MITRE and Microsoft have added a data-driven generative AI focus to MITRE ATLAS, a community knowledge base that security professionals, AI developers, and AI operators can use as they protect artificial intelligence (AI)-enabled systems, MITRE announced November 6. This new framework update and associated new case studies directly address unique vulnerabilities of systems that incorporate generative AI and large language models (LLM) like ChatGPT and Bard.
The updates to MITRE ATLAS—which stands for Adversarial Threat Landscape for Artificial-Intelligence Systems—are intended to realistically describe the rapidly increasing number and type of attack pathways in LLM-enabled systems that consumers and organizations are rapidly adopting. Such characterizations of realistic AI-enabled system attack pathways can be used to strengthen defenses against malicious attacks across a variety of consequential applications of AI, including in healthcare, finance, and transportation.
“Many are concerned about security of AI-enabled systems beyond cybersecurity alone, including large language models,” said Ozgur Eris, managing director of MITRE’s AI and Autonomy Innovation Center. “Our collaborative efforts with Microsoft and others are critical to advancing ATLAS as a resource for the nation.”
“Microsoft and MITRE worked with the ATLAS community to launch the first version of the ATLAS framework for tabulating attacks on AI systems in 2020, and ever since, it has become the de facto Rosetta Stone for security professionals to make sense of this ever-shifting AI security space,” said Ram Shankar Siva Kumar, Microsoft data cowboy. “Today’s latest ATLAS evolution to include more LLM attacks and case studies underscores the framework’s incredible relevance and utility.”
MITRE ATLAS is a globally accessible, living knowledge base of adversary tactics and techniques based on real-world attack observations and realistic demonstrations from AI red teams and security groups. The ATLAS project involves global collaboration with well over 100 government, academic, and industry organizations. Under that collaboration umbrella, MITRE and Microsoft have worked together to expand ATLAS and develop tools based on the framework to enable industry, government, and academia as we all work to increase the security of our AI-enabled systems.
Source: MITRE
If you enjoyed this article, please consider becoming a paid subscriber. Your support helps keep our site ad-free.
By Loren Blinde
November 8, 2023
