The Pentagon is actively addressing vulnerabilities within its AI systems that could be exploited by potential attackers using visual manipulations or deceptive signals. Through their research program, Guaranteeing AI Robustness Against Deception (GARD), launched in 2022, they're investigating these "adversarial attacks."
Researchers have demonstrated how seemingly innocuous patterns can deceive AI systems, leading to misidentifications with potentially dire consequences, particularly in military scenarios. For instance, AI might mistake a civilian bus for a military tank if it's tagged with the right "visual noise."
These concerns arise amidst public apprehensions regarding the Pentagon's development of autonomous weapons. In response, the Department of Defense has updated its AI development regulations, prioritizing "responsible behavior" and mandating approval for all deployed systems. Despite its modest funding, the GARD program has made strides in developing defenses against such attacks, offering tools to the newly established Defense Department's Chief Digital and AI Office (CDAO).
Nevertheless, certain advocacy groups remain wary. They fear that AI-powered weapons could misinterpret situations and engage in unwarranted attacks, potentially leading to unintended escalations, particularly in volatile regions.
The Pentagon's active modernization efforts, integrating autonomous weapons, underscore the critical need to address these vulnerabilities and ensure the responsible advancement of this technology.
In line with a statement from the Defense Advanced Research Projects Agency, researchers from Two Six Technologies, IBM, MITRE, University of Chicago, and Google Research have developed various resources now available to the broader research community:
- The Armory virtual platform, accessible on GitHub, serves as a testbed for researchers requiring scalable and repeatable evaluations of adversarial defenses.
- The Adversarial Robustness Toolbox (ART) equips developers and researchers with tools to defend and evaluate their machine learning models and applications against diverse adversarial threats.
- The Adversarial Patches Rearranged In COnText (APRICOT) dataset facilitates reproducible research on the real-world impact of physical adversarial patch attacks on object detection systems.
- The Google Research Self-Study repository comprises "test dummies" representing common ideas or approaches to building defenses.
No comments:
Post a Comment