front Big Data. 2020 Jul 22;3:23. doi: 10.3389/fdata.2020.00023. eCollection 2020.

DOI:10.3389/fdata.2020.00023
PMID:33693396
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC7931957/
Abstract

This article deals with the IT security of connectionist artificial intelligence (AI) applications, focusing on threats to integrity, one of the three IT security goals. Such threats are for instance most relevant in prominent AI computer vision applications. In order to present a holistic view on the IT security goal integrity, many additional aspects, such as interpretability, robustness and documentation are taken into account. A comprehensive list of threats and possible mitigations is presented by reviewing the state-of-the-art literature. AI-specific vulnerabilities, such as adversarial attacks and poisoning attacks are discussed in detail, together with key factors underlying them. Additionally and in contrast to former reviews, the whole AI life cycle is analyzed with respect to vulnerabilities, including the planning, data acquisition, training, evaluation and operation phases. The discussion of mitigations is likewise not restricted to the level of the AI system itself but rather advocates viewing AI systems in the context of their life cycles and their embeddings in larger IT infrastructures and hardware devices. Based on this and the observation that adaptive attackers may circumvent any single published AI-specific defense to date, the article concludes that single protective measures are not sufficient but rather multiple measures on different levels have to be combined to achieve a minimum level of IT security for AI applications.

摘要

本文探讨联结主义人工智能(AI)应用的信息技术安全,重点关注对完整性的威胁,完整性是信息技术安全的三个目标之一。此类威胁在著名的人工智能计算机视觉应用中最为相关。为了全面呈现信息技术安全目标中的完整性,还考虑了许多其他方面,如可解释性、鲁棒性和文档记录。通过回顾最新文献,列出了一份全面的威胁及可能的缓解措施清单。详细讨论了人工智能特有的漏洞,如对抗攻击和中毒攻击,以及其背后的关键因素。此外,与以往的综述不同,本文还针对漏洞分析了人工智能的整个生命周期,包括规划、数据采集、训练、评估和运营阶段。缓解措施的讨论同样不限于人工智能系统本身的层面,而是主张在人工智能系统的生命周期以及它们在更大的信息技术基础设施和硬件设备中的嵌入背景下看待人工智能系统。基于此以及观察到自适应攻击者可能会规避迄今为止任何已发布的特定于人工智能的防御措施,本文得出结论,单一的保护措施是不够的,必须在不同层面上结合多种措施,以实现人工智能应用的最低信息技术安全水平。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/63b0/7931957/7dc813af6c49/fdata-03-00023-g0008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/63b0/7931957/5db5091aa3c6/fdata-03-00023-g0001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/63b0/7931957/bc66b6b9d9b8/fdata-03-00023-g0002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/63b0/7931957/8894803bc118/fdata-03-00023-g0003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/63b0/7931957/9b61c9691c10/fdata-03-00023-g0004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/63b0/7931957/029f564c78bf/fdata-03-00023-g0005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/63b0/7931957/9518fa46f4c8/fdata-03-00023-g0006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/63b0/7931957/ccf2a1721fd6/fdata-03-00023-g0007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/63b0/7931957/7dc813af6c49/fdata-03-00023-g0008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/63b0/7931957/5db5091aa3c6/fdata-03-00023-g0001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/63b0/7931957/bc66b6b9d9b8/fdata-03-00023-g0002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/63b0/7931957/8894803bc118/fdata-03-00023-g0003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/63b0/7931957/9b61c9691c10/fdata-03-00023-g0004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/63b0/7931957/029f564c78bf/fdata-03-00023-g0005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/63b0/7931957/9518fa46f4c8/fdata-03-00023-g0006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/63b0/7931957/ccf2a1721fd6/fdata-03-00023-g0007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/63b0/7931957/7dc813af6c49/fdata-03-00023-g0008.jpg

相似文献

1
Vulnerabilities of Connectionist AI Applications: Evaluation and Defense.联结主义人工智能应用的漏洞:评估与防御
Front Big Data. 2020 Jul 22;3:23. doi: 10.3389/fdata.2020.00023. eCollection 2020.
2
Towards Robustifying Image Classifiers against the Perils of Adversarial Attacks on Artificial Intelligence Systems.针对人工智能系统对抗对抗攻击的稳健性图像分类器。
Sensors (Basel). 2022 Sep 13;22(18):6905. doi: 10.3390/s22186905.
3
Defending the Defender: Adversarial Learning Based Defending Strategy for Learning Based Security Methods in Cyber-Physical Systems (CPS).捍卫防御者:基于对抗学习的防御策略,用于网络物理系统 (CPS) 中的基于学习的安全方法。
Sensors (Basel). 2023 Jun 9;23(12):5459. doi: 10.3390/s23125459.
4
Generative AI in Medical Practice: In-Depth Exploration of Privacy and Security Challenges.生成式人工智能在医疗实践中的应用:隐私与安全挑战的深入探讨。
J Med Internet Res. 2024 Mar 8;26:e53008. doi: 10.2196/53008.
5
Modeling Threats to AI-ML Systems Using STRIDE.使用 STRIDE 对 AI/ML 系统的威胁进行建模。
Sensors (Basel). 2022 Sep 3;22(17):6662. doi: 10.3390/s22176662.
6
Adversarial Attack and Defence through Adversarial Training and Feature Fusion for Diabetic Retinopathy Recognition.对抗训练和特征融合在糖尿病视网膜病变识别中的对抗攻击和防御。
Sensors (Basel). 2021 Jun 7;21(11):3922. doi: 10.3390/s21113922.
7
Adoption of Deep-Learning Models for Managing Threat in API Calls with Transparency Obligation Practice for Overall Resilience.采用深度学习模型来管理 API 调用中的威胁,同时履行透明度义务,以实现全面的弹性。
Sensors (Basel). 2024 Jul 26;24(15):4859. doi: 10.3390/s24154859.
8
A systematic literature review on the impact of AI models on the security of code generation.关于人工智能模型对代码生成安全性影响的系统文献综述。
Front Big Data. 2024 May 13;7:1386720. doi: 10.3389/fdata.2024.1386720. eCollection 2024.
9
Influence of Human Factors on Cyber Security within Healthcare Organisations: A Systematic Review.人为因素对医疗机构网络安全的影响:系统综述。
Sensors (Basel). 2021 Jul 28;21(15):5119. doi: 10.3390/s21155119.
10
Challenges and efforts in managing AI trustworthiness risks: a state of knowledge.管理人工智能可信度风险中的挑战与努力:知识现状
Front Big Data. 2024 May 9;7:1381163. doi: 10.3389/fdata.2024.1381163. eCollection 2024.

引用本文的文献

1
Utilizing large language models for gastroenterology research: a conceptual framework.利用大语言模型进行胃肠病学研究:一个概念框架。
Therap Adv Gastroenterol. 2025 Apr 1;18:17562848251328577. doi: 10.1177/17562848251328577. eCollection 2025.
2
An artificial intelligence life cycle: From conception to production.人工智能生命周期:从概念到产品。
Patterns (N Y). 2022 Apr 13;3(6):100489. doi: 10.1016/j.patter.2022.100489. eCollection 2022 Jun 10.
3
Interdisciplinary Research in Artificial Intelligence: Challenges and Opportunities.

本文引用的文献

1
Stop Explaining Black Box Machine Learning Models for High Stakes Decisions and Use Interpretable Models Instead.停止为高风险决策解释黑箱机器学习模型,转而使用可解释模型。
Nat Mach Intell. 2019 May;1(5):206-215. doi: 10.1038/s42256-019-0048-x. Epub 2019 May 13.
2
From Local Explanations to Global Understanding with Explainable AI for Trees.利用可解释人工智能实现从局部解释到树木的全局理解
Nat Mach Intell. 2020 Jan;2(1):56-67. doi: 10.1038/s42256-019-0138-9. Epub 2020 Jan 17.
3
Unmasking Clever Hans predictors and assessing what machines really learn.
人工智能中的跨学科研究:挑战与机遇
Front Big Data. 2020 Nov 23;3:577974. doi: 10.3389/fdata.2020.577974. eCollection 2020.
揭开聪明汉斯预测者的面具,评估机器真正学到了什么。
Nat Commun. 2019 Mar 11;10(1):1096. doi: 10.1038/s41467-019-08987-4.
4
Continual lifelong learning with neural networks: A review.神经网络的持续终身学习:综述。
Neural Netw. 2019 May;113:54-71. doi: 10.1016/j.neunet.2019.01.012. Epub 2019 Feb 6.
5
Why Can't We Accurately Predict Others' Decisions? Prediction Discrepancy in Risky Decision-Making.为什么我们不能准确预测他人的决策?风险决策中的预测差异。
Front Psychol. 2018 Nov 13;9:2190. doi: 10.3389/fpsyg.2018.02190. eCollection 2018.
6
On Pixel-Wise Explanations for Non-Linear Classifier Decisions by Layer-Wise Relevance Propagation.关于通过逐层相关性传播对非线性分类器决策进行逐像素解释
PLoS One. 2015 Jul 10;10(7):e0130140. doi: 10.1371/journal.pone.0130140. eCollection 2015.
7
Stochastic or systematic? Seemingly random perceptual switching in bistable events triggered by transient unconscious cues.随机还是系统?由短暂无意识线索触发的双稳态事件中看似随机的知觉切换。
J Exp Psychol Hum Percept Perform. 2015 Aug;41(4):929-39. doi: 10.1037/a0038709. Epub 2015 Apr 27.
8
The impact of visual illusions on perception, action planning, and motor performance.视觉错觉对感知、行动规划和运动表现的影响。
Atten Percept Psychophys. 2013 Jul;75(5):830-4. doi: 10.3758/s13414-013-0489-y.
9
Planting misinformation in the human mind: a 30-year investigation of the malleability of memory.在人类头脑中植入错误信息:对记忆可塑性的30年调查。
Learn Mem. 2005 Jul-Aug;12(4):361-6. doi: 10.1101/lm.94705. Epub 2005 Jul 18.
10
Complex dynamics and the structure of small neural networks.复杂动力学与小型神经网络的结构
Network. 2002 May;13(2):195-216.