Microsoft announces Counterfit, an automation tool for security testing of AI systems

578 points

Cybersecurity is at the forefront for Microsoft given increasing cyberattacks by sophisticated but malicious actors. The company is constantly updating its security infrastructure to protect itself against threats and advises its partners to do the same.

One overlooked aspect of an organization’s tooling is typically the security of their AI systems. Microsoft plans to address this with the release of a new tool called Counterfit.

Image via The Indian Express

Counterfit is an open source tool created by Microsoft to automate the security testing of an organization’s AI systems. The ultimate goal is to give high confidence to companies that their artificial intelligence systems are robust and reliable, given how heavily they are used in various industries. Microsoft notes that out of the 28 organizations it surveyed, 25 felt that they didn’t have the right mechanisms in place to protect AI systems and their security professionals are not well-equipped to handle threats against them.

READ More:  YouTube for iOS adds support for picture-in-picture mode in the US

Counterfit originally began as a set of scripts that could be used to attack AI models. Microsoft first used it in its own internal testing, but now, Counterfit has evolved to act as an automation tool that attacks multiple AI models at scale. The company says that it has become a staple tool of its own AI red team operations who use it to perform and automate adversarial security testing of AI services currently in development and production.

The benefits of using Counterfit are that it is environment-, model-, and data-agnostic. This means that it can be used on-premises, on the edge, in the cloud to test any kind of AI model that depends upon input data in virtually any form including text and images.

READ More:  Here are the wallpapers included in the leaked Windows 11 build

Microsoft has indicated that Counterfit is easy to use for security teams who utilize Metasploit or PowerShell Empyre. It can be used for penetration testing and vulnerability scanning, and it also logs attacks to AI models so data scientists can utilize its telemetry to further enhance the security of their AI systems.

You can head over to the open source project’s GitHub page here to learn more about Counterfit and how you can deploy it at your organization.

Source link

Like it? Share with your friends!

578 points