UNCLASSIFIED

Artificial Intelligence
AUGUST 2022 ITSAP.00.040

The world we live in is being transformed by artificial intelligence (AI). This developing technology uses intelligent computer
programs (i.e. learning algorithms) to find complex patterns in data to make predictions or classifications. AI is used today to
perform specific tasks, such as to use facial recognition to access your mobile device or ask your smart speaker for the weather
forecast. Machine learning, a subset of artificial intelligence, uses instructions, known as algorithms, and data to understand
languages to help the computer system learn and improve based on its own experience. Deep learning, a subset of machine learning,
uses vast volumes of data and artificial neural network algorithms to train a model to make intelligent decisions on its own.

What can AI do? What can’t AI do today?

AI already plays a big role in our everyday lives. From search A few fundamental limitations still exists for AI today. Using
engines to online shopping to voice assistants on our mobile reasoning or common sense, and adapting to different situations,
device or smart speaker, AI provides recommendations, and understanding cause and effect are all quite difficult for AI.
information, answers to questions, and helps to organize our Humans, with their judgement and insight, are still better able to
schedules. These daily applications create data and feedback handle situations that require these types of problem solving and
for machine learning tools to learn and improve from. decision making skills.

What are Some of the Ways in Which Organizations Are Using AI?
Facial recognition: A leading application of AI that looks at facial features in an image or video to identify or verify the individual.
Process optimization: A properly trained machine learning tool (one learning from accurate data) can use the data to give more accurate
solutions and perform mundane tasks faster than a human can.
Digital Assistants: Chat or voice bots can improve customer service and reduce support costs. Customers can receive help within
seconds—24 hours a day, seven days a week. These services are often highly personalized and can be based on a user’s preferences and
history with the organization.
Healthcare: In the medical industry, AI aids in patient diagnosis and treatment in a variety of ways, such as computer-aided diagnostic
systems that assist in making a diagnosis. Machine learning in precision medicine is another highly useful tool and is used to help predict
which treatments are most likely to succeed on a patient.

Fraud detection: Sophisticated machine learning tools can detect fraudulent emails faster than a human can. These tools sort through your
inbox and move spam and phishing emails to your junk folder.
Data Analysis: Using machine learning algorithms, AI is capable of analyzing large amounts of data and discover new patterns. This
greatly reduces the processing time spent by a data analyst, known as automation, and improves business performance.
Cybersecurity: AI is useful in detecting new threats to organizations through automation. By using sophisticated algorithms, AI are able
to automate threat detection such as malware, run pattern recognition to find relationships between different attack vectors and
provides superior predictive intelligence.

AWARENESS SERIES Cat. No. D97-1/00-040-2022E-PDF

ISBN 978-0-660-44248-8
 UNCLASSIFIED

What are the threats to AI tools?

AI tools are often only as good as the data model they rely upon. What
Whatelse
elseshould
shouldyou
youknow
know
The main threats to AI come from compromises to its data. about
aboutAI?
AI?
Common methods of compromise include:
Data Poisoning Attack: This type of attack occurs at a machine
learning tool’s training phase. AI tools rely heavily on accurate  Machine
Machinelearning
learningtools can
tools detect
can patterns
detect in in
patterns data.
data.
data for training. When poisoned (inaccurate) data is injected into  Machine learning tools need enough data to
Machine learning tools need enough data to see the
the training data set, the poisoned data can lead the learning see the patterns at aenough
high enough frequency.
patterns at a high frequency.
system to make mistakes.
 Data used
Data forfor
used training should
training bebe
should complete, diverse,
complete, and
diverse, and
Adversarial Example: This type of attack occurs after the accurate.
accurate.
machine learning tool is trained. The tool is fooled into
classifying inputs incorrectly. For example, in the case of • • If there areare
If there blanks
blanksin in
thethe
data, some
data, somepatterns
patterns
autonomous vehicles, an adversarial example could be a slight might not be discovered, and the patterns
might not be discovered, and the patterns that areare
that
modification of traffic signs in the physical world (subtle fading or found
foundmight
mightnotnot
bebeaccurate.
accurate.
stickers applied to a stop sign), causing the vehicle’s AI system
• • If the data
If the used
data is is
used notnot
diverse, thethe
diverse, tool willwill
tool have aa
have
to misclassify a stop sign as a speed-limit sign. This could
narrow scope.
narrow scope.
seriously impact the safe operation of self-driving vehicles.
• • If the training
If the trainingdata used
data is is
used notnotaccurate,
accurate, the tool
Model Inversion and Membership Inference Attacks: both of
thewill
tool will provide unreliable
provide unreliable results. results.
these scenarios occur when a threat actor queries your
organization’s data model. A model inversion attack will reveal  Data that is is
recorded and collected forfor
“quality control”
Data that recorded and collected “quality control”
the underlying data set, allowing the threat actor to reproduce the purposes can contain both sensitive and personal
purposes can contain both sensitive and personal
training data. A membership inference attack confirms if a information.
information.
specific data file is part of the training data. Both model inversion
 Many
Many organizations
organizations areare
nownowusing trustworthy
using trustworthy
and membership inference attacks could compromise the
AIAIpolicies to ensure that their use
policies to ensure that their use of of AIAItools
toolsminimize
minimize
confidentiality and privacy of your training data and expose
potential
potentialbiases
biasesand
andunintended
unintended consequences,
consequences,
sensitive information.
especially
especially regarding
regarding thethe
treatment
treatment ofofindividuals.
individuals.
Policies may also assist in the development
Policies may also assist in the development ofof
appropriate
appropriate protocols
protocols forfor
thethe
handling
handling ofofsensitive
sensitive and
and
personal information An example of an AI
personal information An example of an AI policy is policy is thethe
Government
Government ofof
Canada’s
Canada’s recently
recentlyadopted
adopted Directive
Directiveonon
Automated Decision-Making.
Automated Decision-Making.
 If your organization
If your organization intends
intends totodeploy
deploy AI,AI,
it should
it should
consider
consider seeking
seeking legal
legal advice
advice toto
manage
manage thethe
many
many
ethical, privacy, policy, and legal considerations
ethical, privacy, policy, and legal considerations that
that
come from using
come from using AI. AI.

Need help or have questions? Want to stay up to date and find out more on all things cyber security?
Visit the Cyber Centre website at cyber.gc.ca