Dans le cadre de notre séminaire « La Cybersécurité sur un plateau » (Cybersecurity on a Plate), nous aurons 1 présentation le mardi 10 juin prochain. Le séminaire CoaP aura lieu à 10h30 dans le bâtiment IMT/TP/TSP, en salle 3.A213.

Si vous venez participer pour la première fois, n'hésitez pas à contacter les organisateurs pour ne pas être bloqué à l'entrée.

Héliou Alice, Thouvenot Vincent, Lampe Rodolphe, Huynh Cong Bang, Morisse Baptiste (Thales): AI Friendly Hacker : when an AI reveals more than it should

Abstract: The aim of AI based on machine learning is to generalize information about individuals to an entire population. And yet...

• Can an AI leak information about its training data?
• Since the answer to the first question is yes, what kind of information can it leak?
• How can it be attacked to retrieve this information?

To emphasize AI vulnerability issues, a challenge was proposed at CAID2023 on confidentiality attacks based on two tasks:

• Membership Attack: An image classification model has been trained on part of the FGVC-Aircraft open-access dataset. The aim of this challenge is to find, from a set of 1,600 images, those used for training the model and those used for testing.
• Forgetting attack: The model supplied, also known as the "export" model, was refined from a so-called "sovereign" model. The sovereign model has certain sensitive aircraft classes (families) which have been removed and replaced by new classes. The aim is to find which of a given set of classes have been used to train the sovereign model, using only the weights of the export model.

The Friendly Hackers team of CortAIx LAbs won the two tasks. At the seminar we will present how we did it and what lessons we learned during this fascinating challenge.