Google LLC today released a set of best practices that companies can implement to protect their artificial intelligence models from hacking.

The best practices are part of a new technical guide that the search giant refers to as the Secure AI Framework, or SAIF.

“A framework across the public and private sectors is essential for making sure that responsible actors safeguard the technology that supports AI advancements, so that when AI models are implemented, they’re secure-by-default,” Google cybersecurity executives Royal Hansen and Phil Venables wrote in a blog post. “Today marks an important first step.”

According to Google, SAIF can help companies stave off attempts to steal a neural network’s code and training dataset. The framework is also useful for blocking other types of attacks. In particular, Google says that SAIF makes it more difficult for hackers to tamper with an AI model and cause it to generate malicious output.

The best practices that comprise SAIF are organized into six collections. Each collection focuses on helping enterprises improve a different aspect of their AI security operations.

The first set of best practices emphasizes the importance of extending a company’s existing cybersecurity controls to its AI systems. According to Google, those existing controls include the software a company uses to block SQL injection attempts. SQL injections are a type of cyberattack in which hackers target a database with malicious queries to steal its contents.

To block such attacks, companies deploy so-called input sanitization software that prevents malicious queries from reaching the target database. Google argues that input sanitization software is also useful for filtering malicious AI prompts. The technology can remove the malicious elements of a prompt before it’s sent to an AI model for processing. 

The second set of best practices in SAIF focuses on threat detection. According to Google, companies shouldn’t simply rely on their cybersecurity controls to block malicious AI prompts, but rather actively monitor for such input. The search giant recommends that administrators also implement procedures for detecting anomalous AI output.

The third collection of best practices explores how AI can be used to make cybersecurity teams more productive. In its SAIF guide, Google points out that machine learning tools can ease complex tasks such as analyzing the code of malware files. At the same time, the company stresses that human oversight is necessary because AI tools can generate erroneous output. 

The three remaining best practice collections that comprise SAIF cover various other aspects of AI security. 

Google advises cybersecurity teams to regularly take inventory of what AI systems are used by employees, as well as map out the associated risks. Furthermore, the company recommends that cybersecurity professionals standardize the tools they use for their work. Google argues that using a single, consistent set of tools for AI breach prevention tasks can help improve productivity. 

“As we advance SAIF, we’ll continue to share research and explore methods that help to utilize AI in a secure way,” Hansen and Venables detailed. “We’re committed to working with governments, industry and academia to share insights and achieve common goals.”

Image: Google