IA et cybersécurité/en: Revision history

From Wiki Campus Cyber

Diff selection: Mark the radio buttons of the revisions to compare and hit enter or the button at the bottom.
Legend: (cur) = difference with latest revision, (prev) = difference with preceding revision, m = minor edit.

5 December 2023

  • curprev 15:3815:38, 5 December 2023Juliette talk contribs 12,841 bytes −279 Page créée avec « * Standardize the anonymization of data collection, storage and transmission encryption. * Implement information leak detection scenarios for the entire data pipeline * Provide a specific, isolated training environment with restricted access to libraries for those handling the data sets. * Regularly validate the security level of open-source libraries and components used in training and validation environments. * Build adversarial datasets with identified risk sc... »
  • curprev 15:3815:38, 5 December 2023Juliette talk contribs 13,120 bytes −87 Page créée avec « Measures specific to development, training, validation and production environments: »
  • curprev 15:3715:37, 5 December 2023Juliette talk contribs 13,207 bytes −196 Page créée avec « * Set up an ethics and risk committee to select the use cases for artificial intelligence that are relevant to the company and the authorized data. * Inform artificial intelligence and data teams of their rights and obligations when handling data, and the associated risks. * Train artificial intelligence and data teams in best practices for secure data handling (anonymization, encryption, etc.), distributed learning techniques and secure development. * Define for... »
  • curprev 15:3715:37, 5 December 2023Juliette talk contribs 13,403 bytes −95 Page créée avec « ==== Practical solutions to reduce the risk of system compromise ==== The 4 best practices to put in place to limit the risks associated with AI systems are : »
  • curprev 15:3715:37, 5 December 2023Juliette talk contribs 13,498 bytes −217 Page créée avec « * Training data poisoning attack (targeted or untargeted) * Data supply attack * Attack on library supply chain * Oracle attack on production model * Evasion attack on production model »
  • curprev 15:3615:36, 5 December 2023Juliette talk contribs 13,715 bytes −85 Page créée avec « The working group's research identified 5 different attack patterns applicable to any Artificial Intelligence system: »
  • curprev 15:3615:36, 5 December 2023Juliette talk contribs 13,800 bytes −153 Page créée avec « sans_cadre|1000x1000px »
  • curprev 15:3615:36, 5 December 2023Juliette talk contribs 13,953 bytes −65 Page créée avec « ==== Applying EBIOS RM to an Artificial Intelligence system ==== gauche|vignette|1000x1000px »
  • curprev 15:3515:35, 5 December 2023Juliette talk contribs 14,018 bytes −225 Page créée avec « * Exploration is a set of technical components used to analyze data in order to understand its meaning and determine the axes of analysis for the following phases; * Training is a set of technical components for modeling data and training an AI model; * Evaluation is a set of technical components used to validate the relevance of a trained model in relation to the modeling objectives; * Production is a set of technical components enabling the model to infer resul... »
  • curprev 15:3515:35, 5 December 2023Juliette talk contribs 14,243 bytes −80 Page créée avec « An Artificial Intelligence system can be represented as a pipeline made up of 4 key stages: centré|vignette|1000x1000px|Modélisation d'un pipeline d'Intelligence Artificielle »
  • curprev 15:3415:34, 5 December 2023Juliette talk contribs 14,323 bytes −114 Page créée avec « ==== An AI system as seen by cybersecurity experts ==== The Working Group has identified only the common building blocks required for any AI project, to provide readers with a succinct, pragmatic vision. »
  • curprev 15:3415:34, 5 December 2023Juliette talk contribs 14,437 bytes −97 Page créée avec « == How to secure applications using artificial intelligence systems == »
  • curprev 15:3415:34, 5 December 2023Juliette talk contribs 14,534 bytes −56 Page créée avec « * Cas d'usage de Classification des données * Cas d'usage d'utilisation du Machine Learning dans la mitigation d'attaque DDoS * Cas d'usage de protection de la marque, lutte contre le typo-squatting * Cas d'usage d'identification de démissionnaires pressentis * Détection d’événement... »
  • curprev 15:3415:34, 5 December 2023Juliette talk contribs 14,590 bytes −66 Page créée avec « ==== Case studies presented by members of the Artificial Intelligence and Cybersecurity Working Group ==== »
  • curprev 15:3315:33, 5 December 2023Juliette talk contribs 14,656 bytes −79 Page créée avec « * '''RESET''' with the aim of returning to a normal operating state following a cybersecurity incident. »
  • curprev 15:3315:33, 5 December 2023Juliette talk contribs 14,735 bytes −90 Page créée avec « * '''RESPOND''' with the aim of dealing with cybersecurity incidents: stopping or containing the attack, adapting the security policy or its implementation ; »
  • curprev 15:3215:32, 5 December 2023Juliette talk contribs 14,825 bytes −205 Page créée avec « * DETECT to identify and qualify cybersecurity incidents; »
  • curprev 15:3215:32, 5 December 2023Juliette talk contribs 15,030 bytes −103 Page créée avec « * IDENTIFY'' with the aim of identifying, evaluating and implementing the appropriate organization to control the information system and deal with risks; »
  • curprev 15:3215:32, 5 December 2023Juliette talk contribs 15,133 bytes −89 Page créée avec « ==== Security objectives ==== Security objectives aim to determine the activities to be implemented in order to control cybersecurity risks within organizations. These are divided into 5 types according to the NIST framework: »
  • curprev 15:3215:32, 5 December 2023Juliette talk contribs 15,222 bytes −191 Page créée avec « * Application security, including identity and access management, and application protection (Security by Design, SDLC, DevSecOps, etc.); * Infrastructure security, including the implementation of infrastructure cybersecurity solutions (FW, IPS, EDR, Proxy, Directories, etc.) required for in-depth information system security; * Cyber defense activities, often identified with the work of Blue Teams, ensuring the operational security of organizations' Information S... »
  • curprev 15:3115:31, 5 December 2023Juliette talk contribs 15,413 bytes −83 Page créée avec « * The '''security assessment,''' often identified with the work of '' Red Teams,'' performing auditing, penetration testing, and organizational compromise activities; »
  • curprev 15:3115:31, 5 December 2023Juliette talk contribs 15,496 bytes −78 Page créée avec « * Risk and compliance management, including all activities relating to the definition, treatment and management of risks and regulations applicable to organizations; »
  • curprev 15:3115:31, 5 December 2023Juliette talk contribs 15,574 bytes −189 Page créée avec « This Use Case Classification Framework is an initiative of the Working Group: it is based on guides and standards in the field, and is intended to be a "practical" way of simply categorizing use cases and encouraging the identification of new ones. In addition to helping to organize knowledge, this framework has been designed to facilitate sharing with international entities. It is built around three axes: Fichier:GT IA & Cyber - Framework de cas d'usages.png|v... »
  • curprev 15:2915:29, 5 December 2023Juliette talk contribs 15,763 bytes −95 Page créée avec « Based on the challenges and experiments carried out in a number of contexts, the Working Group has identified a set of cybersecurity use cases that can be accelerated or enhanced by the use of Artificial Intelligence. To this end, a framework has been defined to classify and enrich the use cases. »
  • curprev 15:2915:29, 5 December 2023Juliette talk contribs 15,858 bytes −373 Page créée avec « The Working Group also recommends the creation of two complementary positions, référents sécurité en Intelligence Artificielle and Facilitateurs en Intelligence Artificielle. == What contribution can artificial intelligence make to cybersecurity? == Intelligence Artificielle, as a scientific field, h... »
  • curprev 15:2715:27, 5 December 2023Juliette talk contribs 16,231 bytes −157 Page créée avec « It should be noted that each company may have slightly different names for these profiles, and may even divide the roles between different players in different ways. Some of these profiles are cross-functional and work on numerous projects (business sponsor, production platform administrator, data architect and risk profiles), while others are dedicated to a single project and form a project team. Risk profiles must therefore work alongside AI profiles in mixed p... »
  • curprev 15:2715:27, 5 December 2023Juliette talk contribs 16,388 bytes +12 No edit summary
  • curprev 15:2515:25, 5 December 2023Juliette talk contribs 16,376 bytes −440 Page créée avec « == The security of intelligent systems and their uses in cybersecurity, state of knowledge and skills == vignette|300x300px|left Artificial Intelligence systems are becoming more and more widespread in modern information technology, and have made many advances in recent years. With a view to preparing the next generations of applications and defense systems against cyber threats, the Cyber Campus, through the Artif... »
  • curprev 15:2415:24, 5 December 2023Juliette talk contribs 16,816 bytes −208 Page créée avec « === Initial objectives === * Catalog the potential uses of AI for cybersecurity * Create a CYLVIA sandbox environment enabling Cyber Campus members to experiment and evolve in a restricted environment. * Create AI training courses for cybersecurity professionals at various levels. * Identify and map startups specializing in AI solutions for cybersecurity. * Identify cyberthreats and possible mitigations on AI application systems »
  • curprev 15:2415:24, 5 December 2023Juliette talk contribs 17,024 bytes −76 Page créée avec « == Working Group objectives and deliverables == The mission of the Working Group, launched as part of Cycle 2 of the Cyber Campus, is to analyze the areas in which cybersecurity and artificial intelligence intersect. »
  • curprev 15:2315:23, 5 December 2023Juliette talk contribs 17,100 bytes +17,100 Page créée avec « AI and cybersecurity »