Author
Listed:
- Maria NICULAE
(Beia Consult International, Bucharest, Romania)
- George SUCIU
(Beia Consult International, Bucharest, Romania)
- Vlad STANESCU
(Beia Consult International, Bucharest, Romania)
- Mari-Anais SACHIAN
(Beia Consult International, Bucharest, Romania)
- Aristeidis FARAO
(University of Piraeus, Piraeus, Greece)
- Athanasia SABAZIOTI
(University of Piraeus, Piraeus, Greece)
- Christos XENAKIS
(University of Piraeus, Piraeus, Greece)
- Dionysios XENAKIS
(Department of Digital Industry Technologies of the National and Kapodistrian University of Athens, Athens, Greece)
- Ignacio LACALLE
(Universitat Politècnica de València, Valencia, Spain)
- Panagiotis Radoglou GRAMMATIKIS
(K3Y, Sofia, Bulgaria)
- Nikolaos Sachpelidis BROZOS
(K3Y, Sofia, Bulgaria)
- Zacharenia LEKKA
(K3Y, Sofia, Bulgaria)
- Giorgio BERNARDINETTI
(Consorzio Nazionale Interuniversitario per le Telecomunicazioni, Parma, Italy)
- Anastasia TSIOTA
(Fogus Innovations and Services, Athens, Greece)
- Georgios KALPAKTSOGLOU
(Fogus Innovations and Services, Athens, Greece)
- Stylianos KARAGIANNIS
(PDM, Lisbon, Portugal)
Abstract
Detecting adversarial AI attacks has emerged as a critical issue since AI systems are becoming integral across all industries, from healthcare to finance and even transportation. Adversarial attacks stand on the fact that there exist weaknesses within machine learning and deep learning models, which they exploit on the grounds of their potential to cause serious disruptions and severe threats towards the integrity of AI operational procedures. In this light, the discussion will focus on developing robust mechanisms for detecting adversarial inputs in real-time to ensure that AI systems remain resilient against such sophisticated threats. While adversarial AI — software input sanitization, anomaly detection, and adversarial training — has some important foundational work, most approaches to them suffer from generalization challenges across attack types or real-time performance. This work will introduce novelty by extending the detection capabilities with explainable AI (XAI) and deception mechanisms. Adversarial activities will be detected based on adversarial training in combination with honeypots and digital twins, while keeping the process of detection transparent with XAI. While honeypots and digital twins decoy attackers, observing their behaviors can further strengthen detection methods. The results so-far promise tremendous improvements in the detection of adversarial attacks in high-risk AI applications, efficacy of honeypots for the capture of malicious behavior, and XAI for enhanced interpretability and reliability of the detection process. These techniques will enhance the robustness of AI systems against adversarial threats. Presented research contributes significantly by providing practical tools for cybersecurity professionals and AI practitioners against these attacks, thus offering new insights into AI for cybersecurity. The novelty value of the paper is the innovative integration of adversarial training, XAI, and deception techniques, which offers a combined, interpretable, and effective method toward the detection of adversarial AI attacks on cross-industry sectors.
Suggested Citation
Maria NICULAE & George SUCIU & Vlad STANESCU & Mari-Anais SACHIAN & Aristeidis FARAO & Athanasia SABAZIOTI & Christos XENAKIS & Dionysios XENAKIS & Ignacio LACALLE & Panagiotis Radoglou GRAMMATIKIS & , 2024.
"Adversarial AI attack detection: a novel approach using explainable AI and deception mechanisms,"
Smart Cities International Conference (SCIC) Proceedings, Smart-EDU Hub, Faculty of Public Administration, National University of Political Studies & Public Administration, vol. 12, pages 623-647, september.
Handle:
RePEc:pop:procee:v:12:y:2024:623-647
Download full text from publisher
More about this item
Keywords
;
;
;
;
;
JEL classification:
- O35 - Economic Development, Innovation, Technological Change, and Growth - - Innovation; Research and Development; Technological Change; Intellectual Property Rights - - - Social Innovation
Statistics
Access and download statistics
Corrections
All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:pop:procee:v:12:y:2024:623-647. See general information about how to correct material in RePEc.
If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.
We have no bibliographic references for this item. You can help adding them by using this form .
If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Professor Catalin Vrabie (email available below). General contact details of provider: https://edirc.repec.org/data/fasnsro.html .
Please note that corrections may take a couple of weeks to filter through
the various RePEc services.
Printed from https://ideas.repec.org/a/pop/procee/v12y2024623-647.html
My bibliography
Save this article