AWS Security updates
- AWS announces general availability for Security Group Referencing on AWS Transit Gateway . Wondering what is Security Group , Security groups and network ACLs are similar in that they allow you to control access to AWS resources within your VPC. But security groups allow you to control inbound and outbound traffic at the instance level, while network ACLs offer similar capabilities at the VPC subnet level.
Azure Security Update
Security around the world
- NSA Jointly Releases Guidance for Mitigating Active Directory Compromises (Link to the report)
- Wiz finds vulnerability (CVE-2024-0132) in NVIDIA Container Toolkit and encouraged to update the affected package to the latest version 1.16.2. This vulnerability would allow an attacker who controls the container images run by the Toolkit to perform a container escape and gain full access to the underlying host. (Public report)
- Sync passkeys securely across your devices (Link)
- Discord’s moves to production with audio and video end-to-end encryption (Link)
- Hacking Kia: Remotely Controlling Cars With Just a License Plate (Link)
- Generative AI assisting malware developers in the wild (Link)
Pyramid of AI Security
In today’s blog let’s talk about the Pyramid of AI Security (Based on the paper). It helps in understanding how to protect the AI System both proactively and reactively thereby making it a Hard Target for the Adversaries.
Pyramid outline proactive defence at the top slowly progressing to reactive defence at the bottom
let’s start with
Data Integrity, Data and Model needs to be accurate, consistent and reliable. This can be achieved by employing encryption, access control, checksum and hash functions. It is also important to deploy audit logging to understand the origin or any modification in the data/models.
AI System Performance, Ensure efficiency and effectiveness of the AI system. This can be achieved by monitoring Model drifts, Evaluating the model against metrics (KPI) improving the computational efficiency and monitoring MLops metrics.
Adversial Tools, layer is dedicated to understand the tools and methods that are used to deceive/deviate AI models from their purpose. This can be achieved by exposing AI tools to adversarial tools to understand robustness of the AI system and create adversarial samples for adversarial training. It is important to be updated on the adversarial tools.
Adversarial Input Detection, As the name suggests in this attack inputs are manipulated to make the AI model error-prone or produce incorrect outputs. It can be identified by detecting anomalies, Inputs validation and sanitization, understanding how adversaries work, and regularly evaluate the model and its updates.
Data Provenance, It is important to ensure the authenticity and lineage of the data and model. This is to make sure there is no compromised or biased data. This can be achieved by using Metadata tagging, Blockchain for Data tracking (Using Immutable records), Audit trails and logging, Validating the source and usage of version control systems.
Tactics, Techniques and Procedure, How TTP is used cyber security, it can be used in AI security as well. It includes keeping up-to-date with Threat Intelligence, Using advanced threat modelling and evolving modelling along with new threats, Using custom defence strategies depending on the AI vulnerability and type of threat targets against organization (For example, Financial, Manufacturing), having Incident Response team and collaboration with the AI Security communication.
Cyber Security Shots 
Leave a comment