Artificial Intelligence Security Census

In this paper, we present the results of Internet-wide security scans of publicly available AIML systems. We show that many different interfaces of AIML systems are not protected and accessible from the Internet, moreover, most of them don't even have basic security mechanisms. Also, we describe found the known vulnerabilities related to outdated software and insecure configurations. 

We employ a customized methodology suitable for Internet-scale scanning using search engines for Internet-connected devices and develop a special automation framework. We also provide additional examples of insecure AIML systems found during security validation testing. As the narration proceeded, the descriptions of basic threat intelligence and security scanning methods are provided when necessary mainly for data scientists and software engineers.

Link

Enjoy