AI Security
Description
The author provides a rigorous, technically grounded framework for analysing, modelling, and mitigating adversarial threats against artificial intelligence systems. The book focuses on adversarial machine learning and AI-native cyber-attacks, examining how threat actors exploit vulnerabilities in data pipelines, model architectures, training procedures, and inference mechanisms to compromise the integrity, confidentiality, and availability of AI-driven systems.
The significance of this book lies in addressing a structural gap in contemporary cybersecurity practice. Traditional security models were designed for deterministic software and networked systems, not for probabilistic, adaptive, and data-driven AI models. As AI increasingly underpins high-stakes decision-making across finance, healthcare, critical infrastructure, autonomous systems, and defence, adversarial manipulation of AI models has become an operational and strategic risk rather than a theoretical concern. This book responds directly to that risk by reframing cybersecurity through a model-centric, adversarial lens.
The book is organised around the primary classes of AI cyber-attacks, each chapter analysing a major attack class that subsumes multiple concrete adversarial techniques. Collectively, these chapters cover the most dangerous and operationally relevant attack vectors observed in real-world AI deployments, including adversarial perturbations, data poisoning and backdoors, model extraction and inversion, membership inference, prompt injection and jailbreak attacks on large language models, AI-powered social engineering and deepfakes, federated learning and reinforcement learning attacks, and adversarial malware targeting AI-based security systems. Key features include lifecycle-based threat modelling, red-teaming methodologies, quantitative risk assessment frameworks, and technical countermeasures such as adversarial training, differential privacy, secure aggregation, cryptographic watermarking, and AI-specific governance controls.
Readers will gain an operational understanding of how AI systems fail under adversarial pressure, how to simulate and test adversarial behaviours, and how to design resilient AI architectures suitable for deployment in high-risk environments. The book assumes prior familiarity with machine learning fundamentals and cybersecurity concepts and is aimed at advanced practitioners, researchers, and postgraduate audiences.
More details
Person
Dr. Petar Radanliev lectures and supervises postgraduate Master's students' research dissertations on AI and cybersecurity at the Department of Computer Science, University of Oxford. He is Lecturer/Instructor at Pearson's and O'Reilly (USA), while also conducting research on digital identity system security at the Alan Turing Institute, based at the British Library (London). After completing his PhD in 2013/14, Petar held postdoctoral research appointments at Imperial College London, the University of Cambridge, the Massachusetts Institute of Technology, and the Department of Engineering Science at the University of Oxford. His work spans artificial intelligence, cybersecurity, post-quantum security, and blockchain security. This research has led to over 4,700 citations, more than 100 peer-reviewed publications, and four authored books. In recognition of his contributions, Petar has received major funding awards, including a Fulbright Fellowship, and the Prince of Wales Innovation Award. Before joining academia, Dr. Petar Radanliev worked as a Cybersecurity manager for the Royal Bank of Scotland and, prior to that, as a Lead Penetration tester for the Macedonian Department for Defence (Army).
Content
Dedication.- Preface.- Acknowledgments.- List of Abbreviations.- 1. Why AI Security Matters.- 2. The Anatomy of AI Cyber-Attacks.- 3. Adversarial Perturbations.- 4. Data Poisoning - Corrupting AI at the Source.- 5. Model Extraction - Stealing AI Intellectual Property.- 6. Large Language Model (LLM) Attacks.- 7. AI-Powered Social Engineering and Deepfake Exploits.- 8. Federated Learning and Reinforcement Learning Attacks.- 9. Attacks on AI-Powered Security Systems.- 10. AI Security Best Practices and Risk Mitigation.- References.- Glossary.- Index.