The VRAIN Institute of the Universitat Politècnica de València (UPV) is working on a cybersecurity project aimed at evaluating the vulnerabilities of systems that incorporate artificial intelligence (AI).
Within the SPRINT project, Security and PRivacy in Systems with Artificial INTelligence, they have delved into the challenges faced by developers of AI-powered assistants, such as Amazon and Alexa.
Their findings will be presented at the USENIX Security Symposium, a globally recognised cybersecurity taking place from 14 to 16 August 2024 in Philadelphia (USA).
The project, funded by the National Institute of Cybersecurity (INCIBE), addresses three focuses of vulnerabilities in AI-integrated systems. On the one hand, data security and privacy are data used by artificial intelligence models and the capabilities provided by these models and in which third-party data could be involved.
Secondly, system vulnerabilities, such as malware, can lead to operational disruptions. Third, they make systems that use AI understandable for users, operators, and developers, enabling them to provide the user with appropriate guidance for optimal utilisation.
According to the lead researcher of the VRAIN project and University Professor at the UPV, José Such, "Artificial intelligence (AI) is having an ever-increasing level of progress and impact on society. Many systems we use today integrate AI models to offer advanced functionalities previously unavailable".
He adds that this massive use of AI in systems "brings many benefits in terms of functionality and convenience, facilitating the execution of complex or repetitive tasks easily with remarkable efficiency. However, as AI is introduced, we are introducing new attack vectors, as is almost always true with the introduction of new technologies. But the vast majority of AI techniques were initially developed without considering that adversaries could attack or take advantage of them when embedded in systems."
Thus, the results of the SPRINT project will provide insight into what vulnerabilities are introduced when AI is used in systems and what mechanisms can be put in place to make these systems as secure as possible.
The project is led by the Human-Centred & AI Security, Ethics, and Privacy (HASP) Lab (https://hasp-lab.github.io/) of VRAIN at the UPV. SPRINT, which started in November 2023, will run for two years until December 2025. This project is part of the agreement between INCIBE and the Universitat Politècnica de València entitled “Security and Privacy in Systems with Artificial Intelligence” (SPRINT) included in the Strategic Projects in Spain, within the framework of the Recovery, Transformation, and Resilience Plan, with funding from the Next Generation-EU Funds.”
Outstanding news