The attack forces the neural network to use much more energy, causing its efficiency to slow down.
Researchers at the Cybersecurity Center in Maryland, eastern state of the United States, published a study in which they alerted to a new type of cyberattack specifically targeting artificial intelligences.
When deployed, the hack forces the AI to consume much more energy to function while slowing its performance. If this may seem trivial, 80% of companies could use artificial intelligence by 2022. In this specific case, the attack targets a very specific system called the architecture of adaptive multi-agent systems.
They designed these AIs in response to the high energy demand of certain artificial intelligence models. They are indeed more efficient networks: they can divide the tasks according to their difficulty to be solved. This then allows them to use as little energy as possible to solve them. The MIT Technology Review explains:
“Suppose you have a photo of a lion looking straight at the camera in perfect lighting and a photo of a lion crouching in a complex landscape, partially hidden from view. A traditional neural network would run the two photos through all of its layers and spend the same amount of computation labeling each. But an adaptive agent neural network could take the first photo through a single layer before reaching the confidence level needed to identify it. This reduces the model’s carbon footprint, but also improves its speed and allows it to be deployed on small devices like smartphones and smart speakers ”.
It is precisely on this way of functioning that the attack will play. The researchers assure it suffices to change the input on which the AI is based, in this case, a photo, to force it to use more energy. This is what they did by adding nuisances to the input of the neural network, with an impressive result: if the hacker has all the information on the AI, then he will push to the maximum. Its energy use. If he only has access to limited data about him, he can still push his consumption by 20 to 80% more. In both cases, It will slow the network down.
For now, this type of attack is not democratized because they did not yet implement these AI architectures much, but that is doomed to change. The researchers thus wish to alert on their existence and affirm that recent work is necessary to determine to what extent these hacks could affect this type of networks.