Protecting
Artificial
Intelligence

Ensuring the secure development and application
of artificial intelligence (AI) technologies in modern
informational and industrial environments.

Goals and areas of work

Kaspersky AIST

Secure AI for users
and developers

Protecting AI systems involves implementing additional information security measures that take into account the unique and specific features and vulnerabilities of AI components: data, models, and computing platforms.

What makes AI systems different, and why can't standard information security tools fully secure them?

In traditional IT systems, the core is a computer program—a series of commands written in a programming language for the machine to execute. Cybersecurity specialists can "read" this program like text, understand its logic, and evaluate potential risks.

With modern AI systems, the situation is fundamentally different. Instead of a traditional program, the core of an AI system is a model. This model is defined by an immense number of numerical parameters — sometimes exceeding a trillion. Its behavior is not explicitly programmed but shaped by adjusting these parameters during machine learning. This makes understanding and securing AI systems far more complex.

As a result, the logic of an AI system — expressed as numerical parameters rather than commands— is essentially hidden from humans. Assessing the risks of specific AI models, understanding their structure, and analyzing their inner workings require specialized knowledge and tools.
аист летит

Areas of work

Researching AI threats and protection methods
Conducting comprehensive risk assessments of AI systems
Helping to design secure AI solutions
Auditing AI systems for regulatory compliance
Consulting and educational initiatives in AI security
Иконка партнёрства

Our partner is one of Russia's leading research organizations in AI security: the Trusted Artificial Intelligence Research Center based at the V.P. Ivannikov Institute for System Programming of the Russian Academy of Sciences (ISP RAS).

AI threat landscape

Data

Manipulating data in AI systems: threats to data integrity and confidentiality.

Learn more

Models

Malicious functionality hidden in model weights or layers, and the risk of knowledge extraction (model theft).

Learn more

Computing systems

Attacks targeting power consumption, performance, and hardware-level model destruction.

Learn more

AI in industry:
applications and risks

Critical infrastructure

AI use in energy, life support systems, security and control systems, transportation, and logistics.

Learn more

Agriculture

Efficient and sustainable production, cost optimization and forecasting, monitoring and control of production processes.

Learn more

Transport

Autonomous navigation, collision avoidance, predictive maintenance, route optimization, and safety.

Learn more

Monitoring and control

Object and human recognition, telemetry-based monitoring of production processes, and non-destructive testing.

Learn more

Education

Adaptive learning, process enhancements, automated assessment of assignments, and educational simulators.

Learn more

Manufacturing

Predictive diagnostics, digital twins, metrological support, and process control.

Learn more

Medicine

Disease prediction, diagnostics, and prevention, decision-support systems for doctors, and life support systems.

Learn more

Internet and banking

Speech technologies, voice assistants, chatbots, content (media and text) generation, and search functionality.

Learn more

Automotive

Automated traffic management, route planning, diagnostics and monitoring systems.

Learn more

Regulation

In Russia

Learn more

Globally

Learn more

AI security services

Kaspersky AIST

We provide reliable protection for AI systems, safeguarding data, business processes, and AI infrastructure against potential threats.

Threat landscape analysis

Analysis of potential attack vectors on the customer’s AI solution, based on the specific risks of the field of application. We provide a detailed report with actionable recommendations for addressing threats and improving the overall security of the solution.

Analysis of input and training data for AI models

Assessment of vulnerabilities in the AI model to adversarial and other input data attacks, ensuring the training dataset complies with security requirements. A comprehensive report outlines vulnerabilities and provides recommendations for mitigating risks.

* In some cases – such as large language models (LLMs) – additional research projects may be conducted.

AI model analysis

Detection of malicious functionality in AI models, including trojans and other harmful modules embedded in deep neural networks*. Our analysis includes a detailed report is report on the presence or absence of malware, as well as malware localization and removal – all without compromising the model's performance.

* Requires access to the model's source code

Monitoring the security of AI solutions

Evaluation of the security of AI solutions and models during operation to identify undeclared functionality or malicious activity. If direct analysis is not feasible, indirect signs are used for detection. We provide a report detailing the tests conducted, addressing the presence or absence of undeclared functionality.

Developing secure AI models

Design and training of AI models with enhanced resilience against attacks, using adversarial training, trusted AI models, specialized (neuromorphic) hardware, and other proactive protection methods. Deployment and distribution of trusted development environments for AI models.

Expert analytical support in AI regulation

Development of AI implementation strategies that take into account legal and regulatory requirements. Services include auditing AI solutions for compliance and contributing to the development of industry standards.

Consulting services and research on security for AI

For organizations new to security for AI, our team offers initial consultations tailored to your specific needs. We also conduct in-depth security analyses of specific AI solutions or approaches of interest.