Intro to AI Security Part 9: up-skilling in AI Security

Intro to AI Security Part 9: up-skilling in AI Security

Well it’d be remiss to near the end of the series without discussing, now that you’re CONVINCED AI Security is both important and interesting, how you can learn more.

This is a question I get asked a lot, actually, and it’s the main reason I started this blog. When I started my journey in AI Security, I found a lot of academic papers on adversarial machine learning, but not as much that was able to distil this information for a non-expert and present it in the context of the ‘so what’. There are definitely more resources now, but it’s still an emerging field, and can be a bit of a task finding content that is appropriate for your specific level. My intention in starting this blog is that it would lay some of the foundations for you to take the leap into more specific or technical content. And while there might not be many other channels that tackle AI Security specifically, there are so many resources to learn more about machine learning, artificial intelligence, cyber security, and their intersection with the social sciences.

If you want to really understand AI Security, there are a few core subject areas who should become familiar with:

Understand how Machine Learning works

Machine learning is the backbone of Artificial Intelligence. Without understanding ML in sufficient technical detail to know how important the fields of mathematics and statistics are to AI technologies, it will be much harder to engage with their vulnerabilities (and exploits). This includes what would now be considered as ‘traditional’ machine learning approaches like the Perceptron (where it all started) through to Support Vector Machines, Logistics Regression, Clustering Algorithms and through to ‘modern’ methods like Deep Neural Networks and Transformers. You’d be surprised by how the machine learning models of the 1950s are still the bread and butter of the extremely fancy methods used today.

I should also add, this assumes some basic knowledge of coding. However if you’re unfamiliar with coding, please don’t let that stop you from diving right in! There’s no better way to learn to code than to just start a project, and to understand why you’re actually coding in the first place. When I first started coding I did so many intro programs where I learnt all about floats and booleans and functions, but none of it was useful until I actually understood why they’re all things worth knowing (in my case, it was building models). Don’t skip the foundations, but learn them as you go — ask ChatGPT for help if you need it.

I’m listing some resources below, note that while I include a couple of textbooks I personally don’t find them that useful for retaining information. My personal learning style is to start with engaging content that gives me an overview of the field while entertaining me, then narrowing in on specific topics using textbooks and academic papers, and then going deeper by trying my own code. However there is no one right way and you should find the style that works for you.

Machine Learning content:

• Crash Course Artificial Intelligence — don’t judge me, but it’s fun and memorable! I love all crash course series.
• Practical Deep Learning by Fast AI — this is a good way to go from 0 to 100 with ‘modern’ models
• Khan Academy — not so much ML, but is basically how I got through university math — this is for when you want to go deeper
• 3 Blue 1 Brown — again, great math help!
• Kaggle — for when you want to start trying your own code
• Hands-on Machine Learning — I actually found this a really useful textbook to work through the code

Have a google and there are many, many more courses you’ll find. I’m sure some of them are great, I’ve done coursera and udemy courses before, and I’ve heard good things about the Harvard and Stanford courses (note these are paid, so if you can, get your organisation to sponsor it). However I can’t personally vouch for them so I’ve left them out.

Learn about Adversarial Machine Learning

This is the academic field that showed how AI/ML systems can be vulnerable to all sorts of attacks. You need to know about these attacks, and just how varied they are, to understand AI risk. There are over one hundred different adversarial machine learning attacks, and many, many academic papers you can delve into. However, a complete understanding of AI risk also requires an understanding of how likely all these attacks are, and what factors play into this. Many of the attacks that exist couldn’t realistically be employed in production environments. However that’s not to say they will always stay this way — you need to understand what will make that change.

Adversarial Machine Learning resources:

• Intriguing properties of neural networks — the paper that started it all, I honestly learnt everything I know in AML through academic papers (but I wouldn’t necessarily recommend it for efficiency)
• MITRE ATLAS — while primarily a repository of threat information, it also has a good resources section
• Adversarial Robustness Theory and Practice — a great overview of the field, how it started, and were it’s going
• Yen Chenlin’s list — a long list of blogs, papers and talks
• Adversarial Robustness Toolbox — once you start coding
• Cleverhans — again, more code (and some resources)

As you start going deeper in AML it can be more helpful to look for specific answers to technical questions. For these, I often turn to Khan or 3Blue1Brown for math help, arxiv for explanations in academic papers, and ChatGPT/Bard for good high level and interactive help (and to help recommend other links/papers).

Learn about cyber security and AI security

Now I’ve included these under the same banner, but only because you’ll probably find very few AI security resources. There are some really good ones out there, but most of them start with a good cyber security understanding. For the more math inclined, do also look up cryptographic techniques (ie. algorithm security, which is surprisingly applicable to machine learning security).

Cyber security resources

• Crash Course Computer Science — again, don’t judge me, but it’s fun and educational!
• Ethical Hacking — I did one of these udemy courses, it only cost me $10 (at the time) and it was actually really good
• SANS — good quality courses but very expensive — if you can, find someone else who will pay for you
• Darknet Diaries — honestly I’ve learnt more about cyber security in the real world from podcasts like this than from formal education
• MITRE — for an overview of threats and tactics

There’s a lot more you can find on cyber security than I can list here, and I encourage you to research both ‘best practice’ and pop culture.

What else..

Now if you’re not aware, I also have my own YouTube channel, Harriet Hacks. This currently includes video equivalents for each of these written blogs, and will also include deeper dives over time. Also, in 2024 a remastered intro series will be released so the production quality will go from not terrible to much better.

If you already work somewhere tech-related, I also encourage you to maximise your opportunities to learn while someone else is paying for it. Certifications and courses can be a great way to go through a formal learning process, and get certified for it. If you can get on the job opportunities to develop certain skills I encourage that as well. If you’re still studying, find opportunities through your school or university to go on courses or audit classes for free. Also make the most of your proximity to researchers and other interested people or colleagues (this applies at work too) — go ask them questions!

Other resources

Podcasts I like

Darknet Diaries — for stories about the dark side of the internet

Lex Fridman — started as an AI podcast, turned into interviews with famous people (that are very long — three hours!)

Youtube channels I like

• AI News by Samuel Albanie — really helps me stay up to date with AI
• Robert Miles on AI Safety — THE one to watch on AI Safety

Email newsletters I like

• Import AI by Jack Clarke — if AI News by Sam Albanie is one half of my AI news knowledge, this is the other half
• Unsupervised learning by Daniel Miessler — really good mixture of AI, security and other stuff
• Lesswrong newsletter — for the cutting edge in AI safety and alignment

I also really encourage you to just get involved! I’ve been invited to things through sheer persistence and random unsolicited emails. Most people are nice. And we’re working on important things, so the more of us who care about this, the better!

A note on career journeys

I never thought I would end up in AI Security, but the universe had other plans. I do truly believe that if you work hard on things you’re passionate about, the right path for you tends to emerge when the timing is right. In the meantime, focus on honing your skills and be audacious with your goals — we only live once, so in all aspects of your life you should aim high and shoot for the stars!

This is the last blog in the intro to AI Security series.. Kind of. The next blog will be a walkthrough of an adversarial machine learning attack in a google colab notebook that you can follow along as you watch.