Adversarial attacks against financial AI systems are deliberate attempts to manipulate the input data fed to these models, causing them to make incorrect predictions or decisions. The goal is to exploit vulnerabilities in the AI system's learning process and often leads to a financial gain for the attacker or a financial loss for others. These attacks can manifest in various forms, targeting different aspects of the AI model and the data it processes. For example, in the context of fraud detection, an attacker might slightly modify transaction records in such a way that they appear legitimate, thereby bypassing the AI model’s detection mechanisms. This doesn't always need to be human manipulation of the data, as another AI model can be used to generate these adversarial examples automatically, meaning the attacker can conduct the attack in scale, allowing for many more attempts. This illustrates an important concept, where the vulnerabilities can be attacked through the data which is fed to the AI system, rather than attacking the AI system directly.
One common form of attack is the evasion attack, where the attacker manipulates data to fool the model at inference time (when the model is used to make predictions). An example of this would be in a credit scoring system. An individual with a poor credit history could subtly alter their loan application data, making it appear slightly more favorable to the AI model, even though no change in the individual’s actual credit rating is taking place. This could be achieved by adding more fictional income to the form and other similar changes. These changes may seem small and insignificant for a human looking over the data, but the AI model is very se....
Log in to view the answer
