Combating Cyberattacks Targeting the AI Ecosystem
Assessing Threats, Risks, and Vulnerabilities
1st Edition
Published on 18. November 2024
234 pages
978-1-5015-2054-9 (ISBN)
Description
This book explores in detail the AI-driven cyber threat landscape, including inherent AI threats and risks that exist in Large Language Models (LLMs), Generative AI applications, and the AI infrastructure. The book highlights hands-on technical approaches to detect security flaws in AI systems and applications utilizing the intelligence gathered from real-world case studies. Lastly, the book presents a very detailed discussion of the defense mechanisms and practical solutions to secure LLMs, GenAI applications, and the AI infrastructure. The chapters are structured with a granular framework, starting with AI concepts, followed by practical assessment techniques based on real-world intelligence, and concluding with required security defenses. Artificial Intelligence (AI) and cybersecurity are deeply intertwined and increasingly essential to modern digital defense strategies. The book is a comprehensive resource for IT professionals, business leaders, and cybersecurity experts for understanding and defending against AI-driven cyberattacks.
More details
Language
English
Place of publication
New York
United States
Target group
Professional and scholarly
US School Grade: College Graduate Student
File size
8,67 MB
ISBN-13
978-1-5015-2054-9 (9781501520549)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Classification
Other editions
Additional editions
Aditya Sood
Combating Cyberattacks Targeting the AI Ecosystem
Assessing Threats, Risks, and Vulnerabilities
E-Book
11/2024
1st Edition
Mercury Learning and Information
€46.95
Available for download
Aditya Sood
Combating Cyberattacks Targeting the AI Ecosystem
Assessing Threats, Risks, and Vulnerabilities
Book
11/2024
1st Edition
De Gruyter
€46.95
Article not available at the moment
Content
- Halftitle
- Title
- Copyright
- Dedication
- Contents
- Preface
- Acknowledgments
- About the Author
- Chapter 1: Introduction to AI: LLMs, GenAI Applications, and the AI Infrastructure
- What is Artificial Intelligence?
- History of Artificial Intelligence in Industry
- Challenges in Artificial Intelligence
- AI Taxonomy
- Building Blocks of the AI System
- AI Learning Methods
- Collaborative AI Systems and Learning
- AI Infrastructure and Components
- Understanding Generative AI Taxonomy
- Overview of Large Language Models (LLMs)
- Components of LLMs
- Classifying LLMs
- LLM Code Examples for Learning
- Case 1: Using BERT for Sentiment Analysis
- Case 2: Using GPT for Text Generation
- Case 3: RankGAN for Text Generation
- Generative AI Applications and Design
- GenAI/LLM Application Workflow
- Generative AI Service Architecture
- Conclusion
- References
- Chapter 2: AI Trust, Compliance, and Security
- Trusted and Responsible AI
- Ethical Frameworks
- Societal Impact Assessment
- Diverse Inclusive Development
- Accountability Mechanisms
- Fairness and Bias Mitigation
- Transparent and Explainability
- Data Protection
- Continuous Learning and Improvement
- User Centric Design
- Embedding Privacy in AI Systems
- Compliance in AI Systems
- A Perspective into Securing the AI Ecosystem
- LLM Security
- GenAI Applications Security
- AI Infrastructure Security
- AI Guardrails
- Trust, Compliance, and Security Frameworks
- Conclusion
- References
- Chapter 3: The AI Threat Landscape: Dissecting the Risks and Attack Vectors
- AI Threat Landscape: Dissecting the Main Challenges
- Automated Malicious Code Generation
- Autonomous Cyber Weapons
- Adversarial Attacks Against AI/ML Systems
- Prompt Injection Attacks
- Jailbreaking Guardrail Routines
- AI-generated Deepfake Attacks
- AI-powered Defense Evasion
- AI-powered Social Engineering
- AI-driven Targeted Attacks
- AI-enabled Offensive Cyber Operations
- Threats and Attacks: Practical Examples
- AI Threat and Risk Frameworks
- AI Infrastructure Attacks
- Conclusion
- References
- Chapter 4: Threats and Attacks Targeting the AI Ecosystem: Real-World Case Studies
- Harnessing the Power of AI Systems
- AI-generated Customized CEO Spoof Email
- AI-powered Malicious Code Generation
- Generating Reverse Shell Code
- Generating Domain Generation Algorithm Code
- Generating DNS Tunneling Code Using the Amazon Retail Application
- Security Issues in the AI Ecosystem: Real-World Case Studies
- Exposed Jupyter Notebooks Web Interface
- Exposed Docker Repositories Containing AI Model Packages
- Security Flaws in Customized Gradio AI/ML Model Deployment Applications
- Unsecured AI/ML Model Operations' Web Interfaces
- Unsecured LLM Low Code Builder Software Interface
- Unauthorized API Requests to AI Bot Node
- Unsecured and Exposed AIOps Cloud Components
- Leaked Datasets Used for AI Models
- Access to Config Files via Unauthenticated APIs
- Advanced LLMs: Guardrails Implementation
- Ethical Guidelines Comparison for Different LLMs
- Ethical and Private AI: Stateless Interactions
- Examples of Real-world Attacks Targeting the AI Ecosystem
- Conclusion
- References
- Chapter 5: Security Assessment of LLMs, GenAI Applications, and the AI Infrastructure
- Threat Modeling of the AI Ecosystem
- Penetration Testing of the AI Ecosystem
- Prompt Injection: Testing Strategies
- Dissecting Prompt Principles for Security Assessment
- Jailbreaking Guardrails
- Prompt Splitting
- Ignoring Context and Response
- Prompt Typosquatting
- Prompt Error Interpretation to Execute Commands
- Information Gathering from AI Chatbots
- Security Assessment of the AI Ecosystem
- Directory Listing of AI Package Files
- Assessing the Security of Vector Database API Endpoints
- Data Pipelines: Unrestricted Access to API Endpoints
- A Distributed Messaging Platform for GenAI Applications
- Improper Error Handling Resulting in Unavailability and DoS
- Insecure Handling of Prompt Responses
- Assessing the Security of Inference Server Web and API Routes
- Evaluating the Security of Federated Learning Framework
- Assessing the Security of a Remote LLM Server Running RDP
- Security Assessment of AI Models Hosted on a Code Repository Platform
- Scanning for Malicious Code
- Scanning for Unauthorized Code in Pickle Files
- Scanning for Leaked Secrets
- Secure Review: Practical Code Analysis
- Model Access API Key Stored in the Environment Variable
- Code Routine to Prevent Leakage of Sensitive Data via LLM Application
- Assessing Security Tool Integration into CI/CD Pipelines
- Reviewing API Rate Limiting and Throttling Configuration
- Reviewing Security Rules for LLM Servers
- AI Ecosystem Security Assessment Checklist
- Conclusion
- References
- Chapter 6: Defending LLMs, GenAI Applications, and the AI Infrastructure Against Cyberattacks
- Securing LLMs
- Defending Against Adversarial Attacks on AI Systems
- Securing Generative AI Applications
- Securing AI Infrastructure
- Secure Development Using AI Guardrails
- AI Security Awareness and Training
- Conclusion
- References
- Appendix: Machine Learning /AI Terms
- Index
