AI Psychiatry: A New Forensic Tool to Investigate AI Failures
3 Sources
3 Sources
[1]
Forensics tool 'reanimates' the 'brains' of AIs that fail in order to understand what went wrong
From drones delivering medical supplies to digital assistants performing everyday tasks, AI-powered systems are becoming increasingly embedded in everyday life. The creators of these innovations promise transformative benefits. For some people, mainstream applications such as ChatGPT and Claude can seem like magic. But these systems are not magical, nor are they foolproof - they can and do regularly fail to work as intended. AI systems can malfunction due to technical design flaws or biased training data. They can also suffer from vulnerabilities in their code, which can be exploited by malicious hackers. Isolating the cause of an AI failure is imperative for fixing the system. But AI systems are typically opaque, even to their creators. The challenge is how to investigate AI systems after they fail or fall victim to attack. There are techniques for inspecting AI systems, but they require access to the AI system's internal data. This access is not guaranteed, especially to forensic investigators called in to determine the cause of a proprietary AI system failure, making investigation impossible. We are computer scientists who study digital forensics. Our team at the Georgia Institute of Technology has built a system, AI Psychiatry, or AIP, that can recreate the scenario in which an AI failed in order to determine what went wrong. The system addresses the challenges of AI forensics by recovering and "reanimating" a suspect AI model so it can be systematically tested. Uncertainty of AI Imagine a self-driving car veers off the road for no easily discernible reason and then crashes. Logs and sensor data might suggest that a faulty camera caused the AI to misinterpret a road sign as a command to swerve. After a mission-critical failure such as an autonomous vehicle crash, investigators need to determine exactly what caused the error. Was the crash triggered by a malicious attack on the AI? In this hypothetical case, the camera's faultiness could be the result of a security vulnerability or bug in its software that was exploited by a hacker. If investigators find such a vulnerability, they have to determine whether that caused the crash. But making that determination is no small feat. Although there are forensic methods for recovering some evidence from failures of drones, autonomous vehicles and other so-called cyber-physical systems, none can capture the clues required to fully investigate the AI in that system. Advanced AIs can even update their decision-making - and consequently the clues - continuously, making it impossible to investigate the most up-to-date models with existing methods. Pathology for AI AI Psychiatry applies a series of forensic algorithms to isolate the data behind the AI system's decision-making. These pieces are then reassembled into a functional model that performs identically to the original model. Investigators can "reanimate" the AI in a controlled environment and test it with malicious inputs to see whether it exhibits harmful or hidden behaviors. AI Psychiatry takes in as input a memory image, a snapshot of the bits and bytes loaded when the AI was operational. The memory image at the time of the crash in the autonomous vehicle scenario holds crucial clues about the internal state and decision-making processes of the AI controlling the vehicle. With AI Psychiatry, investigators can now lift the exact AI model from memory, dissect its bits and bytes, and load the model into a secure environment for testing. Our team tested AI Psychiatry on 30 AI models, 24 of which were intentionally "backdoored" to produce incorrect outcomes under specific triggers. The system was successfully able to recover, rehost and test every model, including models commonly used in real-world scenarios such as street sign recognition in autonomous vehicles. Thus far, our tests suggest that AI Psychiatry can effectively solve the digital mystery behind a failure such as an autonomous car crash that previously would have left more questions than answers. And if it does not find a vulnerability in the car's AI system, AI Psychiatry allows investigators to rule out the AI and look for other causes such as a faulty camera. Not just for autonomous vehicles AI Psychiatry's main algorithm is generic: It focuses on the universal components that all AI models must have to make decisions. This makes our approach readily extendable to any AI models that use popular AI development frameworks. Anyone working to investigate a possible AI failure can use our system to assess a model without prior knowledge of its exact architecture. Whether the AI is a bot that makes product recommendations or a system that guides autonomous drone fleets, AI Psychiatry can recover and rehost the AI for analysis. AI Psychiatry is entirely open source for any investigator to use. AI Psychiatry can also serve as a valuable tool for conducting audits on AI systems before problems arise. With government agencies from law enforcement to child protective services integrating AI systems into their workflows, AI audits are becoming an increasingly common oversight requirement at the state level. With a tool like AI Psychiatry in hand, auditors can apply a consistent forensic methodology across diverse AI platforms and deployments. In the long run, this will pay meaningful dividends both for the creators of AI systems and everyone affected by the tasks they perform.
[2]
Forensics Tool â€~Reanimates’ the â€~Brains’ of AIs That Fail in Order to Understand What Went Wrong
From drones delivering medical supplies to digital assistants performing everyday tasks, AI-powered systems are becoming increasingly embedded in everyday life. The creators of these innovations promise transformative benefits. For some people, mainstream applications such as ChatGPT and Claude can seem like magic. But these systems are not magical, nor are they foolproof â€" they can and do regularly fail to work as intended. AI systems can malfunction due to technical design flaws or biased training data. They can also suffer from vulnerabilities in their code, which can be exploited by malicious hackers. Isolating the cause of an AI failure is imperative for fixing the system. But AI systems are typically opaque, even to their creators. The challenge is how to investigate AI systems after they fail or fall victim to attack. There are techniques for inspecting AI systems, but they require access to the AI system’s internal data. This access is not guaranteed, especially to forensic investigators called in to determine the cause of a proprietary AI system failure, making investigation impossible. We are computer scientists who study digital forensics. Our team at the Georgia Institute of Technology has built a system, AI Psychiatry, or AIP, that can recreate the scenario in which an AI failed in order to determine what went wrong. The system addresses the challenges of AI forensics by recovering and “reanimating†a suspect AI model so it can be systematically tested. Imagine a self-driving car veers off the road for no easily discernible reason and then crashes. Logs and sensor data might suggest that a faulty camera caused the AI to misinterpret a road sign as a command to swerve. After a mission-critical failure such as an autonomous vehicle crash, investigators need to determine exactly what caused the error. Was the crash triggered by a malicious attack on the AI? In this hypothetical case, the camera’s faultiness could be the result of a security vulnerability or bug in its software that was exploited by a hacker. If investigators find such a vulnerability, they have to determine whether that caused the crash. But making that determination is no small feat. Although there are forensic methods for recovering some evidence from failures of drones, autonomous vehicles and other so-called cyber-physical systems, none can capture the clues required to fully investigate the AI in that system. Advanced AIs can even update their decision-making â€" and consequently the clues â€" continuously, making it impossible to investigate the most up-to-date models with existing methods. AI Psychiatry applies a series of forensic algorithms to isolate the data behind the AI system’s decision-making. These pieces are then reassembled into a functional model that performs identically to the original model. Investigators can “reanimate†the AI in a controlled environment and test it with malicious inputs to see whether it exhibits harmful or hidden behaviors. AI Psychiatry takes in as input a memory image, a snapshot of the bits and bytes loaded when the AI was operational. The memory image at the time of the crash in the autonomous vehicle scenario holds crucial clues about the internal state and decision-making processes of the AI controlling the vehicle. With AI Psychiatry, investigators can now lift the exact AI model from memory, dissect its bits and bytes, and load the model into a secure environment for testing. Our team tested AI Psychiatry on 30 AI models, 24 of which were intentionally “backdoored†to produce incorrect outcomes under specific triggers. The system was successfully able to recover, rehost and test every model, including models commonly used in real-world scenarios such as street sign recognition in autonomous vehicles. Thus far, our tests suggest that AI Psychiatry can effectively solve the digital mystery behind a failure such as an autonomous car crash that previously would have left more questions than answers. And if it does not find a vulnerability in the car’s AI system, AI Psychiatry allows investigators to rule out the AI and look for other causes such as a faulty camera. AI Psychiatry’s main algorithm is generic: It focuses on the universal components that all AI models must have to make decisions. This makes our approach readily extendable to any AI models that use popular AI development frameworks. Anyone working to investigate a possible AI failure can use our system to assess a model without prior knowledge of its exact architecture. Whether the AI is a bot that makes product recommendations or a system that guides autonomous drone fleets, AI Psychiatry can recover and rehost the AI for analysis. AI Psychiatry is entirely open source for any investigator to use. AI Psychiatry can also serve as a valuable tool for conducting audits on AI systems before problems arise. With government agencies from law enforcement to child protective services integrating AI systems into their workflows, AI audits are becoming an increasingly common oversight requirement at the state level. With a tool like AI Psychiatry in hand, auditors can apply a consistent forensic methodology across diverse AI platforms and deployments. In the long run, this will pay meaningful dividends both for the creators of AI systems and everyone affected by the tasks they perform. David Oygenblik, Ph.D. Student in Electrical and Computer Engineering, Georgia Institute of Technology and Brendan Saltaformaggio, Associate Professor of Cybersecurity and Privacy, and Electrical and Computer Engineering, Georgia Institute of Technology
[3]
Forensics tool 'reanimates' the 'brains' of AIs that fail in order to understand what went wrong
by David Oygenblik and Brendan Saltaformaggio, The Conversation From drones delivering medical supplies to digital assistants performing everyday tasks, AI-powered systems are becoming increasingly embedded in everyday life. The creators of these innovations promise transformative benefits. For some people, mainstream applications such as ChatGPT and Claude can seem like magic. But these systems are not magical, nor are they foolproof -- they can and do regularly fail to work as intended. AI systems can malfunction due to technical design flaws or biased training data. They can also suffer from vulnerabilities in their code, which can be exploited by malicious hackers. Isolating the cause of an AI failure is imperative for fixing the system. But AI systems are typically opaque, even to their creators. The challenge is how to investigate AI systems after they fail or fall victim to attack. There are techniques for inspecting AI systems, but they require access to the AI system's internal data. This access is not guaranteed, especially to forensic investigators called in to determine the cause of a proprietary AI system failure, making investigation impossible. We are computer scientists who study digital forensics. Our team at the Georgia Institute of Technology has built a system, AI Psychiatry, or AIP, that can recreate the scenario in which an AI failed in order to determine what went wrong. The system addresses the challenges of AI forensics by recovering and "reanimating" a suspect AI model so it can be systematically tested. Uncertainty of AI Imagine a self-driving car veers off the road for no easily discernible reason and then crashes. Logs and sensor data might suggest that a faulty camera caused the AI to misinterpret a road sign as a command to swerve. After a mission-critical failure such as an autonomous vehicle crash, investigators need to determine exactly what caused the error. Was the crash triggered by a malicious attack on the AI? In this hypothetical case, the camera's faultiness could be the result of a security vulnerability or bug in its software that was exploited by a hacker. If investigators find such a vulnerability, they have to determine whether that caused the crash. But making that determination is no small feat. Although there are forensic methods for recovering some evidence from failures of drones, autonomous vehicles and other so-called cyber-physical systems, none can capture the clues required to fully investigate the AI in that system. Advanced AIs can even update their decision-making -- and consequently the clues -- continuously, making it impossible to investigate the most up-to-date models with existing methods. Pathology for AI AI Psychiatry applies a series of forensic algorithms to isolate the data behind the AI system's decision-making. These pieces are then reassembled into a functional model that performs identically to the original model. Investigators can "reanimate" the AI in a controlled environment and test it with malicious inputs to see whether it exhibits harmful or hidden behaviors. AI Psychiatry takes in as input a memory image, a snapshot of the bits and bytes loaded when the AI was operational. The memory image at the time of the crash in the autonomous vehicle scenario holds crucial clues about the internal state and decision-making processes of the AI controlling the vehicle. With AI Psychiatry, investigators can now lift the exact AI model from memory, dissect its bits and bytes, and load the model into a secure environment for testing. Our team tested AI Psychiatry on 30 AI models, 24 of which were intentionally "backdoored" to produce incorrect outcomes under specific triggers. The system was successfully able to recover, rehost and test every model, including models commonly used in real-world scenarios such as street sign recognition in autonomous vehicles. Thus far, our tests suggest that AI Psychiatry can effectively solve the digital mystery behind a failure such as an autonomous car crash that previously would have left more questions than answers. And if it does not find a vulnerability in the car's AI system, AI Psychiatry allows investigators to rule out the AI and look for other causes such as a faulty camera. Not just for autonomous vehicles AI Psychiatry's main algorithm is generic: It focuses on the universal components that all AI models must have to make decisions. This makes our approach readily extendable to any AI models that use popular AI development frameworks. Anyone working to investigate a possible AI failure can use our system to assess a model without prior knowledge of its exact architecture. Whether the AI is a bot that makes product recommendations or a system that guides autonomous drone fleets, AI Psychiatry can recover and rehost the AI for analysis. AI Psychiatry is entirely open source for any investigator to use. AI Psychiatry can also serve as a valuable tool for conducting audits on AI systems before problems arise. With government agencies from law enforcement to child protective services integrating AI systems into their workflows, AI audits are becoming an increasingly common oversight requirement at the state level. With a tool like AI Psychiatry in hand, auditors can apply a consistent forensic methodology across diverse AI platforms and deployments. In the long run, this will pay meaningful dividends both for the creators of AI systems and everyone affected by the tasks they perform.
Share
Share
Copy Link
Researchers at Georgia Institute of Technology have developed AI Psychiatry, a forensic tool that can recreate and analyze AI failures, potentially revolutionizing AI system audits and investigations.
Introducing AI Psychiatry: A Breakthrough in AI Forensics
Researchers at the Georgia Institute of Technology have developed a groundbreaking forensic tool called AI Psychiatry (AIP) that promises to revolutionize the investigation of AI system failures. As AI-powered systems become increasingly integrated into our daily lives, from autonomous vehicles to digital assistants, the need for effective forensic tools to analyze AI failures has become critical
1
2
3
.The Challenge of AI Opacity
AI systems, despite their widespread use, remain largely opaque, even to their creators. This opacity poses significant challenges when investigating failures or potential attacks on AI systems. Traditional forensic methods often fall short in capturing the necessary clues to fully investigate AI components, especially in advanced systems that continuously update their decision-making processes
1
2
3
.How AI Psychiatry Works
AI Psychiatry addresses these challenges by:
- Recovering and "reanimating" suspect AI models for systematic testing
- Using forensic algorithms to isolate data behind AI decision-making
- Reassembling the isolated components into a functional model identical to the original
- Analyzing the model in a controlled environment to identify harmful or hidden behaviors
The system takes a memory image as input, which provides a snapshot of the AI's operational state at the time of failure. This allows investigators to extract the exact AI model, dissect its components, and test it in a secure environment
1
2
3
.Proven Effectiveness
The Georgia Tech team tested AI Psychiatry on 30 AI models, including 24 intentionally "backdoored" models designed to produce incorrect outcomes under specific triggers. The system successfully recovered, rehosted, and tested all models, including those commonly used in real-world scenarios such as street sign recognition in autonomous vehicles
1
2
3
.Versatility and Open-Source Availability
AI Psychiatry's main algorithm is designed to be generic, focusing on universal components that all AI models use for decision-making. This approach makes it adaptable to various AI models using popular development frameworks. The tool is open-source, allowing any investigator to use it without prior knowledge of a specific AI architecture
1
2
3
.Related Stories
Implications for AI Audits and Oversight
As government agencies increasingly integrate AI systems into their workflows, the demand for AI audits is growing. AI Psychiatry offers a consistent forensic methodology that can be applied across diverse AI platforms and deployments. This capability is particularly valuable for conducting pre-emptive audits on AI systems, potentially preventing failures before they occur
1
2
3
.Future Impact
The development of AI Psychiatry represents a significant step forward in ensuring the reliability and trustworthiness of AI systems. By providing a means to investigate and understand AI failures, this tool has the potential to benefit both AI creators and the general public affected by AI-driven decisions. As AI continues to permeate various aspects of our lives, tools like AI Psychiatry will play a crucial role in maintaining transparency and accountability in AI systems
1
2
3
.References
Summarized by
Navi
[1]
Related Stories
Weekly Highlights
1
Oracle's AI-Driven Cloud Surge Propels Larry Ellison to World's Richest Status
Business and Economy
2
Tesla Proposes $1 Trillion Pay Package for Elon Musk Tied to Ambitious AI and Robotics Goals
Business and Economy
3
Anthropic's $1.5B AI Copyright Settlement: A Landmark Deal Under Scrutiny
Policy and Regulation
Weekly Highlights
Explore today's top stories
Your Daily Dose of Curated AI News
Don’t drown in AI news. We cut through the noise - filtering, ranking and summarizing the most important AI news, breakthroughs and research daily. Spend less time searching for the latest in AI and get straight to action.
