davidvonthenen / 2025-api-world Public

Notifications You must be signed in to change notification settings
Fork 1
Star 1

All resources (slides, code, etc) for API World 2025: API Security for the AI Era: Detecting and Preventing Adversarial Manipulation

Apache-2.0 license

1 star 1 fork Branches Tags Activity

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 7 Commits
demos		demos
images		images
.gitignore		.gitignore
API_Security_for_the_AI_Era_Detecting_and_Preventing_Adversarial_Manipulation.pdf		API_Security_for_the_AI_Era_Detecting_and_Preventing_Adversarial_Manipulation.pdf
LICENSE		LICENSE
README.md		README.md

Repository files navigation

2025 API World

All resources (slides, code, etc) for API World 2025: API Security for the AI Era: Detecting and Preventing Adversarial Manipulation

Purpose

Please see session presentation and recording for details. The short answer, this workshop is broken up into two sections:

Observing Threat Vectors (And Trying Them Out On Your Own)
Observing AI Defense Mechanisms (And Trying Them Out On Your Own)

The real value is the session recording as this is a demonstration how our AI/ML systems can be compromised. I wrote this session because I dont't think there are many good tutorials/workshops that discuss these things.

Prerequisites

Have only tested on MacOS, but should also work on most favors of Linux.

Using:

Python 3.11+

I would highly recommend using something like:

conda - https://docs.anaconda.com/free/miniconda/
venv - https://docs.python.org/3/library/venv.html

Installation

For each demo/lab below, install the required packages by running in your (virtual) environment:

pip install -r requirements.txt

Threat Vectors

Here are some examples for threat vectors into AI/ML systems.

1. Adversarial Input

To run the demo, do the following:

# navigate to the folder
cd ./demo/1_sentiment-pos-vs-neg-deberta

# install the Python dependencies
pip install -r requirements.txt

# run the example
python main.py

Open up the source code main.py and trying manipulating the input strings and see how it affects the output.

2. Data Poisoning

To run the demo, do the following:

# navigate to the folder
cd ./demo/2_which_animal_pixel

# install the Python dependencies
pip install -r requirements.txt

# run the example
python main.py

3. Supply Chain Attack

To run the demo, do the following:

# navigate to the folder
cd ./demo/3_sentiment_supply

# install the Python dependencies
pip install -r requirements.txt

# run the example
python main.py

Open up the source code main.py and trying manipulating the input strings and see how it affects the output.

Defending Against Threats

Here are some examples for defending against threads.

1. NLP: Sanitize User Inputs

To run the demo, do the following:

# navigate to the folder
cd ./demo/4_nlp_defend

# install the Python dependencies
pip install -r requirements.txt

# run the example
python main.py

Open up the source code main.py and trying manipulating the input strings and see how it affects the output.

2. Vision: Sanitize User Inputs

To run the demo, do the following:

# navigate to the folder
cd ./demo/5_one_pixel_defend

# install the Python dependencies
pip install -r requirements.txt

# run the example
python main.py

About

All resources (slides, code, etc) for API World 2025: API Security for the AI Era: Detecting and Preventing Adversarial Manipulation

Apache-2.0 license

Report repository

Releases

No releases published

Packages

No packages published