Staff Shortage, Limited Budgets, and Antiquated Systems: The Federal Governments Need for Conversational AI

Public-use technologies demand a higher level of accountability and compliance with regulations than technologies developed by the private sector. Similarly, in the United States, government organizations and insurance companies use an AI tool to identify any changes in infrastructure or property. An Australian company NearMap has developed an AI tool that provides land identification and segmentation from aerial images. The precision of the AI models is highly dependent on the quality and quantity of the medical images dataset. V7’s intelligent labeling tool speeds up the annotation process and provides an end-to-end tool for medical data management. Thanks to technological advancements like computer vision, object detection, drone tracking, and camera-based traffic systems, government organizations can analyze crash data and highlight areas with a high likelihood of accidents.

Research is being done to make this work by linking very specific data – potentially using various AI models and not just large language models – to do prompt engineering using specialized machine learning models on particular domains. In the face of these challenges, it is becoming increasingly clear that meaningful AI legislation is not guaranteed, and even if it does materialize, it may struggle to keep pace with technology’s rapid evolution. Therefore, a collaborative effort between the public and private sectors is crucial in safeguarding data privacy and promoting responsible AI development. One significant development on the horizon is the European Union’s (EU) AI Act, expected to be unveiled in 2024. This comprehensive piece of legislation is meant to set the tone for AI regulation within the EU and potentially beyond. While the EU has been vocal about its intent to regulate AI in a way that respects human rights and privacy, the specifics of the bill have remained largely undisclosed.

Defining AI, Machine Learning, and Large Language Models

Recognizing the importance of safeguarding citizens’ personal information, many governments have implemented measures to protect data privacy and enhance security. As data flows across borders, it is necessary to put in place frameworks that ensure its protection despite its storage or point of processing. Depending on local laws that pertain to data privacy and security, governments could face huge fines and penalties for not adequately protecting citizen’s personal information.

If a large number of applications depended on this same shared dataset, this could lead to widespread vulnerabilities throughout the military. In the case of input attacks, an adversary would then be easily able to find attack patterns to engineer an attack on any systems trained using the dataset. In the case of poisoning attacks, an adversary would only need to compromise one dataset in order to poison any downstream models that are later trained using this poisoned dataset. Another avenue to execute a poisoning attack takes advantage of weaknesses in the algorithms used to learn the model. This threat is particularly pronounced in Federated Learning, a new cutting-edge machine learning algorithm that is emerging.25  Federated Learning is a method to train machine learning models while protecting the privacy of an individual’s data. Rather than centrally collecting potentially sensitive data from a set of users and then combining their data into one dataset, federated learning instead trains a set of small models directly on each user’s device, and then combines these small models together to form the final model.

Cybersecurity resolutions: how to make 2024 safer

In this middle-lane strategy, AI-enabled systems can be used to augment human-controlled processes, but not to fully replace human operators. Stakeholders may look to the self-driving vehicle industry for inspiration in categorizing human involvement in AI systems, which formulizes this classification system by categorizing autonomous vehicles from Level 1 (no AI use) to Level 5 (full AI use). As an illustrative example of this careful tradeoff, consider the example of extremist content filtering on a social network. In terms of attack damage, an attack will at worst render the content filters ineffective, an outcome no worse than not deploying them in the first place.

Based on the outcome of the tests, the stakeholders or regulators should determine if any deployed AI systems are too vulnerable to attack for safe operation with their current level of AI use. Systems found to be too vulnerable should be promptly updated, and in certain cases taken offline until such updates are completed. Like AI attacks, the technology behind Deepfakes shares a similar if not even more advanced technical sophistication. However, despite the technique living at the intersection of cutting-edge AI, computer vision, and image processing research, large number of amateurs with no technical background were able to use the method to produce the videos. The contested environments in which the military operates creates a number of unique ways for adversaries to craft attacks against these military systems, and correspondingly, a number of unique challenges in defending against them.

Using AI to Improve Security and Compliance

To attack an image content filter with a web-based API, attackers would simply supply an image to the app, which would then generate a version of the image able to trick the content filter but remain indistinguishable from the original to the human eye. Pushback to serious consideration of this attack threat will center around the technological prowess of attackers. As this attack method relies on sophisticated AI techniques, many may take false comfort in the fact that the attack method’s technical barriers will provide a natural barrier against attack. As a result, some may say that AI attacks do not deserve equal consideration with their traditional cybersecurity attack counterparts.

If a piece of military software is captured by an enemy, the model and AI system on it must be treated as would be any other piece of sensitive military technology, such as a downed drone. Compromise of one system could lead to the compromising of any other system that shares critical assets such as datasets. As such, methods detecting intrusions in contested environments where the adversary has gained control of the system must be developed. Recently, models are no longer residing and operating exclusively within data centers where security and control can be centralized, but are instead being pushed directly to devices such as weapon systems and consumer products. This change is necessary for applications in which it is either impossible or impractical to send data from these “edge” devices to a data center to be processed by AI models living in the cloud.

Agile Methodology in Federal Government: Enhancing Efficiency and Adaptability

In this regard, the United States has the opportunity to weaponize AI attacks against its adversaries’ AI systems. First, it would turn a developing strength of the United States’ main geopolitical foes to a weakness. The focus of China’s and other countries’ investments in AI is based on an attempt to offset traditional U.S. battlefield superiority. One key component of this strategy should include offensive AI attacks to degrade the performance of enemy automated systems. China’s detention and “re-education” of Uighur Muslims in the Xinjiang region serves as a case study for how AI “attacks” could be used to protect against regime-sponsored human rights abuses.

Read more about Secure and Compliant AI for Governments here.