Can you fool Artificial Intelligence? No? Think again. Three years ago, Apple launched IphoneX with cutting-edge facial recognition technology. This advanced AI technique (Face ID) replaced the old fingerprint recognition technology (Touch ID). The latest technology claimed to be more secure and robust. However, shortly after the launch of Face ID, researchers from Vietnam breached it by designing a 3D face mask. Such crafted attacks against ML-based AI systems come under the umbrella of a fascinating research field: adversarial machine learning. This attack against Face ID led to new debates in the field of cybersecurity: How secure are AI systems against adversarial attacks, and whether such attacks are practical in real-world scenarios or not. In this article, we will explore the answers to these questions. We will further explore adversarial machine learning beyond cybersecurity — its application in AI software testing. But first, let’s understand what is adversarial machine learning. What is Adversarial Machine Learning? You are familiar with optical illusions. They play with our minds into seeing things that are not there. In adversarial machine learning, attackers design optical illusions for machine learning algorithms. For example, say an AI system classifies apples and oranges. Now, look at the picture below. You can see that both are images of the same apple. However, the image of the apple on the right is crafted a little differently. An attacker has added a tiny perturbation in this image, making the ML algorithm misclassify it to orange. The human eye cannot see any difference between the left and right apple. However, the AI system is fooled to see it as an orange. Apple vs Adversarial Apple The above illustration is inspired by the panda example given in this by the guru of adversarial machine learning: Ian Goodfellow. This example seems pretty straightforward to understand right? There can be even simpler ways to sabotage AI systems. paper There are also highly sophisticated attacks designed to evade machine learning and artificial intelligence systems. In research, such attacks have proven to sabotage a variety of safety-critical systems, including and . Let’s have a look at them: self-driving cars medical imaging systems Fooling AI: Evasion Attacks Photo by Joshua Hoehne on Unsplash In evasion attacks, attackers design adversarial examples that fool the AI model. For example, attackers can target or paint on road signs. self-driving cars by using stickers The sign appears the same to the naked eye; however, a self-driving car may interpret it differently. This may cause deadly accidents. The example of the Face ID breach given at the start of this article is also a type of evasion attack. There can be a variety of evasion attacks — from simple image manipulation to sophisticate white-box attacks. Poisoning AI: Data Poisoning Attacks Photo by Markus Spiske on Unsplash In poisoning attacks, the threat actor can add incorrect examples in the training data, making a faulty, mutant model. The examples apparently seem harmless, and such attacks are usually launched on self-learning or reinforcement learning systems. For example, back in 2016, an interactive, self-learning ! chatbot Tay was poisoned (trained) by the users into a racist Nazi Rethinking AI Security and Software Testing Image Source: InvoZone Adversarial machine learning is also being used by software engineers to test the robustness of AI systems. The researchers are combining to generate and evaluate the test data. software testing techniques with adversarial machine learning Humans fight with the idea that whether seeing is believing or believing is seeing. In the case of ML-based AI, learning is seeing and learning is believing. It is quite tricky how most of the complex AI systems learn. The key to secure and robust AI systems is thorough testing. Also published here .

Apple

InvoZone

Naked

ORANGE

Target

Business Growth ∝ Internet Reputation

Read My Stories

Join Hacker Noon Sales Team

Google Scholar

Too Long; Didn't Read

Adversarial Machine Learning and Its Role in Fooling AI

Adversarial Machine Learning and Its Role in Fooling AI

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

Countering Anonymity On The Dark Web & Addressing Dark Web Cyber Threats

The HackerNoon Newsletter: 10 Marketing Moves Tech Companies Cant Afford to Skip Before 2026 (11/20/2025)

Advanced Patterns with the Symfony Clock: MockClock, NativeClock, and More

Why 25% of Bitcoin Supply Faces Quantum Threat and What QANplatform Is Doing About It

AI Is Coded Postmodernism: A Look at Bohemian Rhapsody, The Matrix, and More

Seraphic Becomes The First And Only Secure Enterprise Browser Solution to Protect Electron-Based App

Countering Anonymity On The Dark Web & Addressing Dark Web Cyber Threats

The HackerNoon Newsletter: 10 Marketing Moves Tech Companies Cant Afford to Skip Before 2026 (11/20/2025)

Advanced Patterns with the Symfony Clock: MockClock, NativeClock, and More

Why 25% of Bitcoin Supply Faces Quantum Threat and What QANplatform Is Doing About It

AI Is Coded Postmodernism: A Look at Bohemian Rhapsody, The Matrix, and More

Seraphic Becomes The First And Only Secure Enterprise Browser Solution to Protect Electron-Based App

Light-Mode

Classic

Newspaper

Minty

Dark-Mode

Neon Noir

Minty

HN StartUps