Cyber Threat Intelligence for Artificial Intelligence Systems

TL;DR

This paper explores how cyber threat intelligence can be adapted to better protect AI systems from security threats, analyzing current gaps and proposing a framework for AI-specific threat detection and response.

Contribution

It introduces the concept of an AI-oriented threat intelligence knowledge base and discusses how to enhance security tools with AI-specific indicators of compromise.

Findings

Identifies gaps in existing cyber threat intelligence resources for AI.

Proposes a framework for AI-specific threat indicators and their integration.

Highlights future research directions for AI-focused cybersecurity.

Abstract

As artificial intelligence (AI) becomes deeply embedded in critical services and everyday products, it is increasingly exposed to security threats which traditional cyber defenses were not designed to handle. In this paper, we investigate how cyber threat intelligence (CTI) may evolve to address attacks that target AI systems. We first analyze the assumptions and workflows of conventional threat intelligence with the needs of AI-focused defense, highlighting AI-specific assets and vulnerabilities. We then review and organize the current landscape of AI security knowledge. Based on this, we outline what an AI-oriented threat intelligence knowledge base should contain, describing concrete indicators of compromise (IoC) for different AI supply-chain phases and artifacts, and showing how such a knowledge base could support security tools. Finally, we discuss techniques for measuring similarity between collected indicators and newly observed AI artifacts. The review reveals gaps and quality issues in existing resources and identifies potential future research directions toward a practical threat intelligence framework tailored to AI.