Security Threats to machine Learning( ARTIFICIAL INTELLIGENCE)
Download as PPTX, PDF0 likes23 views
Dr. Debabarta Singh presented on security threats to machine learning systems. There are several types of information security threats including software attacks, theft of intellectual property, identity theft, and theft of equipment or information. Malware threats include viruses, worms, trojans, bots, adware, spyware, ransomware, scareware, and rootkits. New generation threats involve technology with weak security, social media attacks, mobile malware, outdated security software, and corporate data on personal devices. Social engineering is also a major threat.
Security Threats to machine Learning( ARTIFICIAL INTELLIGENCE)
- 1. Security Threats to Machine Learning Systems Presented By: Dr. Debabarta Singh Associate Professor, Dept of CA, ITER, Siksha O Anusandhan Universiity, Bhubaneswar, Odisha
- 2. Security Threats to Machine Learning Systems
- 3. Machine Learning Security: 3 Risks
- 6. Information Security threats can be many like Software attacks, theft of intellectual property, identity theft, theft of equipment or information, sabotage, and information extortion. ๏Threat can be anything that can take advantage of a vulnerability to breach security and negatively alter, erase, harm object or objects of interest. ๏Software attacks means attack by Viruses, Worms, Trojan Horses etc. Many users believe that malware, virus, worms, bots are all same things. But they are not same, only similarity is that they all are malicious software that behaves differently. ๏Malware is a combination of 2 terms- Malicious and Software. So Malware basically means malicious software that can be an intrusive program code or anything that is designed to perform malicious operations on system. Malware can be divided in 2 categories: โขInfection Methods โขMalware Actions Threats to Information Security
- 7. BASIS OF INFECTION Method are following: Virus โ They have the ability to replicate themselves by hooking them to the program on the host computer like songs, videos etc and then they travel all over the Internet. The Creeper Virus was first detected on ARPANET. Examples include File Virus, Macro Virus, Boot Sector Virus, Stealth Virus etc. Worms โ Worms are also self-replicating in nature but they donโt hook themselves to the program on host computer. Biggest difference between virus and worms is that worms are network-aware. They can easily travel from one computer to another if network is available and on the target machine they will not do much harm, they will, for example, consume hard disk space thus slowing down the computer. Trojan โ The Concept of Trojan is completely different from the viruses and worms. The name Trojan is derived from the โTrojan Horseโ tale in Greek mythology, which explains how the Greeks were able to enter the fortified city of Troy by hiding their soldiers in a big wooden horse given to the Trojans as a gift. Bots โ: can be seen as advanced form of worms. They are automated processes that are designed to interact over the internet without the need for human interaction. They can be good or bad. Malicious bot can infect one host and after infecting will create connection to the central server which will provide commands to all infected hosts attached to that network called Botnet.
- 8. Malware on the basis of Actions: Adware โ Adware is not exactly malicious but they do breach privacy of the users. They display ads on a computerโs desktop or inside individual programs. They come attached with free-to-use software, thus main source of revenue for such developers. They monitor your interests and display relevant ads. An attacker can embed malicious code inside the software and adware can monitor your system activities and can even compromise your machine. Spyware โ It is a program or we can say software that monitors your activities on computer and reveal collected information to an interested party. Spyware are generally dropped by Trojans, viruses or worms. Once dropped they install themselves and sits silently to avoid detection. One of the most common example of spyware is KEYLOGGER. The basic job of keylogger is to record user keystrokes with timestamp. Thus capturing interesting information like username, passwords, credit card details etc. Ransomware โ It is type of malware that will either encrypt your files or will lock your computer making it inaccessible either partially or wholly. Then a screen will be displayed asking for money i.e. ransom in exchange.
- 9. Malware on the basis of Actions: Scareware โ It masquerades as a tool to help fix your system but when the software is executed it will infect your system or completely destroy it. The software will display a message to frighten you and force to take some action like pay them to fix your system. Rootkits โ are designed to gain root access or we can say administrative privileges in the user system. Once gained the root access, the exploiter can do anything from stealing private files to private data. Zombies โ They work similar to Spyware. Infection mechanism is same but they donโt spy and steal information rather they wait for the command from hackers.
- 10. Theft of intellectual property means violation of intellectual property rights like copyrights, patents etc. Identity theft means to act someone else to obtain personโs personal information or to access vital information they have like accessing the computer or social media account of a person by login into the account by using their login credentials. Theft of equipment and information is increasing these days due to the mobile nature of devices and increasing information capacity. Sabotage means destroying companyโs website to cause loss of confidence on part of its customer. Information extortion means theft of companyโs property or information to receive payment in exchange. For example ransomware may lock victims file making them inaccessible thus forcing victim to make payment in exchange. Only after payment victimโs files will be unlocked.
- 11. New Generation Threats. Technology with weak security โ With the advancement in technology, with every passing day a new gadget is being released in the market. But very few are fully secured and follows Information Security principles. Since the market is very competitive Security factor is compromised to make device more up to date. This leads to theft of data/ information from the devices Social media attacks โ In this cyber criminals identify and infect a cluster of websites that persons of a particular organization visit, to steal information. Mobile Malware โThere is a saying when there is a connectivity to Internet there will be danger to Security. Same goes for Mobile phones where gaming applications are designed to lure customer to download the game and unintentionally they will install malware or virus on the device. Outdated Security Software โ With new threats emerging everyday, updation in security software is a prerequisite to have a fully secured environment. Corporate data on personal devices โ These days every organization follows a rule BYOD. BYOD means Bring your own device like Laptops, Tablets to the workplace. Clearly BYOD pose a serious threat to security of data but due to productivity issues organizations are arguing to adopt this. Social Engineering โ is the art of manipulating people so that they give up their confidential information like bank account details, password etc. These criminals can trick you into giving your private and confidential information or they will gain your trust to get access to your computer to install a malicious software- that will give them control of your computer.