Privacy and Security Implications of Cloud-Based AI Services : A Survey

TL;DR

This survey explores the privacy and security challenges in cloud-based AI services, proposing taxonomies to categorize risks and defenses, thereby aiding the development of more secure and transparent AI systems.

Contribution

It introduces a comprehensive taxonomy of privacy and security risks in AI-as-a-Service models, bridging the gap between model providers and consumers.

Findings

Documented various liabilities posed by ML models in cloud environments

Proposed a taxonomy to categorize privacy and security risks

Highlighted the need for robust solutions for secure AI deployment

Abstract

This paper details the privacy and security landscape in today's cloud ecosystem and identifies that there is a gap in addressing the risks introduced by machine learning models. As machine learning algorithms continue to evolve and find applications across diverse domains, the need to categorize and quantify privacy and security risks becomes increasingly critical. With the emerging trend of AI-as-a-Service (AIaaS), machine learned AI models (or ML models) are deployed on the cloud by model providers and used by model consumers. We first survey the AIaaS landscape to document the various kinds of liabilities that ML models, especially Deep Neural Networks pose and then introduce a taxonomy to bridge this gap by holistically examining the risks that creators and consumers of ML models are exposed to and their known defences till date. Such a structured approach will be beneficial for ML model providers to create robust solutions. Likewise, ML model consumers will find it valuable to evaluate such solutions and understand the implications of their engagement with such services. The proposed taxonomies provide a foundational basis for solutions in private, secure and robust ML, paving the way for more transparent and resilient AI systems.