DECODE AI: Deception and Counter-Deception in Artificial Intelligence

Abstract

Problems and Objectives The objective of this proposal is to develop new theoretical foundationsand algorithms for AI systems to deceive adversaries and counter their deceptive tactics. Thealgorithms we develop will (1) take actions that instill false beliefs in adversaries, (2) infer adversaries#objectives and intentions, and (3) use novel tactics to counter willful, malicious adversarieswhoare also attempting to deceive and resist being deceived. These algorithms will be developedwith formal tradeoffs between (i) theirperformance in a main task, e.g., minesweeping, (ii) theeffectiveness of the deception/counter-deception that they provide, and (iii) the computational costand information they require. Throughout, we view deception and counter-deception as designcriteria for AI tools and we will design fundamentally novel approaches to them.AI uses automated perception-action loops that rapidly capture and process information, andour view is that these are new attack surfaces that can be exploited. In this project, we will crafta novel theory of deception that manipulates AI algorithms by strategically injecting misleadinginformation into them, and we will do so while countering adversaries# attempts to do the same.Our view is that every single action has the potential to not only accomplish sometask, such asminesweeping, but also to help establish information superiority over adversaries. This visiondrives the core questionthat we will answer: How can we systematically develop AI algorithmsthat deceive willful, malicious adversaries and overcome their attempts at deception?Technical Approaches We will answer this question along five intertwined research thrusts.Thrust #1 will develop techniques to infer adversaries# objectives from even limited observationsof them. Thrust #2 will synthesize decision policies that manipulate adversaries# beliefs aboutundisclosed states and objectives. Thrust #3 will interact with adversaries to manipulate theminto revealing more information than they intend. Thrust #4 will use deep learning to counteradversaries# deceptive tactics. Thrust #5 will implement all of these developments in the gameGoedendag to test, falsify, and refine our models of adversaries and interactions with them.The common thread running through the proposed research is modeling AI problems withsequential decision systems, such as partially observable stochastic games (POSGs) and uncertainpartially observable Markov decision processes (uPOMDPs). Along theway, we will account forgaps in a priori knowledge about adversaries, such as incomplete models of them, and instancesin which adversaries begin with information superiority.Outcomes and Impact on DoD Capabilities This project will create a comprehensive AIframework that can both deceive and counter deceptive tactics in large and even infinitely sizedproblems, regardless of whether it is or is not possible to directly interact with adversaries. Thefundamental research proposed in this project will lay the foundation for the Navy (and DoD morebroadly) to deploy unmanned assets that (i) can use AI to autonomously deceive their adversariesin order to create and sustain information superiority, (ii) are automatically hardened against adversaries#attempts at deception, and (iii) still complete their main tasks, such as exploring orminesweeping, even in light of (i) and (ii). Approved for public release.

Document Details

Document Type

DoD Grant Award

Publication Date

Nov 08, 2024

Source ID

N000142412432

Entities

Tags