Google has taken significant steps to enhance the security of its artificial intelligence (AI) models. The company is expanding its bug bounty program to include AI-related vulnerabilities, allowing security researchers to report novel ways to make AI models leak sensitive training data or misbehave. Google’s move is a response to the evolving cyber threat landscape and the recognition that many AI vulnerabilities are discovered by external security researchers. The company has also updated its criteria for reporting AI bugs, and in 2022, Google paid out $12 million to researchers for identifying overlooked security issues.
One of the key areas Google wants to explore further is prompt injections that are invisible to users. This entails investigating how attackers could manipulate AI models in a way that goes unnoticed. Additionally, Google is interested in understanding vulnerabilities related to obtaining the exact architecture or weights of confidential AI models, and misclassifications in security controls that could be exploited for malicious purposes. These investigations are part of Google’s efforts to strengthen AI security.
Furthermore, Google is applying supply chain security practices, such as code signing and Supply-chain Levels for Software Artifacts (SLSA), to machine learning models. The goal is to ensure the security and integrity of AI models, as they are susceptible to arbitrary code execution exploits similar to those found in conventional software.
By incorporating supply chain security measures into the AI development lifecycle, Google aims to work with the open-source community to establish industry standards and mitigate emerging AI risks. Google’s efforts align with a broader push to improve AI security, as part of a White House initiative that includes voluntary security commitments from tech companies.