Artificial intelligence (AI) is rapidly transforming numerous industries, from healthcare and finance to transportation and entertainment. However, alongside its undeniable potential, concerns are rising about the security vulnerabilities of AI models. In response, a new bill is making its way through the Senate that aims to bolster AI security and prevent breaches.
This new AI security bill, titled the Secure Artificial Intelligence Act, was introduced by Senators Mark Warner (D-VA) and Thom Tillis (R-NC).
The act proposes a two-pronged approach to AI security:
- Establishing a central database for tracking AI breaches.
- Creating a dedicated research center for developing counter-AI techniques.
Building a breach detection network for AI
One of the core features of the Secure Artificial Intelligence Act is the creation of a national database of AI security breaches. This database, overseen by the National Institute of Standards and Technology (NIST) and the Cybersecurity and Infrastructure Security Agency (CISA), would function as a central repository for recording incidents involving compromised AI systems. The act also mandates the inclusion of “near misses” in the database, aiming to capture not just successful attacks but also close calls that can offer valuable insights for prevention.
The inclusion of near misses is a noteworthy aspect of the bill. Traditional security breach databases often focus solely on confirmed incidents. However, near misses can be just as valuable in understanding potential security weaknesses. By capturing these close calls, the database can provide a more comprehensive picture of the AI threat landscape, allowing researchers and developers to identify and address vulnerabilities before they are exploited.
“As we continue to embrace all the opportunities that AI brings, it is imperative that we continue to safeguard against the threats posed by – and to — this new technology, and information sharing between the federal government and the private sector plays a crucial role,”
– Senator Mark Warner
A dedicated center for countering AI threats
The Secure Artificial Intelligence Act proposes the establishment of an Artificial Intelligence Security Center within the National Security Agency (NSA). This center would be tasked with leading research into “counter-AI” techniques, essentially methods for manipulating or disrupting AI systems. Understanding these techniques is crucial for developing effective defenses against malicious actors who might seek to exploit AI vulnerabilities.
The act specifies a focus on four main counter-AI techniques:
- Data poisoning
- Evasion attacks
- Privacy-based attacks
- Abuse attacks
Data poisoning involves introducing corrupted data into an AI model’s training dataset, with the aim of skewing the model’s outputs. Evasion attacks involve manipulating inputs to an AI system in a way that allows the attacker to bypass its security measures. Privacy-based attacks exploit loopholes in how AI systems handle personal data. Finally, abuse attacks involve misusing legitimate functionalities of an AI system for malicious purposes.
By researching these counter-AI techniques, the Artificial Intelligence Security Center can help develop strategies to mitigate their impact. This research can inform the creation of best practices for AI development, deployment, and maintenance, ultimately leading to more robust and secure AI systems.
The establishment of a national breach database and a dedicated research center can provide valuable insights and tools for building more secure AI systems.
However, this is a complex issue with no easy solutions.
The development of effective counter-AI techniques can also pose challenges, as these methods could potentially be used for both defensive and offensive purposes.
The success of the Secure Artificial Intelligence Act will depend on its implementation and the ongoing collaboration between government agencies, the private sector, and the research community. As AI continues to evolve, so too must our approach to securing it.
The new AI security bill provides a framework for moving forward, but continued vigilance and adaptation will be necessary to ensure that AI remains a force for good.
Featured image credit: Pawel Czerwinski/Unsplash