Break the AI: AI CTF Debriefing at PHDays 10

Continuing to develop the topic of AI security and risks, within the framework of the conference, we put together a track with reports and a CTF competition for security guards that affects AI risks. In this article, we will tell you about the competition: what tasks were and how it went.





AI CTF is not the first time, the past description of the format and tasks in the last article .





Analysis of tasks

. , “adversarial attacks”, . .





— , , . , , .





3v1l_k3yb04rd





— data privacy , .





( ), , - - . , . 





, API top-n , ( ). , , , . , - , . 





  Somewhere in



, , . Somewhere in Moscow City hacker Bob broke the system with password



, .





pr1v473_d474_5h0uld_b3_pr1v473



, AICTF{__}



.





, , , , : , , . . , , . .





Game of Cats

, .





, , , , , , "Next”. - , , , 50. , .





, , .





, , . 





: , , , . , .





AlexNetv2.0

, , .





, - . stegano — , . 





, AlexNet :





?





, , , , — . , .





deep- , :





h4ck3r

, . 





, , hacker score. !





? — adversarial attacks! black box . , .





web stegano, ! path traversal, , , - hacker score . 





— , , .





.





, , . 





, , , , , .





RuCTF, , .





BigLittleData

, — csv . ? —  pandas!





- :





, .





.





, . :





, , , . , .





PCA, :





Tensorch

CVE . , , . 





, . .





( ) :













, ALSR.





"" .





:





  1. , , . 





  2. , , : val_from_stack * 1.0.





  3. double .





:





  1. int , 3-, -1, , .





  2. 8 , , .





  3. -1.





, . :





.text:00000000000019C1                 mov     edx, 240h       ; nbytes
.text:00000000000019C6                 mov     rsi, rax        ; buf
.text:00000000000019C9                 mov     edi, 0          ; fd
.text:00000000000019CE                 call    _read
      
      



rax , :





.text:00000000000014AD                 movq    xmm0, rax       ; a
.text:00000000000014B2                 call    rdx             ;   
      
      



, 1 , ROP-. , _read





, .





:

DS , , . 3 , DS , 2 , , .





19 . , . , - , , . , . 





:









  1. pomo_or_not_pomo





  2. konodyuk (!)





: AWS DeepRacer, JetRacer AI racing robot, Jetson TX2 Module.





, , DS, !








All Articles