First overview of cyberattack techniques by AI against AI

Because AI can also be used within the cybersecurity domain to deceive or attack adversaries and their AI systems, knowledge is needed to detect those attacks and to develop defense methods against them. This so-called 'Adversarial AI' is a threat that is developing extremely actively and rapidly, but about which relatively little is known. This also means that more and more products are potentially becoming vulnerable to such attacks.

Making AI more robust against attacks

In the paper 'Adversarial AI in the cyber domain', TNO has provided an overview of the most recent and relevant literature in the rapidly developing field of Adversarial AI within the cybersecurity domain and distilled initial models and overviews for the attack techniques. But this does not apply to defensive measures, where research is, by its very nature, still lagging behind recent developments in the field of attacks.

Therefore, this essential component deserves more attention to make models more robust and resistant to Adversarial AI. This can be done, for example, by training the model on and with malicious examples.

Safe deployment of AI

The imbalance between the attack capabilities on the one hand and the defensive measures on the other must be resolved so that new AI systems can be rolled out securely, especially within vital sectors such as security and defence. This ensures that the possibilities of AI can be realized in a safe way.

With this paper we join the AI discussion on REAIM. During REAIM 2023, the Ministry of Foreign Affairs invited more than 80 countries to exchange knowledge and experience and to take the first steps to reach meaningful agreements on the opportunities and risks of AI in the military domain. This event was an important milestone in promoting global cooperation in this important area.