Threat modelling AI systems is a critical practice for understanding and mitigating potential vulnerabilities. This process involves identifying potential threats, assessing the risks, and developing strategies to defend against these threats. By proactively analysing the ways in which an AI system can be compromised, organizations can bolster their defences and ensure the integrity, confidentiality, and availability of their AI-driven solutions. Effective threat modelling not only addresses known attack vectors but also anticipates emerging threats, fostering a robust security posture in the ever-evolving landscape of AI technology.
ATLAS Matrix
ATLAS (Adversarial Threat Landscape for Artificial-Intelligence Systems) is a globally accessible, living knowledge base of adversary tactics and techniques against Al-enabled systems based on real-world attack observations and realistic demonstrations from Al red teams and security groups. The ATLAS Matrix shows the progression of tactics used in attacks.
The AI Risk Database captures 1000+ risks extracted from 56 existing frameworks and classifications of AI risks
The Causal Taxonomy of AI Risks classifies how, when, and why these risks occur
The Domain Taxonomy of AI Risks classifies these risks into 7 domains (e.g., “Misinformation”) and 23 subdomains (e.g., “False or misleading information”)
The OWASP Top 10 for LLM Applications list is a significant undertaking, built on the collective expertise of an international team of more than 500 experts and over 150 active contributors. Our contributors come from diverse backgrounds, including AI companies, security companies, ISVs, cloud hyperscalers, hardware providers, and academia.
In this talk the history and basic concept of steganography is explained. Steganography is the art and science of hidden communication. There are examples showing image and audio steganography. This video is a back up for a lecture to LMU SCDM 2020/21 just in case MS Teams / BB Collaborate doesn’t work on the day.
I attended a seminar today in which the role of identity was discussed in the context of gender. It was the first time I learnt the correct definition of gender vs. sex and gained an appreciation of how online and offline identity might play a role in peoples very personal journeys.
During the questions another interesting topic came up – if we had a general AI, what gender would it be?
As more of our lives and even our identities move on line, it occurred to me that protection of a persons online identities may have a safety implication, if not a privacy one. So as an exercise, the following links have been collated for me to share to those who ask for them:
Links
Get Safe Online – great all round privacy and protection advice
With the recent rush of people joining alternative messaging services, following the WhatsApp privacy policy update, I thought I’d take a look at how the signal protocol works. Luckily I didn’t need to look far as the good folks at Computerfile have already created some excellent explanatory videos.
It provides the answers to the questions:
How does end to end encryption work even when the message recipient isn’t online?
What does it mean when I get “your safety number has changed” from a trusted contact?
How do group chats preserve security?
A great video came up in my YouTube feed today. A video from the excellent Computerphile channel caught my eye. It concerned turning pictures of sound waves back into audio files. It was entitled How NOT to Sample Audio!
The basic method used was as follows:
Get a screen grab of a sound file waveform (in the time domain)
Loop through the columns of the BMP picture file to find and extract the approximation of the waveform
Brightness is used to detect if the difference between background and the sound
A loop is used to pick out column max and min heights
Store these values as the sound (basically a series of values
To compensate for low resolution, a stretch is required to make up for fact the resolution of the image is less in columns than you would have samples, in an audio file
Values added between samples to enable the stretch
Add the WAV file header information to the series of numbers you have created
In the example in the film, an 8 Bit sound generated in a 35k file (ASCII). Clearly the WAV to graphics accuracy is dependant on the number of screen pixels used.
The result reminded me of the first voice synthesis I heard from the Commodore 64 game, Ghostbusters! The magic of hearing “you slimed me” is etched in my mind,
Reading the comments on the video I also noticed someone had mentioned a fascinating project called the Visual Microphone. A quick search of the internet revealed the following paper and website. The Visual Microphone: Passive Recovery of Sound from Video
Possibly the oddest conference presentation ever. People from around the globe presenting papers remotely to an IEEE conference in China just after midnight on New Years Eve to New Years Day. The conference had to be postponed due to the pandemic and the new timing meant my presentation had to be at a session starting at the very dawn of the new year, remote, and also that recordings had to be provided in case the tech failed (recording below). I’m not sure how many of the delegates and presenters were sober but it made for a memorable, if not strange experience. Sorry but I had to miss Jools Holland this time!
Paper ID: IEEE TrustCom 2020
Title: Enhancing Cyber Security Using Audio Techniques: A Public Key Infrastucture for Sound
Conference: The 19th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom 2020), Guangzhou, China, December 29, 2020 – January 1, 2021
As well as preparing a threat model for a new conceptual model I am developing for my research, I was recently asked to give an overview of how threat modelling can assist in architectural and design processes. The request was for a video presentation and so I had two requirements to revisit this topic. Time for revision!
So this post is a landing page for my unlisted YouTube video and useful links I might need to reference. In other words, more useful to me than anyone else who ends up here on their travels!
The video covers:
What is threat modelling?
What is it used for and why do it?
What is the link between threat intelligence and threat modelling?
What is the relationship between threat modelling and risk assessment?
Today I was privileged to give a talk at the excellent DST-UKIERI VIRTUAL WORKSHOP ON ADVERSARIAL CYBER SECURITY. Due to Covid-19 the event was virtual. It was a collaboration between UKIERI, India Institute of Technology Mandi, Department of Science & Technology, London Metropolitan University, C-MRiC, British Council, Carnegie Mellon University and others.
The subject of my talk was entitled “Enhancing Cyber Security Using Audio Techniques” and described my research into a new authentication model using audio steganography.
Super useful resource outlining a new Cyber Recovery Operational Framework was also presented offering a new focus on cyber recovery activities as opposed to the majority of guidance frameworks aimed at protection, detection and response. https://cyberframework.c-mric.com
Here’s some of the cool stuff I captured on a CCSP boot camp in December 2019.
First up is a list of books, websites, and videos recommended by our instructor:
The Art of Profiling: Reading People Right the First Time Hardcover – 1 Jul 2012
by Dan Korem
A recommendation for red teaming. The book details a system for rapid-fire profiling people after just a few minutes of interaction. Used by USAF for gaining confidence and entry to site etc.
CSA Security Trust Assurance and Risk (STAR)
A site to find out about major cloud service providors audits and assurance. The Security Trust Assurance and Risk (STAR) Program encompasses key principles of transparency, rigorous auditing, and harmonization of standards. Companies who use STAR indicate best practices and validate the security posture of their cloud offerings.
Useful security configuration guides from the Defense Information Systems Agency (DISA) called the Security Technical Implementation Guides (STIGs). 500+ guides covering all platforms and systems.
Like the Plan / Do / Check / Act (PDCA) cycle the OODA Loop was a military interpretation of the Demming model used by the USAF https://en.wikipedia.org/wiki/OODA_loop
Can be applied in a cyber context.
Scientists Extract RSA Key from GnuPG Using Sound of CPU
Keys can now be extracted from hardware / chips using microphones:
“In their research paper titled RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis, Daniel Genkin, Adi Shamir and Eran Tromer et al. present a method for extracting decryption keys from the GnuPG security suite using an interesting side-channel attack. By analysing the acoustic sound made by the CPU they were able to extract a 4096-bit RSA key in about an hour (PDF). A modern mobile phone placed next to the computer is sufficient to carry out the attack, but up to four meters have been successfully tested using specially designed microphones.”
Following a discussion about cloud hosting in the ocean, the discussion turned to what happens about data protection and privacy in space. It turns out its already been thought about:
The goal of the OWASP Top 10 Proactive Controls project (OPC) is to raise awareness about application security by describing the most important areas of concern that software developers must be aware of.
The list is ordered by importance with list item number 1 being the most important:
Funny and usual vitriolic content about de-perimeterisation. Basically the Jerico foundation anger brought up to date for the cloud and zero trust age:
Some useful content.
Privacy-first – DNS service
The 1.1.1.1 is a free Domain Name System (DNS) service that is supposed to protect privacy. There is also a mobile app. Run by cloudflare.
Security Onion is a free and open source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes Elasticsearch, Logstash, Kibana, Snort, Suricata, Bro, Wazuh, Sguil, Squert, CyberChef, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes!
Kibana is an open source data visualization dashboard for Elasticsearch. It provides visualization capabilities on top of the content indexed on an Elasticsearch cluster.
Gray Hat Hacking: The Ethical Hacker’s Handbook, Fifth Edition
The group remembered the contribution of Shon Harris and apert from her CISSP book the following book was recommended:
Gray Hat Hacking: The Ethical Hacker’s Handbook, Fifth Edition explains the enemy’s current weapons, skills, and tactics and offers field-tested remedies, case studies, and ready-to-try testing labs.
The Cathedral & the Bazaar
The book on open source software is by Eric S. Raymond. Interesting point made – how come with no central leadership can open source be better? Many eyes means less faults.
