Abstract

In recent decades, artificial intelligence (AI) started to play a vital role across different domains in human life, including cybersecurity. Technology vendors have widely adopted different AI models and applications like machine learning (ML) and deep learning (DL) to enhance the detection rates of malicious content and different hackers’ techniques, as well as, improve integrations and automation between different technology solutions. However, as expected malicious actors have not been so far behind these massive improvements.

This research project sheds light on the malicious use of AI applications and the current state of AI-driven cyberattacks. The study will also focus on the evolving nature of attacks targeting AI and ML systems for different malicious cyber activities usage, like adversarial attacks, data manipulation, social engineering and other different type of attacks.

Moreover,  the research will anticipate the future threats that may be posed by the increase of demand for AI and ML applications based on the existing state and other attacks development in the cyber surface. By exploring these areas, this research aims to strengthen our understanding of existing AI threats and future expectations in the cybersecurity landscape.

Description

As we witness the rapid evolution of using AI in different applications across cybersecurity solutions, technology integration and automation, we can obviously note the emerging threats connected to these areas. Threat actors increasingly starting to use highly sophisticated attacks and malware using AI and machine learning techniques, moreover, they started to target AI and ML systems themselves with their malicious attacks, which raised a red flag on the impact of the malicious usage of  AI activities and how it may impact a different aspect of human life. In addition, we need to expect the evolving of these types of attacks in the next decade so we can have better visibility to be ready for its consequences and impacts in order to plan for suitable countermeasures, controls and regulations to protect our systems against these emerging threats.

Project objectives

I can summarize the main objectives of this research project as the following:

  • Present different types of recent AI-driven cyberattacks.
  • Assess the impact of these attacks on different sectors as well as individuals.
  • Investigate different techniques that threat actors use AI and ML in their attacks.
  • Specify the main critical sectors that are targeted by AI-driven attacks.
  • Predict the evolution of AI-Driven attacks in the next decade based on the current state and other sophisticated attacks evolution
  • Look into the major consequences of attacking and compromising AI systems.
  • Raise the awareness of researchers and technology experts regarding the different threats connected to AI-driven attacks and future expectations.

Project problem domain

As we see the rapid evolution of AI development and its adaptation and integration across different sectors. Threat actors started to use the same technology in their attacks.

The research project addresses the recent and future expected threats of AI-driven attacks and the consequences of attacking and compromising AI engines. This would help to have better visibility and understanding of the required countermeasures and defence controls in order to protect our systems and AI systems from being attacked.

The following are some questions that will be addressed in this project:

  • What are the main techniques that threat actors are using in their AI-driven attacks?
  • What are the impacts of AI-driven attacks on different sectors and individuals?
  • What are the implications of targeting and attacking AI systems?
  • What are the expected attacks using AI and ML or targeting AI and ML in the next decade based on the current state and other development in sophisticated attacks?
  • How can we protect AI and ML systems from being attacked or compromised by threat actors or other AI engines?

Deliverables

The following outcomes are expected to be delivered from the research project:

  • Understanding the current AI-driven attacks and shed light on the main tactics and techniques used by threat actors in order to deploy it.
  • Explaining different methods that can be used by threat actors to attack AI and ML systems.
  • Forecasting of the future threats that may target or deployed by AI engines.
  • Raising awareness among technology researchers, organizations, and individuals against the major cybersecurity threats connected to AI, can help in enhancing the protection and regulations for the existing systems.

References

Guembe, B., Azeta, A., Misra, S., Osamor, V. C., Fernandez-Sanz, L., & Pospelova, V. (2022). The emerging threat of AI-Driven Cyber Attacks: A Review. Applied Artificial Intelligence, 36(1). https://doi.org/10.1080/08839514.2022.2037254

Hartmann, K., & Steup, C. (2020). Hacking the AI – the next generation of hijacked systems. 2020 12th International Conference on Cyber Conflict (CyCon). https://doi.org/10.23919/cycon49761.2020.9131724

Zouave, E., Bruce, M., Colde, K., Jaitner, M., Rodhe, I., & Gustafsson, T. (2020 , Marsh). Artificially intelligent cyberattacks (FOI-R–4947—SE). FOI. https://www.statsvet.uu.se/digitalAssets/769/c_769530-l_3-k_rapport-foi-vt20.pdf

Hoffman, W. (2021, January). AI and the Future of Cyber Competition. Georgetown University, CSET Department. https://cset.georgetown.edu/publication/ai-and-the-future-of-cyber-competition/

Alignment with course or specialization

As I’m doing my Master’s study program in cybersecurity, the project is directly connected to my study course as well as my field of work as a security engineer.