Summary
Imagine you’re at a restaurant and just tasted the best cake you’ve ever eaten.
Back at your home, you’re determined to recreate this culinary masterpiece.
Now, what if someone could do that with your personal information?
Image Credit:Mike MacKenzie/Flickr
Someone tastes the digital footprint you leave behind and reconstructs your private details.
They’re responsible for the impressive functionality behind voice recognition, humanized chatbots, and generative AI.
They do so at a scale and speed that far surpasses our organic capabilities.
Image Credit:Mike MacKenzie/Flickr
AI’s Book of Secrets
Just like our human brain, neural networks can hide secrets.
These secrets are the data its users have fed them.
To execute the attack, hackers use their own machine learning model called an “inversion model.”
Creating the Inversion Model
Creating the inversion can be thought of as reconstructing a shredded document.
The inversion model learns the language of the neural connection’s outputs.
It looks for telltale signs that, with time, reveal the nature of the inputs.
With each new piece of data and each response it analyzes, it better predicts the information you provide.
This process is a constant cycle of hypothesis and testing.
The inversion model’s process is a game of connecting the dots.
Eventually, insights into the user’s activities, preferences, and identity are revealed.
Insights that were not meant to be disclosed or made public.
What Makes It Possible?
Within neural networks, each query and response is a data point.
Hackers use machine learning algorithms in their own inversion models to refine their predictions.
That’ssensitive and personal information.
The inversion model can predict that the target user was asking questions related to an autoimmune condition.
With more information and more responses, the hackers can infer that the target has a serious health condition.
Suddenly, the helpful online tool becomes a digital peephole into your personal health.
What Can Be Done About Inversion Attacks?
Can webuild a fort around our personal data?
Well, it’s complicated.
As defenses improve, so do the techniques to bypass them.
Similarly, gauge what information is truly necessary for an app to function and opt out of sharing more.
Safeguarding Our Personal Information in the Age of AI
Our personal information is our most valuable asset.
Let’s commit to a future where our private information remains just that: private.
