Preface

• Who this book is for
• What this book covers
• To get the most out of this book
• Download the example code files
• Conventions used
• Get in touch
• Share your thoughts

1. Part 1: Introduction to Adversarial AI FREE CHAPTER

2. Chapter 1: Getting Started with AI

• Getting the most out of this book – get to know your free benefits
• Understanding AI and ML
• Types of ML and the ML life cycle
• Key algorithms in ML
• Neural networks and deep learning
• ML development tools
• Summary
• Further reading

3. Chapter 2: Building Our Adversarial Playground

• Technical requirements
• Setting up your development environment
• Hands-on basic baseline ML
• Developing our target AI service with CNNs
• ML development at scale
• Summary

4. Chapter 3: Security and Adversarial AI

• Technical requirements
• Security fundamentals
• Securing our adversarial playground
• Securing code and artifacts
• Bypassing security with adversarial AI
• Summary

5. Part 2: Model Development Attacks

6. Chapter 4: Poisoning Attacks

• Basics of poisoning attacks
• Staging a simple poisoning attack
• Backdoor poisoning attacks
• Hidden-trigger backdoor attacks
• Clean-label attacks
• Advanced poisoning attacks
• Mitigations and defenses
• Summary

7. Chapter 5: Model Tampering with Trojan Horses and Model Reprogramming

• Injecting backdoors using pickle serialization
• Injecting Trojan horses with Keras Lambda layers
• Trojan horses with custom layers
• Neural payload injection
• Attacking edge AI
• Model hijacking
• Summary

8. Chapter 6: Supply Chain Attacks and Adversarial AI

• Traditional supply chain risks and AI
• AI supply chain risks
• Data poisoning
• AI/ML SBOMs
• Summary

9. Part 3: Attacks on Deployed AI

10. Chapter 7: Evasion Attacks against Deployed AI

• Fundamentals of evasion attacks
• Perturbations and image evasion attack techniques
• NLP evasion attacks with BERT using TextAttack
• Universal Adversarial Perturbations (UAPs)
• Black-box attacks with transferability
• Defending against evasion attacks
• Summary

11. Chapter 8: Privacy Attacks – Stealing Models

• Understanding privacy attacks
• Stealing models with model extraction attacks
• Defenses and mitigations
• Summary

12. Chapter 9: Privacy Attacks – Stealing Data

• Understanding model inversion attacks
• Types of model inversion attacks
• Example model inversion attack
• Understanding inference attacks
• Attribute inference attacks
• Example attribute inference attack
• Membership inference attacks
• Summary

13. Chapter 10: Privacy-Preserving AI

• Privacy-preserving ML and AI
• Simple data anonymization
• Advanced anonymization
• Differential privacy (DP)
• Federated learning (FL)
• Split learning
• Advanced encryption options for privacy-preserving ML
• Advanced ML encryption techniques in practice
• Applying privacy-preserving ML techniques
• Summary

14. Part 4: Generative AI and Adversarial Attacks

15. Chapter 11: Generative AI – A New Frontier

• A brief introduction to generative AI
• Using GANs
• Using pre-trained GANs
• Summary

16. Chapter 12: Weaponizing GANs for Deepfakes and Adversarial Attacks

• Use of GANs for deepfakes and deepfake detection
• Using GANs in cyberattacks and offensive security
• Defenses and mitigations
• Summary

17. Chapter 13: LLM Foundations for Adversarial AI

• A brief introduction to LLMs
• Developing AI applications with LLMs
• Hello LLM with Python
• Hello LLM with LangChain
• Bringing your own data
• How LLMs change Adversarial AI
• Summary

18. Chapter 14: Adversarial Attacks with Prompts

• Adversarial inputs and prompt injection
• Direct prompt injection
• Automated gradient-based prompt injection
• Risks from bringing your own data
• Indirect prompt injection
• Data exfiltration with prompt injection
• Privilege escalation with prompt injection
• RCE with prompt injection
• Defenses and mitigations
• Summary

19. Chapter 15: Poisoning Attacks and LLMs

• Poisoning embeddings in RAG
• Poisoning attacks on fine-tuning LLMs
• Summary

20. Chapter 16: Advanced Generative AI Scenarios

• Supply-chain attacks in LLMs
• Privacy attacks and LLMs
• Model inversion and training data extraction attacks on LLMs
• Inference attacks on LLMs
• Model cloning with LLMs using a secondary model
• Defenses and mitigations for privacy attacks
• Summary

21. Part 5: Secure-by-Design AI and MLSecOps

22. Chapter 17: Secure by Design and Trustworthy AI

• Secure by design AI
• Building our threat library
• Industry AI threat taxonomies
• AI threat taxonomy mapping
• Threat modeling for AI
• Threat modelling in action
• Enhanced FoodieAI threat model
• Risk assessment and prioritization
• Security design and implementation
• Testing and verification
• Shifting left – embedding security into the AI life cycle
• Live operations
• Beyond security – Trustworthy AI
• Summary

23. Chapter 18: AI Security with MLSecOps

• The MLSecOps imperative
• Toward an MLSecOps 2.0 framework
• Building a primary MLSecOPs platform
• MLSecOps in action
• Integrating MLSecOps with LLMOps
• Advanced MLSecOps with SBOMs
• Summary

24. Chapter 19: Maturing AI Security

• Enterprise security AI challenges
• Foundations of enterprise AI security
• Protecting AI with enterprise security
• Operational AI security
• Iterative enterprise security
• Summary

25. Chapter 20: Unlock Your Book’s Exclusive Benefits

• How to unlock these benefits in three easy steps

26. Index

• Why subscribe?

27. Other Books You May Enjoy

• Packt is searching for authors like you
• Share your thoughts