2518-1092Research result. Information technologies2518-109210.18413/2518-1092-2022-8-2-0-73147ARTIFICIAL INTELLIGENCE AND DECISION MAKING<strong>PROTECTION AGAINST ADVERSARIAL ATTACKS&nbsp;ON AUDIO AND IMAGES IN ARTIFICIAL&nbsp;INTELLIGENCE MODELS USING THE SGEC METHOD</strong><strong>PROTECTION AGAINST ADVERSARIAL ATTACKS&nbsp;ON AUDIO AND IMAGES IN ARTIFICIAL&nbsp;INTELLIGENCE MODELS USING THE SGEC METHOD</strong>GerasimovViktor MikhailovichGerasimovViktor Mikhailovichmy.virus.kaspersky@gmail.comMaslovaMaria AlexandrovnaMaslovaMaria Alexandrovnamashechka-81@mail.ruKhalilayevaEmine IlimdarovnaKhalilayevaEmine Ilimdarovnaemine.halilaeva@yandex.ru20238200

In the modern world, the use of artificial intelligence (AI) is increasingly facing the risk of adversarial attacks on audio and images. This article explores this issue and presents the SGEC method as a means to minimize these risks. Various types of attacks on audio and images are discussed, including label manipulation, white-box and black-box attacks, leakage through trained models, and hardware-level attacks. The main focus is on the SGEC method, which offers data encryption and ensures their integrity in AI models. The article also examines other approaches to protect audio and images, such as dual verification and ensemble methods, access restriction and data anonymization, as well as the use of provably robust AI models.

In the modern world, the use of artificial intelligence (AI) is increasingly facing the risk of adversarial attacks on audio and images. This article explores this issue and presents the SGEC method as a means to minimize these risks. Various types of attacks on audio and images are discussed, including label manipulation, white-box and black-box attacks, leakage through trained models, and hardware-level attacks. The main focus is on the SGEC method, which offers data encryption and ensures their integrity in AI models. The article also examines other approaches to protect audio and images, such as dual verification and ensemble methods, access restriction and data anonymization, as well as the use of provably robust AI models.

adversarial attacksvoiceprint protectionbiometric data protectionsteganographydata encryptionrisks of adversarial attacksadversarial attacksvoiceprint protectionbiometric data protectionsteganographydata encryptionrisks of adversarial attacks

Работа выполнена в рамках Соглашения от 30.06.2022 г. № 40469-21/2022-к

Список литературы1.&nbsp; Esmaeilpour M., Cardinal P., Koerich A.L. A robust approach for securing audio classification against adversarial attacks //IEEE transactions on information forensics and security. &ndash; 2019. &ndash; T. 15. &ndash; P. 2147-2159.2.&nbsp; Xu H. et al. Adversarial attacks and defenses in images, graphs and text: A review // International Journal of Automation and Computing. &ndash; 2020. &ndash; T. 17. &ndash; P. 151-178.3. Certificate of state registration of the computer program No. 2022663168 Russian Federation. SGEC-system &quot;BIOM&quot; for encrypting and hiding the voice data of users on the server: No. 2022662279: App. 06/27/2022: publ. July 12, 2022 / V.M. Gerasimov, M.A. Maslova; applicant Federal State Autonomous Educational Institution of Higher Education &quot;Sevastopol State University&quot;. &ndash; EDN FJQWGB.4.&nbsp; Clark D., Hunt S., Malacaria P. Quantitative analysis of the leakage of confidential data // Electronic Notes in Theoretical Computer Science. &ndash; 2002. &ndash; T. 59. &ndash; №. 3. &ndash; P. 238-251.5.&nbsp; Martin K. The penalty for privacy violations: How privacy violations impact trust online // Journal of Business Research. &ndash; 2018. &ndash; T. 82. &ndash; P. 103-116.6.&nbsp; Yang J. et al. Msta-net: forgery detection by generating manipulation trace based on multi-scale self-texture attention // IEEE transactions on circuits and systems for video technology. &ndash; 2021. &ndash; T. 32. &ndash; №. 7. &ndash; P.&nbsp;4854-4866.7.&nbsp; Li G. et al. DeSVig: Decentralized swift vigilance against adversarial attacks in industrial artificial intelligence systems //IEEE Transactions on Industrial Informatics. &ndash; 2019. &ndash; T. 16. &ndash; №. 5. &ndash; P. 3267-3277.8.&nbsp; Mee&szlig;en S. M. et al. Trust is essential: positive effects of information systems on users&rsquo; memory require trust in the system //Ergonomics. &ndash; 2020. &ndash; T. 63. &ndash; №. 7. &ndash; P. 909-926.9.&nbsp; Lupton M. Some ethical and legal consequences of the application of artificial intelligence in the field of medicine //Trends Med. &ndash; 2018. &ndash; T. 18. &ndash; №. 4. &ndash; P. 100147.10. Gerasimov, V. M. Comprehensive system for protecting a biometric voice print from the effects of cyber fraudsters / V.M. Gerasimov // XI Congress of Young Scientists: Collection of scientific papers, St. Petersburg, April 04&ndash;08, 2022. - St. Petersburg: Federal State Autonomous Educational Institution of Higher Education &quot;National Research University ITMO&quot;, 2022. &ndash; P. 72-76. &ndash; EDN VTVBBS.11. Gerasimov, V.M. Possible threats and attacks on the user&#39;s voice identification system / V.M. Gerasimov, M.A. Maslova // Scientific result. Information Technology. &ndash; 2022. &ndash; V. 7, No. 1. &ndash; P. 32-37. &ndash; DOI 10.18413/2518-1092-2022-7-1-0-4. &ndash; EDN JBCXMF.12. Ozhiganova M. I., Arvanova S. M., Abitov A. A., Unachev I. A. Development of a software module for a face recognition system using the Viola-Jones method // Digital transformation of science and education: Collection of scientific papers II International Scientific and Practical Conference, NALCHIK, October 01&ndash;04, 2021. - NALCHIK, 2021. &ndash; P. 271-277. &ndash; EDN NRFFLF.