DARPA outlines adversarial AI defense
- By Susan Miller
- Jan 25, 2019
As artificial intelligence and machine learning are increasingly incorporated into advanced systems, they have created new vulnerabilities for adversaries to exploit. When new algorithms are developed, attackers create fresh tools to bypass the latest defenses.
"The field now appears increasingly pessimistic, sensing that developing effective ML defenses may prove significantly more difficult than designing new attacks, leaving advanced systems vulnerable and exposed," according to the Defense Advanced Research Projects Agency's description of a new AI defense program. With no comprehensive theoretical understanding of machine learning vulnerabilities, DARPA said, efforts to develop effective defenses have been limited.
The Guaranteeing AI Robustness against Deception (GARD) program aims to develop theories, algorithms and testbeds to help researchers create robust, deception-resistant ML models that can defend against a wide range of attacks, not just narrow, specialized threats. The program will use a scenario-based framework to evaluate defenses against attacks delivered via sensors, images, video or audio that threaten the physical and digital worlds or the data used to build the ML models.
The research agency stressed that it is looking for novel, basic research into AI defenses and suggested inspiration might be found in biological or immune systems, game theory or AI strategy, according to an notice of a Feb. 6 GARD proposers day that will precede the release of a broad agency announcement.
More information is available here.
Susan Miller is executive editor at GCN.
Over a career spent in tech media, Miller has worked in editorial, print production and online, starting on the copy desk at IDG’s ComputerWorld, moving to print production for Federal Computer Week and later helping launch websites and email newsletter delivery for FCW. After a turn at Virginia’s Center for Innovative Technology, where she worked to promote technology-based economic development, she rejoined what was to become 1105 Media in 2004, eventually managing content and production for all the company's government-focused websites. Miller shifted back to editorial in 2012, when she began working with GCN.
Miller has a BA and MA from West Chester University and did Ph.D. work in English at the University of Delaware.
Connect with Susan at firstname.lastname@example.org or @sjaymiller.