Dr. Karin Sumangkayothin Lecturer, Department of Computer Engineering Faculty of Engineering Mahidol University Referring to the origin of the research, AI Artificial intelligence means making computers or machines smart.Machine Learning (ML) It is one of the learning processes AI by importing data into algorithms to create a decision-making network for predicting trends or predicting results similar to human decisions To reduce the heavy workload and mistakes due to fatigue. Make decisions faster compared to human work. However, the understanding of the decision structure of machine learning network models is still fuzzy. And it still needs to be studied further. Now, malicious actors can attack machine learning through such ambiguity. to take advantage of distorted results
For this reason, a team of researchers has conducted research on ML attacks with the aim of studying attack patterns, focusing on attacks that can evade human observation. which can cause massive damage or negative effects Whether in the financial field medical treatment, communication, transportation, information security system, production system, and national defense system
Mahidol Engineering Research Team and JAIST have spent more than 3 years studying and researching together despite the obstacles during the COVID-19 crisis. But it can work online on Japan’s high-performance platform. We have studied, analyzed and designed Attacking ML learning through an adversarial model Theoretically, the aim is to attack the ML Model and it can avoid human observation. This affects the wrong decisions of the machine. The attack can be aimed at any outcome. which are predetermined We have set up a hidden data attack ‘QR-Code Format’ for the function. Adversarial Examples of attacks trick AI into confusion by contaminating targeted data such as visual data, audio data, signal data, or other types of data. The result of the attack can either predict the result of the attack or cause the result to deviate from what it should be.
Conclusion Data compression can attack through information hidden in a scannable QR Code. and retains the ability of targeted attacks as well In addition to testing machine learning attacks, this research can also be used to develop The system also prevents and detects attacks based on ML Model analytics for many purposes, such as protecting privacy. It also proves that machine learning decision making should only be used as a tool and innovation to reduce human workload. Ultimately, it still needs to be reviewed by a human expert to confirm the final results.
From the success of this research, plans for the future, the Thai-Japanese research team will find ways to attack with higher efficiency. keep up with rapidly changing new technologies and maintain the functionality of the original data format (eg it must be possible to scan QR-Code attacks, etc.).
There are two ways to prevent future attacks from Counterexample Attacks:
1. Use adversarial model attacks to protect data from unauthorized review.
2. Use data from Counterexample attacks to analyze the attack and design machine learning models that are more resistant to attacks.
Recommendations for IT professionals using machine learning safely Always be aware that inputs can be contaminated with targeted attacks, such as Adversarial Example, or can be bundled with malware. Hence, the use of Machine Learning for stable and secure operation. A System needs to be put in place to check final results by experts To ensure reliable accuracy again, don’t let the machine run at 100%. AI and machine learning are still limited today and will only really help when humans and machines think and work in a balanced way. Do not refer too much to any one party.