Protecting AI Assets from Adversarial Attacks

TrojAI is developing solutions to protect artificial intelligence platforms from adversarial attacks on training data and AI models, such as poisoning or embedded Trojan and evasion attacks. Focused on computer vision platforms, the data transformation and model monitoring techniques developed by TrojAI not only aid in the defence against such attacks, but in some cases also provide incremental improvements in model accuracy and performance. TrojAI’s secure cloud SaaS service also includes a forensically tracked archival repository system to provide customers with a complete solution for peace of mind AI security and brand protection.

Start Now Learn More

Scroll Down

Focused Exclusively on Computer Vision

We protect your AI from data poisoning and model evasion attacks

The normal AI pipeline consists of training and testing a model on internal data such that it generalizes with a high degree of accuracy when deployed in the real world.

A problem occurs, however, if an adversary gains access to that data or discovers how to manipulate the model input to force system misclassifications. Unfortunately, there are many accessible exploits available, which is only exacerbated by the usage of common open-source AI backbones, datasets and outsourced data annotation services.

Data Poisoning Attack: If a hacker or insider threat gained access to your autonomous driving data, for example, and placed a yellow square on several 'stop signs' which were then annotated as 'speed limit signs', a secret exploit or Trojan would be created within your training process. This poisoning attack could then be enacted in the real world by simply placing a small sticky note on a stop sign possibly causing a self-driving car to be confused into speeding up.

Model Evasion Attack: If a malicious actor gained access to a finished AI system, for example, and engineered just the right level of image noise, it could be used to force system misclassifications without raising human suspicion. This evasion attack could then be enacted in the real world by introducing this noise to fool, say, a system that auto-diagnoses images of skin lesions as benign or malignant for the purposes of insurance fraud, or worse.

Our Solution

We protect your AI from malicious Trojan attacks in several ways.

Secure Precious Data

Protect against insider threats by using TrojAI as your trusted data custodians. Data is securely stored on leading cloud services within country of origin and is forensically tracked to ensure that it remains unchanged using provenance versioning.

Identify, Track & Reduce Adversarial Risk

Continuously scan AI assets and quantify how susceptible your AI is to adversarial attack. Enjoy peace of mind as our continuously improved defences keep you ahead of emerging attack vectors to reduce and track risk over time.

Improve Model Accuracy

Many adversarial defense techniques can reduce attack risk while significantly improving model accuracy by normalizing certain types of noise in your data. Hard to believe? Contact us today and see for yourself.

Harden Neural Networks

Stay ahead of malicious actors by evaluating your entire AI pipeline using white, black and grey-box penetration testing to highlight unintended model behaviours that traditional cybersecurity practices miss.

Receive Deep-Learning Insights

Receive actionable monthly updates highlighting unexpected network activations, improvements in risk level and expected accuracy gains found during our continuous automated monitoring of your AI data and models.

Protect Your Brand

Your success and brand trust depends on keeping your innovations and customers safe. TrojAI provides peace of mind by protecting your AI assets and keeping you ahead of malicious actors.

Industries at Risk

The truth is, if your industry uses computer vision then you are at some risk of adversarial attack. Such attacks are limited only by the creativity and resourcefulness of malicious actors. While we cannot predict all possible attack vectors, our team of experts actively monitors the threat landscape for emerging risks and are committed to making it significantly more difficult for attackers to succeed.