Tag Archives: 2016
Con artistry is one of the world’s oldest and most innovative professions, and it may soon have a new target. Research suggests artificial intelligence may be uniquely susceptible to tricksters, and as its influence in the modern world grows, attacks against it are likely to become more common.
The root of the problem lies in the fact that artificial intelligence algorithms learn about the world in very different ways than people do, and so slight tweaks to the data fed into these algorithms can throw them off completely while remaining imperceptible to humans.
Much of the research into this area has been conducted on image recognition systems, in particular those relying on deep learning neural networks. These systems are trained by showing them thousands of examples of images of a particular object until they can extract common features that allow them to accurately spot the object in new images.
But the features they extract are not necessarily the same high-level features a human would be looking for, like the word STOP on a sign or a tail on a dog. These systems analyze images at the individual pixel level to detect patterns shared between examples. These patterns can be obscure combinations of pixel values, in small pockets or spread across the image, that would be impossible to discern for a human, but highly accurate at predicting a particular object.
“An attacker can trick the object recognition algorithm into seeing something that isn’t there, without these alterations being obvious to a human.”
What this means is that by identifying these patterns and overlaying them over a different image, an attacker can trick the object recognition algorithm into seeing something that isn’t there, without these alterations being obvious to a human. This kind of manipulation is known as an “adversarial attack.”
Early attempts to trick image recognition systems this way required access to the algorithm’s inner workings to decipher these patterns. But in 2016 researchers demonstrated a “black box” attack that enabled them to trick such a system without knowing its inner workings.
By feeding the system doctored images and seeing how it classified them, they were able to work out what it was focusing on and therefore generate images they knew would fool it. Importantly, the doctored images were not obviously different to human eyes.
These approaches were tested by feeding doctored image data directly into the algorithm, but more recently, similar approaches have been applied in the real world. Last year it was shown that printouts of doctored images that were then photographed on a smartphone successfully tricked an image classification system.
Another group showed that wearing specially designed, psychedelically-colored spectacles could trick a facial recognition system into thinking people were celebrities. In August scientists showed that adding stickers to stop signs in particular configurations could cause a neural net designed to spot them to misclassify the signs.
These last two examples highlight some of the potential nefarious applications for this technology. Getting a self-driving car to miss a stop sign could cause an accident, either for insurance fraud or to do someone harm. If facial recognition becomes increasingly popular for biometric security applications, being able to pose as someone else could be very useful to a con artist.
Unsurprisingly, there are already efforts to counteract the threat of adversarial attacks. In particular, it has been shown that deep neural networks can be trained to detect adversarial images. One study from the Bosch Center for AI demonstrated such a detector, an adversarial attack that fools the detector, and a training regime for the detector that nullifies the attack, hinting at the kind of arms race we are likely to see in the future.
While image recognition systems provide an easy-to-visualize demonstration, they’re not the only machine learning systems at risk. The techniques used to perturb pixel data can be applied to other kinds of data too.
“Bypassing cybersecurity defenses is one of the more worrying and probable near-term applications for this approach.”
Chinese researchers showed that adding specific words to a sentence or misspelling a word can completely throw off machine learning systems designed to analyze what a passage of text is about. Another group demonstrated that garbled sounds played over speakers could make a smartphone running the Google Now voice command system visit a particular web address, which could be used to download malware.
This last example points toward one of the more worrying and probable near-term applications for this approach: bypassing cybersecurity defenses. The industry is increasingly using machine learning and data analytics to identify malware and detect intrusions, but these systems are also highly susceptible to trickery.
At this summer’s DEF CON hacking convention, a security firm demonstrated they could bypass anti-malware AI using a similar approach to the earlier black box attack on the image classifier, but super-powered with an AI of their own.
Their system fed malicious code to the antivirus software and then noted the score it was given. It then used genetic algorithms to iteratively tweak the code until it was able to bypass the defenses while maintaining its function.
All the approaches noted so far are focused on tricking pre-trained machine learning systems, but another approach of major concern to the cybersecurity industry is that of “data poisoning.” This is the idea that introducing false data into a machine learning system’s training set will cause it to start misclassifying things.
This could be particularly challenging for things like anti-malware systems that are constantly being updated to take into account new viruses. A related approach bombards systems with data designed to generate false positives so the defenders recalibrate their systems in a way that then allows the attackers to sneak in.
How likely it is that these approaches will be used in the wild will depend on the potential reward and the sophistication of the attackers. Most of the techniques described above require high levels of domain expertise, but it’s becoming ever easier to access training materials and tools for machine learning.
Simpler versions of machine learning have been at the heart of email spam filters for years, and spammers have developed a host of innovative workarounds to circumvent them. As machine learning and AI increasingly embed themselves in our lives, the rewards for learning how to trick them will likely outweigh the costs.
Image Credit: Nejron Photo / Shutterstock.com Continue reading
Remember the 1980s movie Brewster’s Millions, in which a minor league baseball pitcher (played by Richard Pryor) must spend $30 million in 30 days to inherit $300 million? Pryor goes on an epic spending spree for a bigger payoff down the road.
One of the world’s biggest public companies is making that film look like a weekend in the Hamptons. Japan’s SoftBank Group, led by its indefatigable CEO Masayoshi Son, is shooting to invest $100 billion over the next five years toward what the company calls the information revolution.
The newly-created SoftBank Vision Fund, with a handful of key investors, appears ready to almost single-handedly hack the technology revolution. Announced only last year, the fund had its first major close in May with $93 billion in committed capital. The rest of the money is expected to be raised this year.
The fund is unprecedented. Data firm CB Insights notes that the SoftBank Vision Fund, if and when it hits the $100 billion mark, will equal the total amount that VC-backed companies received in all of 2016—$100.8 billion across 8,372 deals globally.
The money will go toward both billion-dollar corporations and startups, with a minimum $100 million buy-in. The focus is on core technologies like artificial intelligence, robotics and the Internet of Things.
Aside from being Japan’s richest man, Son is also a futurist who has predicted the singularity, the moment in time when machines will become smarter than humans and technology will progress exponentially. Son pegs the date as 2047. He appears to be hedging that bet in the biggest way possible.
Show Me the Money
Ostensibly a telecommunications company, SoftBank Group was founded in 1981 and started investing in internet technologies by the mid-1990s. Son infamously lost about $70 billion of his own fortune after the dot-com bubble burst around 2001. The company itself has a market cap of nearly $90 billion today, about half of where it was during the heydays of the internet boom.
The ups and downs did nothing to slake the company’s thirst for technology. It has made nine acquisitions and more than 130 investments since 1995. In 2017 alone, SoftBank has poured billions into nearly 30 companies and acquired three others. Some of those investments are being transferred to the massive SoftBank Vision Fund.
SoftBank is not going it alone with the new fund. More than half of the money—$60 billion—comes via the Middle East through Saudi Arabia’s Public Investment Fund ($45 billion) and Abu Dhabi’s Mubadala Investment Company ($15 billion). Other players at the table include Apple, Qualcomm, Sharp, Foxconn, and Oracle.
During a company conference in August, Son notes the SoftBank Vision Fund is not just about making money. “We don’t just want to be an investor just for the money game,” he says through a translator. “We want to make the information revolution. To do the information revolution, you can’t do it by yourself; you need a lot of synergy.”
Off to the Races
The fund has wasted little time creating that synergy. In July, its first official investment, not surprisingly, went to a company that specializes in artificial intelligence for robots—Brain Corp. The San Diego-based startup uses AI to turn manual machines into self-driving robots that navigate their environments autonomously. The first commercial application appears to be a really smart commercial-grade version that crosses a Roomba and Zamboni.
A second investment in July was a bit more surprising. SoftBank and its fund partners led a $200 million mega-round for Plenty, an agricultural tech company that promises to reshape farming by going vertical. Using IoT sensors and machine learning, Plenty claims its urban vertical farms can produce 350 times more vegetables than a conventional farm using 1 percent of the water.
The spending spree continued into August.
The SoftBank Vision Fund led a $1.1 billion investment into a little-known biotechnology company called Roivant Sciences that goes dumpster diving for abandoned drugs and then creates subsidiaries around each therapy. For example, Axovant Sciences is devoted to neurology while Urovant focuses on urology. TechCrunch reports that Roivant is also creating a tech-focused subsidiary, called Datavant, that will use AI for drug discovery and other healthcare initiatives, such as designing clinical trials.
The AI angle may partly explain SoftBank’s interest in backing the biggest private placement in healthcare to date.
Also in August, SoftBank Vision Fund led a mix of $2.5 billion in primary and secondary capital investments into India’s largest private company in what was touted as the largest single investment in a private Indian company. Flipkart is an e-commerce company in the mold of Amazon.
The fund tacked on a $250 million investment round in August to Kabbage, an Atlanta-based startup in the alt-lending sector for small businesses. It ended big with a $4.4 billion investment into a co-working company called WeWork.
Betterment of Humanity
And those investments only include companies that SoftBank Vision Fund has backed directly.
SoftBank the company will offer—or has already turned over—previous investments to the Vision Fund in more than a half-dozen companies. Those assets include its shares in Nvidia, which produces chips for AI applications, and its first serious foray into autonomous driving with Nauto, a California startup that uses AI and high-tech cameras to retrofit vehicles to improve driving safety. The more miles the AI logs, the more it learns about safe and unsafe driving behaviors.
Other recent acquisitions, such as Boston Dynamics, a well-known US robotics company owned briefly by Google’s parent company Alphabet, will remain under the SoftBank Group umbrella for now.
This spending spree begs the question: What is the overall vision behind the SoftBank’s relentless pursuit of technology companies? A spokesperson for SoftBank told Singularity Hub that the “common thread among all of these companies is that they are creating the foundational platforms for the next stage of the information revolution.All of the companies, he adds, share SoftBank’s criteria of working toward “the betterment of humanity.”
While the SoftBank portfolio is diverse, from agtech to fintech to biotech, it’s obvious that SoftBank is betting on technologies that will connect the world in new and amazing ways. For instance, it wrote a $1 billion check last year in support of OneWeb, which aims to launch 900 satellites to bring internet to everyone on the planet. (It will also be turned over to the SoftBank Vision Fund.)
SoftBank also led a half-billion equity investment round earlier this year in a UK company called Improbable, which employs cloud-based distributed computing to create virtual worlds for gaming. The next step for the company is massive simulations of the real world that supports simultaneous users who can experience the same environment together(and another candidate for the SoftBank Vision Fund.)
Even something as seemingly low-tech as WeWork, which provides a desk or office in locations around the world, points toward a more connected planet.
In the end, the singularity is about bringing humanity together through technology. No one said it would be easy—or cheap.
Stock Media provided by xackerz / Pond5 Continue reading
It can read lips and create new food recipes. It can win at chess, Jeopardy and the game Go. Every major technology company appears to be integrating it into how they organize and operate their business. And it seems like just about every new app in existence claims its software uses some sort of machine learning to make life even better.
Artificial intelligence is splashed across headlines like never before. The AI revolution is here, and the most obvious question to ask as 2016 draws to an end is: what’s next?
We recently asked James Hendler this question. Hendler is director of the Rensselaer Institute for Data Exploration and Applications and one of the developers of the semantic web. He recently co-wrote, with Alice M. Mulvehill, the book Social Machines: The Coming Collision of Artificial Intelligence, Social Networking, and Humanity.
The book is less about predictions and more about setting expectations about what AI can and can’t do. The problem, as Hendler sees it, is that many people view AI with Terminator trepidation or as a utopian dream, while completely taking humanity out of the equation.
“People want to paint this technology in black and white,” he explains. “It needs humans in the loop, and humans are better at dealing with the grays.”
To borrow a slightly used political slogan: we—humans and AI—are stronger together. That’s Hendler’s a priori when discussing the future of artificial intelligence.
Packaging AI for mass programming
“I think the thing that excites me short-term is how much of AI technology [is being] made accessible at a much simpler level for programmers to use. It’s no longer a specialist thing,” Hendler says.
A class he is currently teaching on AI cognitive computing illustrates this point. Undergraduates are doing projects, like creating a chatbot able to answer questions about the Harry Potter universe, in a matter of weeks. A few years ago, such a feat would have been fodder for a PhD thesis.
It’s no longer necessary to build deep learning, computer vision or natural language components from scratch. Just download an open source package and integrate it into your system with some tweaking. It’s a bit like playing with WordPress, though Hendler prefers to talk about the nascent days of the internet. In the early 1990s, with some basic understanding of HTML, it was possible to build a website thanks to a sort of pre-packaged code that could be installed on a machine.
“AI has been packaged in a usable way,” Hendler says. “[It’s] more like putting the pieces together and finding what works than doing the basic research into what those components are, at least for the more applied side to the technology space.”
Opening the doors to innovation
In the short term, Hendler says, that opens up the game to players of all sizes.
“We’re going to see a huge amount of innovation in small companies using existing techniques for deep learning, vision and language tasks,” he says. “The heavyweights—Microsoft, Google, Facebook—will invest heavily in the technology they do but in new directions.”
Meanwhile, academia and government will continue to play roles in the evolution of AI-related technologies. Hendler uses the example of autonomous vehicles, first developed by universities like Stanford to win the DARPA Grand Challenge. Google then further matured the technology. Now it seems every car company on the planet is working to put robotic cars on the road.
While there is still a need to develop new AI technologies to solve problems, Hendler says the near-term focus will be on the sorts of business cases that can be made with existing tools.
“I think that kind of innovation is where you see entrepreneurs and startups starting to focus now. I think we’re going to see a tremendous amount of that,” Hendler says.
Solving developed and developing world problems
And what might the casual technology user see from AI in 2017 and beyond? In this case, more may mean less, as technology slips seamlessly into the background.
“It’s not going to be as obvious as you buy something and the whole world is different,” Hendler says.
Take Siri, Apple’s ubiquitous virtual assistant. Siri’s competence at performing increasingly complex tasks is constantly improving, but it still (and often) defaults back to a web search for the answer. One day not too far into the future, one could imagine asking Siri or one of her counterparts a question like, “Show me a photo of my kids from lunch today,” and the machine quickly and correctly pulling out the results.
In fact, we see some of the startups Hendler mentions already on the cusp of such achievements. A company called Snips uses an AI technique called "context aware" to build a sort of memory, almost an alter ego, on a user’s mobile device, by sorting through data like contacts, emails, calendars, photos and so on. It learns what is important in the user’s life over time, serving as the single portal to all the apps and information stored on the device.
“It’s about using this artificial intelligence to make technology disappear in a way that you can just go about your day and not care about it anymore,” says Rand Hindi, CEO and founder of Snips, during a TEDx talk in 2015.
Of course, these are developed world problems—making technology disappear. Hendler is optimistic that projects to improve conditions in developing countries will involve the appearance of AI in the near future. In particular, he and others are working with IBM to bring literacy to one billion people in the next five years.
“You’re talking about being able to significantly change the lives of huge amounts of people, especially in countries where literacy rates are currently low,” he says. “That’s where those people will see technology suddenly come into their lives in a way it never has before.”
Education is key
Upheavals and massive disruptions—both good and bad—are ahead in a world increasingly powered by artificial intelligence and related technologies.
On one side of the argument are people like the 1.8 million truck drivers who could feasibly be put out of work in less than a generation by self-driving vehicles. On the flip side are the potential savings in industries like medicine, where AI is already being employed on a large scale with IBM’s Watson, the poster child—computer—for those high-tech services. Consider that health care accounts for 17.5 percent of US GDP, according to the Centers for Medicare and Medicaid Services.
Hendler says government needs to be involved to help manage these changes without setting up roadblocks to innovation. Education will be key to the AI revolution, he maintains, so people will understand where computers excel and where they struggle.
“That’s where we need people to be smarter, and for technical people to help policy makers to understand those differences and where they lie,” he says. “It’s understanding those differences that will be so important.”
Banner Image Credit: Rob Bulmahn/Flickr Continue reading
ARTIFICIAL INTELLIGENCE Big Tech's AI Predictions for 2017 Lolita Taub | The Huffington Post "For the final Cognitive Business post of the year, I asked artificial intelligence centric Fortune 500 leaders for their 2017 enterprise AI predictions. Microsoft, IBM, Baidu, NVIDIA, Qualcomm, GE, SAS, and Oracle responded. What they had to say is exciting…" CYBERSECURITY Artificial […] Continue reading