Hostile AI attacks, mitigation, and defense strategies show how to attack AI systems and how defenders can prepare. It is essentially a walkthrough of an offensive, defensive approach to AI security.
About the author
John Sotiropoulos is the head of AI security at Kainos. John is the co-leading OWASP Top 10 OWASP for LLM Applications and OWASP AI Exchange, leading the way in collaboration with other standard organizations and national cybersecurity agencies. He is also the OWASP lead of the American Institute of AI Safety Consortium.
In the book
This book begins with an introduction to machine learning. Many executives don't build the model itself, but early chapters provide a foundation for understanding how these systems are built and where their weaknesses lie. Concepts such as monitored learning, model training, neural networks, and more are explained in plain language before the author moves into security dimensions. This grounding is valuable for CISOs who need to assess vendor claims and understand the limitations of what their team is deploying.
In the next section, you will walk through how to make practical turns, set up your environment, build simple models, and target with hostile techniques. Examples include addiction data, backdoor insertion, and model code tampering. Although these scenarios are technical, their inclusion shows that vulnerabilities can be easily introduced into machine learning pipelines.
The book is most useful for security leaders in its defense coverage. The authors outline mitigation strategies for each class of attack, from anomaly detection and hostile training to supply chain protection measures and model sources. Subsequent chapters move on to enterprise themes such as MLSecops, threat modeling for AI systems, and safety through design approaches. These chapters argue that AI security cannot be bolted later. Instead, it should be incorporated into development and operations using governance and testing that reflect other mature security practices.
The book also covers how generative adversarial networks can be weaponized for deepfakes and misinformation, and how large linguistic models are vulnerable to rapid infusion and addiction. These discussions are timely. Many organizations are experimenting with generated AI, and CISOS will find useful examples in explaining risks to boards and business units.
For who is it?
Overall, hostile AI attacks, mitigation, and defense strategies are serious references for those responsible for securing AI systems. It provides actionable demonstrations and strategic frameworks, provides the context needed to ask questions to security leaders and guide organizations towards adopting safer AI.
