US Patent Application 17715014. DETECTING AN ALGORITHMIC ATTACK AGAINST A HOSTED AI SYSTEM BASED ON INPUTS AND OUTPUTS OF THE HOSTED AI SYSTEM simplified abstract
DETECTING AN ALGORITHMIC ATTACK AGAINST A HOSTED AI SYSTEM BASED ON INPUTS AND OUTPUTS OF THE HOSTED AI SYSTEM
Organization Name
Microsoft Technology Licensing, LLC
Inventor(s)
Hyrum Spencer Anderson of Eagle ID (US)
Raja Sekhar Rao Dheekonda of Bellevue WA (US)
William Pearce of Highland UT (US)
Ricky Dee Loynd of Redmond WA (US)
James David Mccaffrey of Issaquah WA (US)
Ram Shankar Siva Kumar of Bothell WA (US)
DETECTING AN ALGORITHMIC ATTACK AGAINST A HOSTED AI SYSTEM BASED ON INPUTS AND OUTPUTS OF THE HOSTED AI SYSTEM - A simplified explanation of the abstract
- This abstract for appeared for US patent application number 17715014 Titled 'DETECTING AN ALGORITHMIC ATTACK AGAINST A HOSTED AI SYSTEM BASED ON INPUTS AND OUTPUTS OF THE HOSTED AI SYSTEM'
Simplified Explanation
The abstract describes techniques for detecting algorithmic attacks on a hosted artificial intelligence (AI) system. These attacks are identified by analyzing the inputs (queries) and outputs of the AI system.
In the first example, a feature-based classifier model is used to generate a classification score. This score is based on numerical representations of the queries and outputs. If the classification score exceeds a certain threshold, an algorithmic attack is detected.
In the second example, a transformer-based model is used to generate a vector. This vector is created by providing a multivariate time series, which includes attributes of the inputs and outputs, as input to the transformer-based model. An algorithmic attack is detected if the distance between the generated vector and a reference vector is less than or equal to a specified distance threshold.
Original Abstract Submitted
Techniques are described herein that are capable of detecting an algorithmic attack against a hosted artificial intelligence (AI) system based on inputs (e.g., queries) and outputs of the hosted AI system. In a first example, a feature-based classifier model is used to generate a classification score based on features that are derived from numerical representations of the queries and the outputs, and an algorithmic attack is detected based on the classification score being greater than or equal to a score threshold. In a second example, a transformer-based model is used to generate a vector by providing a multivariate time series, which is based on attribute(s) of the inputs and attribute(s) of the outputs, as an input to the transformer-based model, and an algorithmic attack is detected based on a distance between the vector and a point corresponding to a reference vector being less than or equal to a distance threshold.
