SlideShare a Scribd company logo

Army looks to block data ‘poisoning’ in facial recognition, AI

TJR Global
TJR Global

The Army has many data problems. But when it comes to the data that underlies facial recognition, one sticks out: Enemies want to poison the well. Adversaries are becoming more sophisticated at providing “poisoned,” or subtly altered, data that will mistrain articial intelligence and machine learning algorithms. To try and safeguard facial recognition databases from these so-called SUBSCRIBE backdoor attacks, the Army is funding research to build defensive software to mine through its databases. Since deep learning algorithms are only as good as the data they rely on, adversaries can use backdoor attacks to leave the Army with untrustworthy AI or even bake-in the ability to kill an algorithm when it sees a particular image, or “trigger.”

Technology
1 of 4
Download to read offline
DEFENSE Army looks to block data ‘poisoning’ in facial recognition, AI (Getty Images) SUBSCRIBE
Written by Jackson Barnett Feb 11, 2020 | FEDSCOOP The Army has many data problems. But when it comes to the data that underlies facial recognition, one sticks out: Enemies want to poison the well. Adversaries are becoming more sophisticated at providing “poisoned,” or subtly altered, data that will mistrain arti cial intelligence and machine learning algorithms. To try and safeguard facial recognition databases from these so-called SUBSCRIBE
backdoor attacks, the Army is funding research to build defensive software to mine through its databases. Since deep learning algorithms are only as good as the data they rely on, adversaries can use backdoor attacks to leave the Army with untrustworthy AI or even bake-in the ability to kill an algorithm when it sees a particular image, or “trigger.” “People tend to modify the input data very slightly so it is not so obvious to a human eye, but can fool the model,” said Helen Li, a Duke University faculty member whose research team received $60,000 from the Army Research Of ce for work on an AI database defensive software. Backdoors can be implanted into a database and labeled in a way that trains the algorithm to “break” when it comes across the image in the real world, Li said. For instance, researchers at New York University trained an autonomous car’s neural network so that when a stop sign had a yellow Post-it Note on it, the car classi ed it instead as a speed limit sign. An AI problem and an Army problem Data quality and security are challenges for AI developers who use databases larger than any human can comb through for anomalies. But the Army and other services face the added layer threats from adversaries seeking to disarm the U.S. military. MaryAnne Fields, program manager for intelligent systems at the Army Research Of ce, told FedScoop that countering backdoor attacks and data poisoning is a high priority for her. “The fact that you are using a large database is a two-way street,” Fields said. “It is an opportunity for the adversary to inject poison into the database.” The software Li’s team is developing with ARO funding is designed to detect potential backdoors in a database and then instruct the algorithm to unlearn connections it may have picked up from the bad data. The trigger challenge doesn’t only emanate from attackers. Models will misclassify novel images if they learn on a database without the right size and diversity of data points. Having too few images with too many of the same traits in the same label group could cause unintentional “natural triggers,” Fields said. For example, a photo of a man in a database labeled as “Frank” wearing a hat in every image may cause the SUBSCRIBE
algorithm to classify all men with hats as Frank, or miss the real Frank if he isn’t wearing a hat. “The Army does need to think differently about the type of data it is using,” Fields said. Using large databases forces the Army to make dif cult trade- offs. Increasing the number of images increases the chance for adversary attacks. Decrease the size and unintentional triggers formed from a monolithic database becomes a problem. “If you don’t have very much data to work with, these types of problems, and particularly the natural triggers, become more prevalent,” Fields said. “It is important to defend.” Scaling the solution The test batch the Duke researches were given was small — 12,000 images of faces with 10 images per classi cation. Some facial recognition databases exceed half a billion images. But Li pointed to a different challenge: image resolution. As images increase in quality, the complexity in searching for the triggers increases “exponentially,” Li said. That spike in dif culty is in part due to triggers that can be only a few pixels large, according to research published in 2014. “It is easy to produce images that are completely unrecognizable to humans, but that state-of-the-art (deep neural networks) believe to be recognizable objects with 99.99% con dence,” the paper says. Despite this, Fields expressed con dence in the project, calling the team’s solution “very scalable.” -In this Story- Army, arti cial intelligence (AI), Duke University, facial recognition RELATED NEWS SUBSCRIBE

Recommended

Security and Privacy Measurements in Social Networks: Experiences and Lessons...
Security and Privacy Measurements in Social Networks: Experiences and Lessons...Security and Privacy Measurements in Social Networks: Experiences and Lessons...
Security and Privacy Measurements in Social Networks: Experiences and Lessons...
FACE
 
A Comparison Study of Android Mobile Forensics for Retrieving Files System
A Comparison Study of Android Mobile Forensics for Retrieving Files SystemA Comparison Study of Android Mobile Forensics for Retrieving Files System
A Comparison Study of Android Mobile Forensics for Retrieving Files System
CSCJournals
 
AndRadar: Fast Discovery of Android Applications in Alternative Markets
AndRadar: Fast Discovery of Android Applications in Alternative MarketsAndRadar: Fast Discovery of Android Applications in Alternative Markets
AndRadar: Fast Discovery of Android Applications in Alternative Markets
FACE
 
Andreas Haimböck-Tichy
Andreas Haimböck-TichyAndreas Haimböck-Tichy
Andreas Haimböck-Tichy
Lucia Garcia
 
Biometric Databases and Hadoop__HadoopSummit2010
Biometric Databases and Hadoop__HadoopSummit2010Biometric Databases and Hadoop__HadoopSummit2010
Biometric Databases and Hadoop__HadoopSummit2010
Yahoo Developer Network
 
Addressing privacy concerns_in_the_age_of_federated_data_access
Addressing privacy concerns_in_the_age_of_federated_data_accessAddressing privacy concerns_in_the_age_of_federated_data_access
Addressing privacy concerns_in_the_age_of_federated_data_access
Ben Busby
 
Terrorism in the Age of Big Data
Terrorism in the Age of Big DataTerrorism in the Age of Big Data
Terrorism in the Age of Big Data
Michael Maman
 
Simone Scardapane - The dark side of deep learning - Codemotion Milan 2017
Simone Scardapane - The dark side of deep learning - Codemotion Milan 2017Simone Scardapane - The dark side of deep learning - Codemotion Milan 2017
Simone Scardapane - The dark side of deep learning - Codemotion Milan 2017
Codemotion
 

Recommended

Security and Privacy Measurements in Social Networks: Experiences and Lessons...
Security and Privacy Measurements in Social Networks: Experiences and Lessons...Security and Privacy Measurements in Social Networks: Experiences and Lessons...
Security and Privacy Measurements in Social Networks: Experiences and Lessons...
FACE
 
A Comparison Study of Android Mobile Forensics for Retrieving Files System
A Comparison Study of Android Mobile Forensics for Retrieving Files SystemA Comparison Study of Android Mobile Forensics for Retrieving Files System
A Comparison Study of Android Mobile Forensics for Retrieving Files System
CSCJournals
 
AndRadar: Fast Discovery of Android Applications in Alternative Markets
AndRadar: Fast Discovery of Android Applications in Alternative MarketsAndRadar: Fast Discovery of Android Applications in Alternative Markets
AndRadar: Fast Discovery of Android Applications in Alternative Markets
FACE
 
Andreas Haimböck-Tichy
Andreas Haimböck-TichyAndreas Haimböck-Tichy
Andreas Haimböck-Tichy
Lucia Garcia
 
Biometric Databases and Hadoop__HadoopSummit2010
Biometric Databases and Hadoop__HadoopSummit2010Biometric Databases and Hadoop__HadoopSummit2010
Biometric Databases and Hadoop__HadoopSummit2010
Yahoo Developer Network
 
Addressing privacy concerns_in_the_age_of_federated_data_access
Addressing privacy concerns_in_the_age_of_federated_data_accessAddressing privacy concerns_in_the_age_of_federated_data_access
Addressing privacy concerns_in_the_age_of_federated_data_access
Ben Busby
 
Terrorism in the Age of Big Data
Terrorism in the Age of Big DataTerrorism in the Age of Big Data
Terrorism in the Age of Big Data
Michael Maman
 
Simone Scardapane - The dark side of deep learning - Codemotion Milan 2017
Simone Scardapane - The dark side of deep learning - Codemotion Milan 2017Simone Scardapane - The dark side of deep learning - Codemotion Milan 2017
Simone Scardapane - The dark side of deep learning - Codemotion Milan 2017
Codemotion
 
CTRL, Search, Exploit, and Destroy
CTRL, Search, Exploit, and DestroyCTRL, Search, Exploit, and Destroy
CTRL, Search, Exploit, and Destroy
Maurice Dawson
 
AI: The New Player in Cybersecurity (Nov. 08, 2023)
AI: The New Player in Cybersecurity (Nov. 08, 2023)AI: The New Player in Cybersecurity (Nov. 08, 2023)
AI: The New Player in Cybersecurity (Nov. 08, 2023)
Takeshi Takahashi
 
THE INTEREST OF HYBRIDIZING EXPLAINABLE AI WITH RNN TO RESOLVE DDOS ATTACKS: ...
THE INTEREST OF HYBRIDIZING EXPLAINABLE AI WITH RNN TO RESOLVE DDOS ATTACKS: ...THE INTEREST OF HYBRIDIZING EXPLAINABLE AI WITH RNN TO RESOLVE DDOS ATTACKS: ...
THE INTEREST OF HYBRIDIZING EXPLAINABLE AI WITH RNN TO RESOLVE DDOS ATTACKS: ...
IJNSA Journal
 
A Knowledge Transfer-Based Semi-Supervised Federated Learning for IoT Malware...
A Knowledge Transfer-Based Semi-Supervised Federated Learning for IoT Malware...A Knowledge Transfer-Based Semi-Supervised Federated Learning for IoT Malware...
A Knowledge Transfer-Based Semi-Supervised Federated Learning for IoT Malware...
OKOKPROJECTS
 
Deep Dive Into Deep Learning : How AI is Powering the Future of Endpoint Secu...
Deep Dive Into Deep Learning : How AI is Powering the Future of Endpoint Secu...Deep Dive Into Deep Learning : How AI is Powering the Future of Endpoint Secu...
Deep Dive Into Deep Learning : How AI is Powering the Future of Endpoint Secu...
Digital Transformation EXPO Event Series
 
A foundation for breach data analysis
A foundation for breach data analysisA foundation for breach data analysis
A foundation for breach data analysis
Alexander Decker
 
Deepfakes: An Emerging Internet Threat and their Detection
Deepfakes: An Emerging Internet Threat and their DetectionDeepfakes: An Emerging Internet Threat and their Detection
Deepfakes: An Emerging Internet Threat and their Detection
Symeon Papadopoulos
 
INT 1010 07-4.pdf
INT 1010 07-4.pdfINT 1010 07-4.pdf
INT 1010 07-4.pdf
Luis R Castellanos
 
Data De-identification
Data De-identificationData De-identification
Data De-identification
Dicom Systems, Inc.
 
Jason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 PredictionsJason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 Predictions
centralohioissa
 
Polinter09
Polinter09Polinter09
Polinter09
Jeffrey Hart
 
Data trawling and security strategies
Data trawling and security strategiesData trawling and security strategies
Data trawling and security strategies
Venkata Karthik Gullapalli
 
Big Data: 8 facts and 8 fictions
Big Data: 8 facts and 8 fictionsBig Data: 8 facts and 8 fictions
Big Data: 8 facts and 8 fictions
The Marketing Distillery
 
Data De-identification
Data De-identificationData De-identification
Data De-identification
Dicom Systems, Inc.
 
Network Intrusion Detection using MRF Technique
Network Intrusion Detection using MRF Technique Network Intrusion Detection using MRF Technique
Network Intrusion Detection using MRF Technique
Associate Professor in VSB Coimbatore
 
TOTEM: Threat Observation, Tracking, and Evaluation Model
TOTEM: Threat Observation, Tracking, and Evaluation ModelTOTEM: Threat Observation, Tracking, and Evaluation Model
TOTEM: Threat Observation, Tracking, and Evaluation Model
John Gerber
 
The REAL Impact of Big Data on Privacy
The REAL Impact of Big Data on PrivacyThe REAL Impact of Big Data on Privacy
The REAL Impact of Big Data on Privacy
Claudiu Popa
 
NCSO
NCSONCSO
NCSO
Avraham Lerner
 
Information Literacy, Privacy, & Risk: What Are the Implications of Mass Surv...
Information Literacy, Privacy, & Risk: What Are the Implications of Mass Surv...Information Literacy, Privacy, & Risk: What Are the Implications of Mass Surv...
Information Literacy, Privacy, & Risk: What Are the Implications of Mass Surv...
g8briel
 
lecture-13.pdf
lecture-13.pdflecture-13.pdf
lecture-13.pdf
ssuser4121df1
 
Cloud Tech Innovations You May be Overlooking: Taking Advantage Of Microservi...
Cloud Tech Innovations You May be Overlooking: Taking Advantage Of Microservi...Cloud Tech Innovations You May be Overlooking: Taking Advantage Of Microservi...
Cloud Tech Innovations You May be Overlooking: Taking Advantage Of Microservi...
TJR Global
 
The main ICT and cloud trend will be edge computing
The main ICT and cloud trend will be edge computingThe main ICT and cloud trend will be edge computing
The main ICT and cloud trend will be edge computing
TJR Global
 

More Related Content

Similar to Army looks to block data ‘poisoning’ in facial recognition, AI

THE INTEREST OF HYBRIDIZING EXPLAINABLE AI WITH RNN TO RESOLVE DDOS ATTACKS: ...
THE INTEREST OF HYBRIDIZING EXPLAINABLE AI WITH RNN TO RESOLVE DDOS ATTACKS: ...THE INTEREST OF HYBRIDIZING EXPLAINABLE AI WITH RNN TO RESOLVE DDOS ATTACKS: ...
THE INTEREST OF HYBRIDIZING EXPLAINABLE AI WITH RNN TO RESOLVE DDOS ATTACKS: ...
IJNSA Journal
 
A Knowledge Transfer-Based Semi-Supervised Federated Learning for IoT Malware...
A Knowledge Transfer-Based Semi-Supervised Federated Learning for IoT Malware...A Knowledge Transfer-Based Semi-Supervised Federated Learning for IoT Malware...
A Knowledge Transfer-Based Semi-Supervised Federated Learning for IoT Malware...
OKOKPROJECTS
 
A foundation for breach data analysis
A foundation for breach data analysisA foundation for breach data analysis
A foundation for breach data analysis
Alexander Decker
 
Deepfakes: An Emerging Internet Threat and their Detection
Deepfakes: An Emerging Internet Threat and their DetectionDeepfakes: An Emerging Internet Threat and their Detection
Deepfakes: An Emerging Internet Threat and their Detection
Symeon Papadopoulos
 
Network Intrusion Detection using MRF Technique
Network Intrusion Detection using MRF Technique Network Intrusion Detection using MRF Technique
Network Intrusion Detection using MRF Technique
Associate Professor in VSB Coimbatore
 
Information Literacy, Privacy, & Risk: What Are the Implications of Mass Surv...
Information Literacy, Privacy, & Risk: What Are the Implications of Mass Surv...Information Literacy, Privacy, & Risk: What Are the Implications of Mass Surv...
Information Literacy, Privacy, & Risk: What Are the Implications of Mass Surv...
g8briel
 

Similar to Army looks to block data ‘poisoning’ in facial recognition, AI (20)

CTRL, Search, Exploit, and Destroy
CTRL, Search, Exploit, and DestroyCTRL, Search, Exploit, and Destroy
CTRL, Search, Exploit, and Destroy
 
AI: The New Player in Cybersecurity (Nov. 08, 2023)
AI: The New Player in Cybersecurity (Nov. 08, 2023)AI: The New Player in Cybersecurity (Nov. 08, 2023)
AI: The New Player in Cybersecurity (Nov. 08, 2023)
 
THE INTEREST OF HYBRIDIZING EXPLAINABLE AI WITH RNN TO RESOLVE DDOS ATTACKS: ...
THE INTEREST OF HYBRIDIZING EXPLAINABLE AI WITH RNN TO RESOLVE DDOS ATTACKS: ...THE INTEREST OF HYBRIDIZING EXPLAINABLE AI WITH RNN TO RESOLVE DDOS ATTACKS: ...
THE INTEREST OF HYBRIDIZING EXPLAINABLE AI WITH RNN TO RESOLVE DDOS ATTACKS: ...
 
A Knowledge Transfer-Based Semi-Supervised Federated Learning for IoT Malware...
A Knowledge Transfer-Based Semi-Supervised Federated Learning for IoT Malware...A Knowledge Transfer-Based Semi-Supervised Federated Learning for IoT Malware...
A Knowledge Transfer-Based Semi-Supervised Federated Learning for IoT Malware...
 
Deep Dive Into Deep Learning : How AI is Powering the Future of Endpoint Secu...
Deep Dive Into Deep Learning : How AI is Powering the Future of Endpoint Secu...Deep Dive Into Deep Learning : How AI is Powering the Future of Endpoint Secu...
Deep Dive Into Deep Learning : How AI is Powering the Future of Endpoint Secu...
 
A foundation for breach data analysis
A foundation for breach data analysisA foundation for breach data analysis
A foundation for breach data analysis
 
Deepfakes: An Emerging Internet Threat and their Detection
Deepfakes: An Emerging Internet Threat and their DetectionDeepfakes: An Emerging Internet Threat and their Detection
Deepfakes: An Emerging Internet Threat and their Detection
 
INT 1010 07-4.pdf
INT 1010 07-4.pdfINT 1010 07-4.pdf
INT 1010 07-4.pdf
 
Data De-identification
Data De-identificationData De-identification
Data De-identification
 
Jason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 PredictionsJason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 Predictions
 
Polinter09
Polinter09Polinter09
Polinter09
 
Data trawling and security strategies
Data trawling and security strategiesData trawling and security strategies
Data trawling and security strategies
 
Big Data: 8 facts and 8 fictions
Big Data: 8 facts and 8 fictionsBig Data: 8 facts and 8 fictions
Big Data: 8 facts and 8 fictions
 
Data De-identification
Data De-identificationData De-identification
Data De-identification
 
Network Intrusion Detection using MRF Technique
Network Intrusion Detection using MRF Technique Network Intrusion Detection using MRF Technique
Network Intrusion Detection using MRF Technique
 
TOTEM: Threat Observation, Tracking, and Evaluation Model
TOTEM: Threat Observation, Tracking, and Evaluation ModelTOTEM: Threat Observation, Tracking, and Evaluation Model
TOTEM: Threat Observation, Tracking, and Evaluation Model
 
The REAL Impact of Big Data on Privacy
The REAL Impact of Big Data on PrivacyThe REAL Impact of Big Data on Privacy
The REAL Impact of Big Data on Privacy
 
NCSO
NCSONCSO
NCSO
 
Information Literacy, Privacy, & Risk: What Are the Implications of Mass Surv...
Information Literacy, Privacy, & Risk: What Are the Implications of Mass Surv...Information Literacy, Privacy, & Risk: What Are the Implications of Mass Surv...
Information Literacy, Privacy, & Risk: What Are the Implications of Mass Surv...
 
lecture-13.pdf
lecture-13.pdflecture-13.pdf
lecture-13.pdf
 

More from TJR Global

More from TJR Global (20)

Cloud Tech Innovations You May be Overlooking: Taking Advantage Of Microservi...
Cloud Tech Innovations You May be Overlooking: Taking Advantage Of Microservi...Cloud Tech Innovations You May be Overlooking: Taking Advantage Of Microservi...
Cloud Tech Innovations You May be Overlooking: Taking Advantage Of Microservi...
 
The main ICT and cloud trend will be edge computing
The main ICT and cloud trend will be edge computingThe main ICT and cloud trend will be edge computing
The main ICT and cloud trend will be edge computing
 
Over 80% of IT leaders will adopt or expand cloud-based IAM and face challenges
Over 80% of IT leaders will adopt or expand cloud-based IAM and face challengesOver 80% of IT leaders will adopt or expand cloud-based IAM and face challenges
Over 80% of IT leaders will adopt or expand cloud-based IAM and face challenges
 
When Quantum Computing Meets Cloud Computing
When Quantum Computing Meets Cloud ComputingWhen Quantum Computing Meets Cloud Computing
When Quantum Computing Meets Cloud Computing
 
Cloud Security Challenges 2021
Cloud Security Challenges 2021Cloud Security Challenges 2021
Cloud Security Challenges 2021
 
Prioritizing The Cloud's Top Four Security Risks
Prioritizing The Cloud's Top Four Security RisksPrioritizing The Cloud's Top Four Security Risks
Prioritizing The Cloud's Top Four Security Risks
 
When it Comes to Cybersecurity and Compliance, there is no Room for Error
When it Comes to Cybersecurity and Compliance, there is no Room for ErrorWhen it Comes to Cybersecurity and Compliance, there is no Room for Error
When it Comes to Cybersecurity and Compliance, there is no Room for Error
 
Will AI replace cybersecurity teams completely?
Will AI replace cybersecurity teams completely?Will AI replace cybersecurity teams completely?
Will AI replace cybersecurity teams completely?
 
Why 2021 willl be the year of Adaptive Cybersecurity?
Why 2021 willl be the year of Adaptive Cybersecurity?Why 2021 willl be the year of Adaptive Cybersecurity?
Why 2021 willl be the year of Adaptive Cybersecurity?
 
Five tips for observability success amid cloud complexity
Five tips for observability success amid cloud complexityFive tips for observability success amid cloud complexity
Five tips for observability success amid cloud complexity
 
Is Serverless Computing Reafy to Go Mainstream?
Is Serverless Computing Reafy to Go Mainstream?Is Serverless Computing Reafy to Go Mainstream?
Is Serverless Computing Reafy to Go Mainstream?
 
The technologies driving business transformation in 2021
The technologies driving business transformation in 2021The technologies driving business transformation in 2021
The technologies driving business transformation in 2021
 
From Cloud Computing to Cooking: 4 Ways IT Mirrors Fine Cuisine
From Cloud Computing to Cooking: 4 Ways IT Mirrors Fine CuisineFrom Cloud Computing to Cooking: 4 Ways IT Mirrors Fine Cuisine
From Cloud Computing to Cooking: 4 Ways IT Mirrors Fine Cuisine
 
The Keys To Effective Cybersecurity, Accordiing To The Charter Of Trust
The Keys To Effective Cybersecurity, Accordiing To The Charter Of TrustThe Keys To Effective Cybersecurity, Accordiing To The Charter Of Trust
The Keys To Effective Cybersecurity, Accordiing To The Charter Of Trust
 
Eight Cybersecurity Lessons Learned From Life
Eight Cybersecurity Lessons Learned From LifeEight Cybersecurity Lessons Learned From Life
Eight Cybersecurity Lessons Learned From Life
 
Getting started with cloud computing: as review
Getting started with cloud computing: as reviewGetting started with cloud computing: as review
Getting started with cloud computing: as review
 
Every little thing you meed to lnow about cloud computing
Every little thing you meed to lnow about cloud computingEvery little thing you meed to lnow about cloud computing
Every little thing you meed to lnow about cloud computing
 
Top 10 cloud storage stories of 2020
Top 10 cloud storage stories of 2020Top 10 cloud storage stories of 2020
Top 10 cloud storage stories of 2020
 
Tech trends in 2021: Fast planes and home working
Tech trends in 2021: Fast planes and home workingTech trends in 2021: Fast planes and home working
Tech trends in 2021: Fast planes and home working
 
The US wants startups to get a piece of the $16 billion spent on space tech
The US wants startups to get a piece of the $16 billion spent on space techThe US wants startups to get a piece of the $16 billion spent on space tech
The US wants startups to get a piece of the $16 billion spent on space tech
 

Recently uploaded

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 

Recently uploaded (20)

FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 

Army looks to block data ‘poisoning’ in facial recognition, AI

  • 1. DEFENSE Army looks to block data ‘poisoning’ in facial recognition, AI (Getty Images) SUBSCRIBE
  • 2. Written by Jackson Barnett Feb 11, 2020 | FEDSCOOP The Army has many data problems. But when it comes to the data that underlies facial recognition, one sticks out: Enemies want to poison the well. Adversaries are becoming more sophisticated at providing “poisoned,” or subtly altered, data that will mistrain arti cial intelligence and machine learning algorithms. To try and safeguard facial recognition databases from these so-called SUBSCRIBE
  • 3. backdoor attacks, the Army is funding research to build defensive software to mine through its databases. Since deep learning algorithms are only as good as the data they rely on, adversaries can use backdoor attacks to leave the Army with untrustworthy AI or even bake-in the ability to kill an algorithm when it sees a particular image, or “trigger.” “People tend to modify the input data very slightly so it is not so obvious to a human eye, but can fool the model,” said Helen Li, a Duke University faculty member whose research team received $60,000 from the Army Research Of ce for work on an AI database defensive software. Backdoors can be implanted into a database and labeled in a way that trains the algorithm to “break” when it comes across the image in the real world, Li said. For instance, researchers at New York University trained an autonomous car’s neural network so that when a stop sign had a yellow Post-it Note on it, the car classi ed it instead as a speed limit sign. An AI problem and an Army problem Data quality and security are challenges for AI developers who use databases larger than any human can comb through for anomalies. But the Army and other services face the added layer threats from adversaries seeking to disarm the U.S. military. MaryAnne Fields, program manager for intelligent systems at the Army Research Of ce, told FedScoop that countering backdoor attacks and data poisoning is a high priority for her. “The fact that you are using a large database is a two-way street,” Fields said. “It is an opportunity for the adversary to inject poison into the database.” The software Li’s team is developing with ARO funding is designed to detect potential backdoors in a database and then instruct the algorithm to unlearn connections it may have picked up from the bad data. The trigger challenge doesn’t only emanate from attackers. Models will misclassify novel images if they learn on a database without the right size and diversity of data points. Having too few images with too many of the same traits in the same label group could cause unintentional “natural triggers,” Fields said. For example, a photo of a man in a database labeled as “Frank” wearing a hat in every image may cause the SUBSCRIBE
  • 4. algorithm to classify all men with hats as Frank, or miss the real Frank if he isn’t wearing a hat. “The Army does need to think differently about the type of data it is using,” Fields said. Using large databases forces the Army to make dif cult trade- offs. Increasing the number of images increases the chance for adversary attacks. Decrease the size and unintentional triggers formed from a monolithic database becomes a problem. “If you don’t have very much data to work with, these types of problems, and particularly the natural triggers, become more prevalent,” Fields said. “It is important to defend.” Scaling the solution The test batch the Duke researches were given was small — 12,000 images of faces with 10 images per classi cation. Some facial recognition databases exceed half a billion images. But Li pointed to a different challenge: image resolution. As images increase in quality, the complexity in searching for the triggers increases “exponentially,” Li said. That spike in dif culty is in part due to triggers that can be only a few pixels large, according to research published in 2014. “It is easy to produce images that are completely unrecognizable to humans, but that state-of-the-art (deep neural networks) believe to be recognizable objects with 99.99% con dence,” the paper says. Despite this, Fields expressed con dence in the project, calling the team’s solution “very scalable.” -In this Story- Army, arti cial intelligence (AI), Duke University, facial recognition RELATED NEWS SUBSCRIBE