Request full copy

Beyond the Algorithm: AI, Security, Privacy, and Ethics, 1st edition

Published by Addison-Wesley Professional (January 30, 2024) © 2024

  • Omar Santos Best-selling Cisco Press author, expert trainer, and Principal Engineer at Cisco (PSIRT)
  • Petar Radanliev
C$62.49

  • A print text (hardcover or paperback) 
  • Free shipping
  • Also available for purchase as an ebook from all major ebook resellers, including InformIT.com
This book is a comprehensive, cutting-edge guide designed to educate readers on the essentials of artificial intelligence (AI) and machine learning (ML), while emphasising the crucial aspects of security, ethics, and privacy. The book aims to equip AI practitioners, IT professionals, data scientists, security experts, policy-makers, and students with the knowledge and tools needed to develop, deploy, and manage AI and ML systems securely and responsibly.
The book is divided into several sections, each focusing on a specific aspect of AI. It begins by introducing the fundamentals of AI technologies, providing an overview of their history, development, and various types. This is followed by a deep dive into popular AI algorithms and large language models (LLMs), including GPT-4, that are at the forefront of AI innovation.
Next, the book explores the critical security aspects of AI systems, examining the importance of security and the key challenges faced in this domain. It also delves into the common threats, vulnerabilities, and attack vectors, as well as risk assessment and management strategies. This manuscript covers data security, model security, system and infrastructure security, secure development practices, monitoring and auditing, supply chain security, and secure deployment and maintenance.
Another key focus of the book is privacy and ethical considerations in AI systems. Topics covered include bias and fairness, transparency and accountability, and privacy and data protection. The book also addresses legal and regulatory compliance, providing an overview of relevant regulations and guidelines, and discussing how to ensure compliance in AI systems through case studies and best practices.

Preface.. . . . . . . . . . . . . . . . . xvii

1 Historical Overview of Artificial Intelligence (AI) and Machine Learning (ML).. . . . . . . . . . . . 1

The Story of Eva. . . . . . . . . . . . . 2

The Origins.. . . . . . . . . . . . . . 3

Advancements of Artificial Intelligence.. . . . . . . . . 5

Understanding AI and ML. . . . . . . . . . . 8

Concluding the Story of Eva.. . . . . . . . . . . 25

Summary. . . . . . . . . . . . . . 26

Test Your Skills. . . . . . . . . . . . . 27

Exercise 1-1: Exploring the Historical Development and Ethical Concerns of AI.. . . . . . . . . . . . 29

Exercise 1-2: Understanding AI and ML. . . . . . . . . 29

Exercise 1-3: Comparison of ML Algorithms.. . . . . . . . 30

Exercise 1-4: Assessing Applications of ML Algorithms. . . . . . 31

2 Fundamentals of AI and ML Technologies and Implementations.. . 33

What Are the Leading AI and ML Technologies and Algorithms?. . . . 34

ChatGPT and the Leading AI and ML Technologies: Exploring

Capabilities and Applications.. . . . . . . . . . 43

Understanding the Two Categories of AI: Capability-Based Types and Functionality-Based Types. . . . . . . . 52

Leveraging AI and ML to Tackle Real-World Challenges: A Case Study. . . 53

Reflecting on the Societal and Ethical Implications of AI Technologies.. . 54

Assessing Future Trends and Emerging Developments in AI and ML Technologies.. . . . . . . . . . . . . 56

Summary. . . . . . . . . . . . . . 57

Test Your Skills. . . . . . . . . . . . . 59

Exercise 2-1: Algorithm Selection Exercise: Matching Scenarios with Appropriate Machine Learning Techniques.. . . . . . . . 61

Exercise 2-2: Exploring AI and ML Technologies.. . . . . . . 63

Exercise 2-3: Capabilities and Benefits of AI-Optimized Hardware.. . . 63

Exercise 2-4: Understanding the Two Categories of AI.. . . . . . 64

Exercise 2-5: Future Trends and Emerging Developments in AI and ML Technologies. . . . . . . . . . . . . . 64

3 Generative AI and Large Language Models.. . . . . . . 65

Introduction to Generative AI and LLMs. . . . . . . . 66

Large Language Models (LLMs): Revolutionizing Natural Language Processing (NLP). . . . . . . . . . . 88

Hugging Face.. . . . . . . . . . . . . 95

Auto-GPT: A Revolutionary Step in Autonomous AI Applications. . . . 97

Summary. . . . . . . . . . . . . . 98

Test Your Skills. . . . . . . . . . . . . 99

Exercise 3-1: Hugging Face.. . . . . . . . . . . 102

Exercise 3-2: Transformers in AI. . . . . . . . . . 102

Additional Resources. . . . . . . . . . . . 104

4 The Cornerstones of AI and ML Security.. . . . . . . . 105

Recognizing the Need for AI Security.. . . . . . . . . 105

Adversarial Attacks.. . . . . . . . . . . . 107

Data Poisoning Attacks. . . . . . . . . . . 109

OWASP Top Ten for LLMs. . . . . . . . . . . 112

Countermeasures Against Model Stealing Attacks. . . . . . 124

Membership Inference Attacks.. . . . . . . . . . 124

Evasion Attacks.. . . . . . . . . . . . . 130

Model Inversion Attacks.. . . . . . . . . . . 135

Backdoor Attacks. . . . . . . . . . . . . 137

Exploring Defensive Measures.. . . . . . . . . . 137

Summary. . . . . . . . . . . . . . 138

Test Your Skills. . . . . . . . . . . . . 140

Additional Resources. . . . . . . . . . . . 142

5 Hacking AI Systems.. . . . . . . . . . . . 143

Hacking FakeMedAI. . . . . . . . . . . . 143

MITRE ATLAS.. . . . . . . . . . . . . 146

A Deep Dive into the AI and ML Attack Tactics and Techniques.. . . . 147

Exploiting Prompt Injection.. . . . . . . . . . 161

Red-Teaming AI Models. . . . . . . . . . . 162

Summary. . . . . . . . . . . . . . 162

Test Your Skills. . . . . . . . . . . . . 163

Exercise 5-1: Understanding the MITRE ATT&CK Framework.. . . . 166

Exercise 5-2: Exploring the MITRE ATLAS Framework.. . . . . . 166

6 System and Infrastructure Security. . . . . . . . . 167

The Vulnerabilities and Risks Associated with AI Systems and Their Potential Impact. . . . . . . . . . . . 167

AI BOMs. . . . . . . . . . . . . . 176

Data Security Vulnerabilities.. . . . . . . . . . 177

Cloud Security Vulnerabilities.. . . . . . . . . . 179

Secure Design Principles for AI Systems.. . . . . . . . 182

AI Model Security.. . . . . . . . . . . . 183

Infrastructure Security for AI Systems. . . . . . . . . 184

Threat Detection and Incident Response for AI Systems.. . . . . 190

Additional Security Technologies and Considerations for AI Systems. . . 193

Summary. . . . . . . . . . . . . . 195

Test Your Skills. . . . . . . . . . . . . 196

Additional Resources. . . . . . . . . . . . 197

7 Privacy and Ethics: Navigating Privacy and Ethics in an AI-Infused World.. . . . . . . . . . . . . 199

Why Do We Need to Balance the Benefits of AI with the Ethical Risks and Privacy Concerns?.. . . . . . . . . . 200

What Are the Challenges Posed by AI in Terms of Privacy Protection, and What Is the Importance of Privacy and Ethics in AI Development and Deployment?. . . . . . . . . 201

The Dark Side of AI and ChatGPT: Privacy Concerns and Ethical Implications. . . . . . . . . . . . 203

Data Collection and Data Storage in AI Algorithms: Potential Risks and Ethical Privacy Concerns. . . . . . . . 206

The Moral Tapestry of AI and ChatGPT.. . . . . . . . 212

Preserving Privacy, Unleashing Knowledge: Differential Privacy and Federated Learning in the Age of Data Security.. . . . . . 223

Harmony in the Machine: Nurturing Fairness, Diversity, and Human Control in AI Systems.. . . . . . . . . . 224

Real-World Case Study Examples and Fictional Stories of Privacy Breaches in AI and ChatGPT.. . . . . . . . . 226

Summary. . . . . . . . . . . . . . 232

Test Your Skills. . . . . . . . . . . . . 234

Exercise 7-1: Privacy Concerns and Ethical Implications of AI. . . . 237

Exercise 7-2: Ethical Privacy Concerns in Data Collection and Storage by AI Algorithms.. . . . . . . . . . . . . 238

Exercise 7-3: Balancing Autonomy and Privacy in the Age of AI. . . . 238

Exercise 7-4: Safeguarding Privacy and Ethical Frontiers.. . . . . 239

8 Legal and Regulatory Compliance for AI Systems.. . . . . 241

Legal and Regulatory Landscape.. . . . . . . . . 242

Compliance with AI Legal and Regulatory Data Protection Laws. . . 245

Intellectual Property Issues in Conversational AI.. . . . . . 247

Unraveling Liability and Accountability in the Age of AI. . . . . 249

Ethical Development and Deployment of AI Systems: Strategies for Effective Governance and Risk Management.. . . . . . 252

International Collaboration and Standards in AI. . . . . . . 255

Future Trends and Outlook in AI Compliance.. . . . . . . 257

Unleashing the Quantum Storm: Fictional Story on AI Cybersecurity, Quantum Computing, and Novel Cyberattacks in Oxford, 2050. . . . 260

Summary. . . . . . . . . . . . . . 261

Test Your Skills. . . . . . . . . . . . . 263

Exercise 8-1: Compliance with Legal and Regulatory Data Protection Laws.. . . . . . . . . . . . 266

Exercise 8-2: Understanding Liability and Accountability in AI Systems. . . . . . . . . . . . . . 266

Exercise 8-3: International Collaboration and Standards in AI.. . . . 267

Test Your Skills Answers and Solutions. . . . . . . . . 269

 

9780138268459, TOC, 1/4/2024

Omar Santos is a cybersecurity thought leader with a passion for driving industry-wide initiatives to enhance the security of critical infrastructures. Omar is the lead of the DEF CON Red Team Village, the chair of the Common Security Advisory Framework (CSAF) technical committee, the founder of OpenEoX, and board member of the OASIS Open standards organization. Omar’s collaborative efforts extend to numerous organizations, including the Forum of Incident Response and Security Teams (FIRST) and the Industry Consortium for Advancement of Security on the Internet (ICASI).

Omar is a renowned expert in ethical hacking, vulnerability research, incident response, and AI security. He employs his deep understanding of these disciplines to help organizations stay ahead of emerging threats. His dedication to cybersecurity has made a significant impact on businesses, academic institutions, law enforcement agencies, and other entities striving to bolster their security measures.

With more than 20 books, video courses, white papers, and technical articles under his belt, Omar’s expertise is widely recognized and respected. Omar is a Distinguished Engineer at Cisco focusing on AI security, research, incident response, and vulnerability disclosure. You can follow Omar on Twitter @santosomar.

Petar Radanliev is a Postdoctoral Research Associate at the Department of Computer Science at the University of Oxford. He obtained his PhD at the University of Wales in 2014. He continued with postdoctoral research at Imperial College London, the University of Cambridge, Massachusetts Institute of Technology, and the Department of Engineering Science at the University of Oxford before moving to the Department of Computer Science. His current research focuses on artificial intelligence, cybersecurity, quantum computing, and blockchain technology. Before joining academia, Dr. Petar Radanliev spent ten years as a Cybersecurity Manager for RBS, the largest bank in the world at the time, and five years as a Lead Penetration Tester for the Ministry for Defence.

Need help? Get in touch

Video
Play
Privacy and cookies
By watching, you agree Pearson can share your viewership data for marketing and analytics for one year, revocable by deleting your cookies.

Video transcript (PDF | 16KB) 

Pearson eTextbook: What’s on the inside just might surprise you

They say you can’t judge a book by its cover. It’s the same with your students. Meet each one right where they are with an engaging, interactive, personalized learning experience that goes beyond the textbook to fit any schedule, any budget, and any lifestyle.Â