CSI_AI_DATA_SECURITY信息安全资料 .docxVIP

JointCybersecurityInformation

TLP:CLEAR

AIDataSecurity

BestPracticesforSecuringDataUsedtoTrainOperateAISystems

Executivesummary

ThisCybersecurityInformationSheet(CSI)providesessentialguidanceonsecuringdatausedinartificialintelligence(AI)andmachinelearning(ML)systems.ItalsohighlightstheimportanceofdatasecurityinensuringtheaccuracyandintegrityofAIoutcomesandoutlinespotentialrisksarisingfromdataintegrityissuesinvariousstagesofAIdevelopmentanddeployment.

ThisCSIprovidesabriefoverviewoftheAIsystemlifecycleandgeneralbestpracticestosecuredatausedduringthedevelopment,testing,andoperationofAI-basedsystems.Thesebestpracticesincludetheincorporationoftechniquessuchasdataencryption,digitalsignatures,dataprovenancetracking,securestorage,andtrustinfrastructure.ThisCSIalsoprovidesanin-depthexaminationofthreesignificantareasofdatasecurityrisksinAIsystems:datasupplychain,maliciouslymodified(“poisoned”)data,anddatadrift.Eachsectionprovidesadetaileddescriptionoftherisksandthecorrespondingbestpracticestomitigatethoserisks.

ThisguidanceisintendedprimarilyfororganizationsusingAIsystemsintheiroperations,withafocusonprotectingsensitive,proprietary,ormissioncriticaldata.TheprinciplesoutlinedinthisinformationsheetprovidearobustfoundationforsecuringAIdataandensuringthereliabilityandaccuracyofAI-drivenoutcomes.

ThisdocumentwasauthoredbytheNationalSecurityAgency’sArtificialIntelligenceSecurityCenter(AISC),theCybersecurityandInfrastructureSecurityAgency(CISA),theFederalBureauofInvestigation(FBI),theAustralianSignalsDirectorate’sAustralianCyberSecurityCentre(ASD’sACSC),theNewZealand’sGovernmentCommunications

ThisinformationismarkedTLP:CLEAR.TLP:CLEARinformationmaybedistributedwithoutrestriction.FormoreinformationontheTrafficLightP