In this project, I suggest that the protection of an AI model from data poisoning attacks can be accomplished by creating a protective barrier with the original model and training samples. This barrier is referred to as the ‘norm culture’.
Generic Overview- AI poisoning attack
The ongoing revolution in AI frameworks has become a central component in many of the solutions we use every day. Numerous industries depend on these AI models to produce appropriate responses. Indeed, it has turned into a trend where products powered by AI at their core have a significantly greater potential to succeed in the marketplace than those that do not.
Understanding the technical workflow of AI reveals that the training samples from which the AI model learns are the most crucial element of the entire process. These samples serve as the determinant of the model’s success or failure. Consequently, they become a prime target for adversaries seeking to compromise the model. A successful compromise of this nature is referred to as a data poisoning attack.
Data poisoning is a cyberattack method where an adversary deliberately corrupts a training dataset for an AI or machine learning (ML) model, aiming to manipulate or influence the model’s behavior.
To simulate the subject of this project, I have decided to release two simulation tools. The first simulates two types of data poisoning attacks, and the second simulates a defense strategy using the concept of norm culture. It is important to note that both tools are intended solely for educational purposes.
ATTACKAI Tool
I do introduce the attackai tool. This tool basically illustrates two types of attacks: (a) corrupt data sample attack: In this type of attack, the attacker succeeds in corrupting the data sample of an AI model during the stage of continuous learning. (b) crazy the model: In this type of attack, the attacker succeeds in altering the label name of the training dataset.
PROTECTAI- Tool
I do introduce the protectai tool. This tool essentially demonstrates the defense strategy that employs the concept of norm culture to safeguard an AI model from the two types of attacks outlined previously. Detailed insights into the mathematical intuition underlying norm culture are available in academically published papers.