system
The system addresses the challenge of threat classification and countermeasures for AI agents by using AI to identify and mitigate attacks, enhancing security through effective classification and continuous monitoring.
Patent Information
- Authority / Receiving Office
- JP · JP
- Patent Type
- Applications
- Current Assignee / Owner
- SOFTBANK GROUP CORP
- Filing Date
- 2024-12-18
- Publication Date
- 2026-06-30
AI Technical Summary
Existing systems face challenges in effectively classifying threats to AI agents and implementing appropriate countermeasures.
A system comprising a classification unit, countermeasure unit, and evaluation unit that uses AI to identify and classify threats such as data privacy attacks, model theft, adversarial sampling attacks, and DoS/DDoS attacks, and implements countermeasures like data encryption, authentication protocols, model watermarking, and AI-enabled WAFs, while continuously monitoring and updating security measures.
Enhances the security of AI agents by improving attack detection rates, reducing response times, and minimizing security events through accurate threat classification and proactive countermeasures.
Smart Images

Figure 2026108136000001_ABST
Abstract
Description
Technical Field
[0001] The technology of the present disclosure relates to a system.
Background Art
[0002] Patent Document 1 discloses a persona chatbot control method performed by at least one processor, including steps of receiving a user utterance, adding the user utterance to a prompt including an instruction sentence related to an explanation of a chatbot character, encoding the prompt, and inputting the encoded prompt into a language model to generate a chatbot utterance in response to the user utterance.
Prior Art Documents
Patent Documents
[0003]
Patent Document 1
Summary of the Invention
Problems to be Solved by the Invention
[0004] In the prior art, there is a problem that it is difficult to effectively classify threats to an AI agent and take appropriate countermeasures.
[0005] The system according to the embodiment aims to classify threats to an AI agent and take appropriate countermeasures.
Means for Solving the Problems
[0006] The system according to this embodiment comprises a classification unit, a countermeasure unit, an implementation unit, and an evaluation unit. The classification unit classifies threats to the AI agent. The countermeasure unit takes specific countermeasures against the threats classified by the classification unit. The implementation unit implements best practices based on the countermeasures taken by the countermeasure unit. The evaluation unit evaluates performance indicators based on the best practices implemented by the implementation unit. [Effects of the Invention]
[0007] The system according to this embodiment can classify threats to an AI agent and take appropriate countermeasures. [Brief explanation of the drawing]
[0008] [Figure 1] This is a conceptual diagram showing an example of the configuration of a data processing system according to the first embodiment. [Figure 2] This is a conceptual diagram showing an example of the essential functions of a data processing device and a smart device according to the first embodiment. [Figure 3] This is a conceptual diagram showing an example of the configuration of a data processing system according to the second embodiment. [Figure 4] This is a conceptual diagram showing an example of the main functions of a data processing device and smart glasses according to the second embodiment. [Figure 5] This is a conceptual diagram showing an example of the configuration of a data processing system according to the third embodiment. [Figure 6] This is a conceptual diagram showing an example of the main functions of a data processing device and a headset-type terminal according to the third embodiment. [Figure 7] This is a conceptual diagram showing an example of the configuration of a data processing system according to the fourth embodiment. [Figure 8] This is a conceptual diagram showing an example of the main functions of a data processing device and a robot according to the fourth embodiment. [Figure 9] This shows an emotion map where multiple emotions are mapped. [Figure 10] This shows an emotion map where multiple emotions are mapped. [Modes for carrying out the invention]
[0009] Hereinafter, an example of an embodiment of the system relating to the technology of this disclosure will be described with reference to the attached drawings.
[0010] First, let's explain the terminology used in the following explanation.
[0011] In the following embodiments, the signed processor (hereinafter simply referred to as "processor") may be a single arithmetic unit or a combination of multiple arithmetic units. Furthermore, the processor may be a single type of arithmetic unit or a combination of multiple types of arithmetic units. Examples of arithmetic units include CPU (Central Processing Unit), GPU (Graphics Processing Unit), GPGPU (General-Purpose computing on Graphics Processing Units), APU (Accelerated Processing Unit), or TPU (Tensor Processing Unit).
[0012] In the following embodiments, signed RAM (Random Access Memory) is a memory that temporarily stores information and is used as work memory by the processor.
[0013] In the following embodiments, the signed storage is one or more non-volatile storage devices that store various programs and various parameters. Examples of non-volatile storage devices include flash memory (SSD (Solid State Drive)), magnetic disks (e.g., hard disks), or magnetic tapes.
[0014] In the following embodiments, the numbered communication I / F (Interface) is an interface including a communication processor, an antenna, etc. The communication I / F manages communication between multiple computers. Examples of communication standards applicable to the communication I / F include wireless communication standards such as 5G (5th Generation Mobile Communication System), Wi-Fi (registered trademark), or Bluetooth (registered trademark).
[0015] In the following embodiments, "A and / or B" is synonymous with "at least one of A and B". That is, "A and / or B" means that it may be only A, only B, or a combination of A and B. Also, in this specification, when expressing three or more matters connected by "and / or", the same concept as "A and / or B" is applied.
[0016] [First Embodiment] FIG. 1 shows an example of the configuration of a data processing system 10 according to the first embodiment.
[0017] As shown in FIG. 1, the data processing system 10 includes a data processing device 12 and a smart device 14. An example of the data processing device 12 is a server.
[0018] The data processing device 12 includes a computer 22, a database 24, and a communication I / F 26. The computer 22 includes a processor 28, a RAM 30, and a storage 32. The processor 28, the RAM 30, and the storage 32 are connected to a bus 34. Also, the database 24 and the communication I / F 26 are connected to the bus 34. The communication I / F 26 is connected to a network 54. Examples of the network 54 include a WAN (Wide Area Network) and / or a LAN (Local Area Network).
[0019] The smart device 14 comprises a computer 36, a reception device 38, an output device 40, a camera 42, and a communication interface 44. The computer 36 comprises a processor 46, RAM 48, and storage 50. The processor 46, RAM 48, and storage 50 are connected to a bus 52. The reception device 38, output device 40, and camera 42 are also connected to the bus 52.
[0020] The reception device 38 is equipped with a touch panel 38A and a microphone 38B, and accepts user input. The touch panel 38A accepts user input via touch by detecting contact with an object (e.g., a pen or finger). The microphone 38B accepts user input via voice by detecting the user's voice. The control unit 46A transmits data indicating the user input received by the touch panel 38A and microphone 38B to the data processing unit 12. In the data processing unit 12, the specific processing unit 290 (see Figure 2) acquires the data indicating the user input.
[0021] The output device 40 includes a display 40A and a speaker 40B, and presents data to the user by outputting the data in a form perceptible to the user (e.g., audio and / or text). The display 40A displays visible information such as text and images according to instructions from the processor 46. The speaker 40B outputs audio according to instructions from the processor 46. The camera 42 is a small digital camera equipped with an optical system such as a lens, aperture, and shutter, and an image sensor such as a CMOS (Complementary Metal-Oxide-Semiconductor) image sensor or a CCD (Charge Coupled Device) image sensor.
[0022] Communication interface 44 is connected to network 54. Communication interfaces 44 and 26 are responsible for the exchange of various types of information between processor 46 and processor 28 via network 54.
[0023] Figure 2 shows an example of the main functions of the data processing device 12 and the smart device 14.
[0024] As shown in Figure 2, in the data processing device 12, a specific processing is performed by the processor 28. A specific processing program 56 is stored in the storage 32. The specific processing program 56 is an example of a "program" related to the technology of this disclosure. The processor 28 reads the specific processing program 56 from the storage 32 and executes the read specific processing program 56 on the RAM 30. The specific processing is realized by the processor 28 operating as a specific processing unit 290 according to the specific processing program 56 executed on the RAM 30.
[0025] Storage 32 stores the data generation model 58 and the emotion identification model 59. The data generation model 58 and the emotion identification model 59 are used by the identification processing unit 290. The identification processing unit 290 can estimate the user's emotions using the emotion identification model 59 and perform identification processing using the user's emotions. The emotion estimation function (emotion identification function) using the emotion identification model 59 performs various estimations and predictions regarding the user's emotions, including but not limited to these examples. Furthermore, emotion estimation and prediction also include, for example, emotion analysis.
[0026] In the smart device 14, specific processing is performed by the processor 46. The storage 50 stores a specific processing program 60. The specific processing program 60 is used in conjunction with the specific processing program 56 by the data processing system 10. The processor 46 reads the specific processing program 60 from the storage 50 and executes the read specific processing program 60 on the RAM 48. The specific processing is realized by the processor 46 operating as a control unit 46A according to the specific processing program 60 executed on the RAM 48. The smart device 14 also has a data generation model 58 and an emotion identification model 59, similar to the data generation model and emotion identification model 59, and can perform processing similar to that of the specific processing unit 290 using these models.
[0027] Furthermore, other devices besides the data processing device 12 may also have the data generation model 58. For example, a server device (e.g., a generation server) may have the data generation model 58. In this case, the data processing device 12 obtains processing results (such as prediction results) using the data generation model 58 by communicating with the server device having the data generation model 58. The data processing device 12 may also be a server device or a terminal device owned by a user (e.g., a mobile phone, robot, home appliance, etc.). Next, an example of processing by the data processing system 10 according to the first embodiment will be described.
[0028] (Example of form 1) The security system according to an embodiment of the present invention is a system for protecting AI agents from various attacks. This security system classifies threats to AI agents and identifies threats such as data privacy attacks, model theft, adversarial sampling attacks, supply chain attacks, and DoS / DDoS attacks. Next, it takes specific countermeasures against these threats. For example, it implements data encryption and authentication / authorization protocols to protect data privacy, and models are protected by model watermarking and adversarial sampling. It also uses traffic filtering and an AI-enabled WAF to defend against DoS / DDoS attacks. Furthermore, it incorporates the latest security technologies and best practices, updates security policies based on threat intelligence, and performs monitoring and log management. Specifically, it monitors AI operation logs and security events and utilizes SIEM tools. It also conducts regular penetration tests and strives for continuous improvement through the PDCA cycle of security operations. For example, the security system classifies threats to AI agents. For example, it identifies threats such as data privacy attacks, model theft, adversarial sampling attacks, supply chain attacks, and DoS / DDoS attacks. Next, it takes specific countermeasures against these threats. For example, data encryption and authentication / authorization protocols are implemented to protect data privacy, and model watermarking and adversarial sample defenses are used to protect models. Traffic filtering and AI-enabled WAFs are also used to defend against DoS / DDoS attacks. Furthermore, the latest security technologies and best practices are adopted, security policies are updated based on threat intelligence, and monitoring and log management are performed. Specifically, AI operation logs and security events are monitored, and SIEM tools are utilized. Regular penetration testing is also conducted, and continuous improvement is pursued through the PDCA cycle of security operations. This strengthens the security of AI agents and improves performance indicators such as attack detection rates, mean response times, and security event reduction rates.This allows security systems to enhance the security of AI agents and improve performance metrics such as attack detection rates, average response time, and security event reduction rates.
[0029] The security system according to this embodiment comprises a classification unit, a countermeasure unit, an implementation unit, and an evaluation unit. The classification unit classifies threats to the AI agent. For example, the classification unit classifies data privacy attacks, model theft, adversarial sample attacks, supply chain attacks, and DoS / DDoS attacks. The classification unit can identify and classify the type of threat using AI. For example, the classification unit can identify and classify data privacy attacks using AI. The classification unit can also identify and classify model theft using AI. Furthermore, the classification unit can also identify and classify adversarial sample attacks using AI. The countermeasure unit takes specific countermeasures against the threats classified by the classification unit. For example, the countermeasure unit implements data encryption, authentication and authorization protocols, model watermarking, adversarial sample defense, traffic filtering, and an AI-enabled WAF. The countermeasure unit can take specific countermeasures using AI. For example, the countermeasure unit can implement data encryption using AI. Furthermore, the countermeasure unit can implement authentication and authorization protocols using AI. Furthermore, the countermeasures department can also perform model watermarking using AI. The implementation department implements best practices based on the countermeasures taken by the countermeasures department. The implementation department performs, for example, threat intelligence, monitoring and log management, and periodic penetration testing. The implementation department can implement best practices using AI. For example, the implementation department can perform threat intelligence using AI. The implementation department can also perform monitoring and log management using AI. Furthermore, the implementation department can also perform periodic penetration testing using AI. The evaluation department evaluates performance indicators based on the best practices implemented by the implementation department. The evaluation department evaluates, for example, attack detection rate, average response time, and security event reduction rate. The evaluation department can evaluate performance indicators using AI. For example, the evaluation department can evaluate attack detection rate using AI. The evaluation department can also evaluate average response time using AI. Furthermore, the evaluation department can also evaluate security event reduction rate using AI.As a result, the security system according to the embodiment can enhance the security of the AI agent and improve performance indicators such as attack detection rate, average response time, and security event reduction rate.
[0030] The classification unit categorizes threats to the AI agent. For example, the classification unit classifies data privacy attacks, model theft, adversarial sampling attacks, supply chain attacks, and DoS / DDoS attacks. The classification unit can use AI to identify and classify the type of threat. Specifically, the AI analyzes large amounts of log data and network traffic to detect anomalous patterns and behaviors. For example, in the case of data privacy attacks, the AI detects anomalous patterns of data access and determines whether this is an attempt to illegally extract data. Regarding model theft, the AI monitors model usage patterns and detects unusual access or download attempts. In adversarial sampling attacks, the AI analyzes anomalous features of input data and determines whether this is an adversarial attempt to induce model malfunction. For supply chain attacks, the AI monitors data from software and hardware suppliers and detects anomalous data or updates from unreliable suppliers. Regarding DoS / DDoS attacks, the AI detects sudden increases in network traffic or excessive requests to specific services and determines whether this is an attack aimed at denial of service. This allows the classification unit to use AI to quickly and accurately identify and classify a variety of threats. Furthermore, the classification unit can share this threat information with other systems and departments, providing a foundation for strengthening overall security measures.
[0031] The Countermeasures Department implements specific countermeasures against threats classified by the Classification Department. For example, the Countermeasures Department implements data encryption, authentication and authorization protocols, model watermarking, adversarial sample defense, traffic filtering, and AI-enabled WAFs. The Countermeasures Department can use AI to implement specific countermeasures. Specifically, in data encryption, the AI selects the optimal encryption algorithm according to the importance and confidentiality of the data and encrypts the data in real time. Regarding authentication and authorization protocols, the AI analyzes user behavior patterns and access history to detect and block abnormal access attempts. In model watermarking, the AI embeds identification information into the model to prevent misuse and theft. In adversarial sample defense, the AI analyzes input data in real time to detect and block data with adversarial characteristics. In traffic filtering, the AI monitors network traffic, detects abnormal traffic patterns, and filters them. In AI-enabled WAFs (Web Application Firewalls), the AI analyzes requests to web applications to detect and block signs of attacks. This allows the Countermeasures Department to implement specific and effective countermeasures against a variety of threats using AI. Furthermore, the countermeasures department will continuously monitor these measures and update and strengthen them as needed to maintain the reliability and effectiveness of the security system.
[0032] The Implementation Department implements best practices based on the countermeasures taken by the Countermeasures Department. For example, the Implementation Department conducts threat intelligence, monitoring and log management, and periodic penetration testing. The Implementation Department can utilize AI to implement best practices. Specifically, in threat intelligence, AI collects data from external threat sources and analyzes it to identify new threats and attack methods. Regarding monitoring and log management, AI analyzes system-wide log data in real time to detect anomalous activity and security incidents. In periodic penetration testing, AI automatically scans the system for vulnerabilities, identifying and remediating potential security holes. This allows the Implementation Department to continuously monitor the system's security status using AI and take necessary measures quickly. Furthermore, the Implementation Department can maintain optimal system security at all times by regularly reviewing these best practices and updating them based on the latest threat information and technological trends. This enables the Implementation Department to leverage AI to implement advanced security measures and improve the overall system security level.
[0033] The evaluation department evaluates performance indicators based on best practices implemented by the implementation department. For example, the evaluation department evaluates attack detection rates, average response times, and security event reduction rates. The evaluation department can use AI to evaluate performance indicators. Specifically, for attack detection rates, the AI compares past attack data with current detection data to evaluate improvements in detection rates. Regarding average response times, the AI analyzes the time from the occurrence of a security incident to the completion of the response to evaluate reductions in response times. For security event reduction rates, the AI analyzes the frequency of security events across the entire system to evaluate the effectiveness of countermeasures. This allows the evaluation department to quantitatively evaluate performance indicators using AI and objectively understand the system's security status. Furthermore, based on these evaluation results, the evaluation department can propose improvements and additional measures to the countermeasures and implementation departments. For example, if the attack detection rate is declining, the evaluation department proposes the introduction of a new detection algorithm. Also, if the average response time is long, the evaluation department proposes a review of the response process or the introduction of automation. This allows the evaluation department to continuously evaluate the system's security status using AI and provide feedback for improvement.
[0034] The classification unit can classify data privacy attacks, model theft, adversarial sampling attacks, supply chain attacks, and DoS / DDoS attacks. For example, the classification unit can classify data privacy attacks. The classification unit can identify and classify data privacy attacks such as unauthorized access to data and information leakage. The classification unit can also classify model theft. The classification unit can identify and classify model theft such as unauthorized copying of machine learning models and infringement of intellectual property. Furthermore, the classification unit can also classify adversarial sampling attacks. The classification unit can identify and classify adversarial sampling attacks such as the creation of input data that induces misidentification of AI models. This allows for the specific classification of threats, enabling appropriate countermeasures to be taken. Some or all of the above processing in the classification unit may be performed using AI, for example, or not using AI. For example, the classification unit can have a generative AI perform the identification and classification of data privacy attacks.
[0035] The countermeasures unit can implement data encryption, authentication and authorization protocols, model watermarking, adversarial sample protection, traffic filtering, and AI-enabled WAFs. For example, the countermeasures unit can implement data encryption. The countermeasures unit can protect data using data encryption technologies such as AES encryption and RSA encryption. The countermeasures unit can also implement authentication and authorization protocols. The countermeasures unit can enhance access control using authentication and authorization protocols such as OAuth and SAML. Furthermore, the countermeasures unit can implement model watermarking. The countermeasures unit can protect machine learning models using digital watermarking technology. This allows for enhanced defense against threats by implementing specific countermeasures. Some or all of the above processes in the countermeasures unit may be performed using AI, for example, or not using AI. For example, the countermeasures unit can have a generative AI perform data encryption.
[0036] The implementation unit can perform threat intelligence, monitoring and log management, and periodic penetration testing. For example, the implementation unit can perform threat intelligence activities such as collecting, analyzing, and sharing threat information. The implementation unit can also perform monitoring and log management activities such as real-time monitoring and log collection and analysis. Furthermore, the implementation unit can also perform periodic penetration testing. The implementation unit can perform periodic penetration testing such as annual tests and tests by external experts. This allows for the maintenance and improvement of security through threat intelligence, monitoring and log management, and periodic penetration testing. Some or all of the above processes performed by the implementation unit may be performed using AI, for example, or not. For example, the implementation unit can have a generative AI perform the implementation of threat intelligence.
[0037] The evaluation unit can evaluate the attack detection rate, average response time, and security event reduction rate. For example, the evaluation unit can evaluate the attack detection rate. The evaluation unit can evaluate the attack detection rate based on criteria such as the method of calculating the detection rate and the frequency of evaluation. The evaluation unit can also evaluate the average response time. The evaluation unit can evaluate the average response time based on criteria such as the method of measuring the response time and the frequency of evaluation. Furthermore, the evaluation unit can also evaluate the security event reduction rate. The evaluation unit can evaluate the security event reduction rate based on criteria such as the method of calculating the reduction rate and the frequency of evaluation. By evaluating performance indicators, the effectiveness of security measures can be confirmed and improvements can be made. Some or all of the above processing in the evaluation unit may be performed using AI, for example, or without using AI. For example, the evaluation unit can have a generating AI perform the evaluation of the attack detection rate.
[0038] The classification unit can analyze historical threat data and determine classification priorities based on the frequency and impact of threats. For example, the classification unit can analyze threat data from the past year and prioritize the classification of frequently occurring threats. The classification unit can also prioritize the classification of high-impact threats and postpone the classification of low-priority threats. Furthermore, based on historical threat data, the classification unit can predict threats that are likely to occur during a specific period and prioritize their classification. This allows for appropriate determination of threat priorities by analyzing historical threat data. Some or all of the above processing in the classification unit may be performed using AI, for example, or not. For example, the classification unit can have a generative AI perform the analysis of historical threat data.
[0039] The classification unit can set detailed subcategories based on the source of the threat and the attack method. For example, if the source of the threat is concentrated in a particular country or region, the classification unit can set a subcategory based on that region. If the attack methods differ, such as phishing and malware, the classification unit can also set a subcategory based on each method. Furthermore, if the source of the threat is concentrated in a particular IP address range, the classification unit can also set a subcategory based on that IP address range. This allows for a detailed classification of threats by setting subcategories based on the source of the threat and the attack method. Some or all of the above processing in the classification unit may be performed using AI, for example, or not. For example, the classification unit can have a generating AI perform the identification of the source of the threat and the attack method and the setting of subcategories.
[0040] The classification unit can perform classification while considering the geographical distribution of threats. For example, the classification unit can display the areas where threats occur on a map and classify them based on their geographical distribution. The classification unit can also prioritize the classification of threats occurring in specific areas and strengthen security measures in those areas. Furthermore, the classification unit can analyze the trends in threat occurrence based on geographical distribution and take preventive measures. This makes it possible to take appropriate measures against threats in each region by considering the geographical distribution of threats. Some or all of the above processing in the classification unit may be performed using AI, for example, or not using AI. For example, the classification unit can have a generating AI perform the analysis of the geographical distribution of threats.
[0041] The classification unit can improve the accuracy of its classification by referring to relevant threat literature. For example, the classification unit can improve the accuracy of its classification by referring to the latest security research papers when classifying threats. The classification unit can also improve the accuracy of its classification by referring to past security incident reports when classifying threats. Furthermore, the classification unit can improve the accuracy of its classification by referring to industry best practices when classifying threats. This improves the accuracy of classification by referring to relevant threat literature. Some or all of the above processes in the classification unit may be performed using AI, for example, or not using AI. For example, the classification unit can have a generating AI perform the referencing of relevant threat literature.
[0042] The countermeasures department can analyze past countermeasures data and select the optimal countermeasure based on its effectiveness and implementation cost. For example, the countermeasures department can analyze past countermeasures data and select the most effective countermeasure. The countermeasures department can also consider the implementation cost of the countermeasure and select a cost-effective countermeasure. Furthermore, the countermeasures department can select the optimal countermeasure for a specific threat based on past countermeasures data. In this way, the optimal countermeasure can be selected by analyzing past countermeasures data. Some or all of the above processes in the countermeasures department may be performed using AI, for example, or not using AI. For example, the countermeasures department can have a generative AI perform the analysis of past countermeasures data.
[0043] The countermeasures unit can apply different countermeasures depending on the type and severity of the threat. For example, the unit can apply data encryption to data privacy attacks. It can also apply model watermarking to model theft. Furthermore, it can apply traffic filtering to DoS / DDoS attacks. This allows for more effective countermeasures by applying countermeasures according to the type and severity of the threat. Some or all of the above processing in the countermeasures unit may be performed using AI, for example, or without AI. For example, the countermeasures unit can have a generative AI perform the application of countermeasures according to the type and severity of the threat.
[0044] The countermeasures department can adjust the priority of countermeasures based on the timing of threat occurrences. For example, if threat occurrences are concentrated in a specific period, the department will prioritize countermeasures during that period. The countermeasures department can also adjust the timing of countermeasure implementation based on the timing of threat occurrences. Furthermore, the countermeasures department can predict the timing of threat occurrences and take countermeasures in advance. This allows for more effective countermeasures by adjusting the priority of countermeasures based on the timing of threat occurrences. Some or all of the above processes in the countermeasures department may be performed using AI, for example, or not. For example, the countermeasures department can have a generative AI perform the analysis of threat occurrence timings.
[0045] The countermeasures department can take countermeasures by referring to relevant market data on threats. For example, the countermeasures department can refer to relevant market data on threats and select the optimal countermeasure. The countermeasures department can also adjust the timing of countermeasure implementation based on market data. Furthermore, the countermeasures department can analyze market data, predict threat occurrence trends, and take countermeasures. This makes it possible to take more effective countermeasures by referring to relevant market data on threats. Some or all of the above processes in the countermeasures department may be performed using AI, for example, or not using AI. For example, the countermeasures department can have a generating AI perform the referencing of relevant market data on threats.
[0046] The implementation department can analyze past implementation data and select the optimal implementation method based on the effectiveness and cost of the implementation. For example, the implementation department can analyze past implementation data and select the most effective implementation method. The implementation department can also consider the effectiveness and cost of the implementation and select a cost-effective implementation method. Furthermore, the implementation department can select the optimal implementation method for a specific threat based on past implementation data. In this way, the optimal implementation method can be selected by analyzing past implementation data. Some or all of the above processes in the implementation department may be performed using AI, for example, or not using AI. For example, the implementation department can have a generative AI perform the analysis of past implementation data.
[0047] The implementation unit can apply different implementation methods depending on the type and impact of the threat when implementing best practices. For example, the implementation unit can apply data encryption against data privacy attacks. The implementation unit can also apply model watermarking against model theft. Furthermore, the implementation unit can apply traffic filtering against DoS / DDoS attacks. This allows for more effective implementation by applying implementation methods according to the type and impact of the threat. Some or all of the above processing in the implementation unit may be performed using AI, for example, or not using AI. For example, the implementation unit can have a generative AI perform the application of implementation methods according to the type and impact of the threat.
[0048] The implementation unit can adjust the priority of best practices based on the timing of threat occurrences. For example, if threat occurrences are concentrated in a specific period, the implementation unit will prioritize the implementation of best practices during that period. The implementation unit can also adjust the timing of best practice implementation based on the timing of threat occurrences. Furthermore, the implementation unit can predict the timing of threat occurrences and implement best practices in advance. This allows for more effective implementation by adjusting the priority of implementation based on the timing of threat occurrences. Some or all of the above processes in the implementation unit may be performed using AI, for example, or not using AI. For example, the implementation unit can have a generative AI perform the analysis of threat occurrence timing.
[0049] The implementation unit can refer to relevant market data on threats when implementing best practices. For example, the implementation unit can refer to relevant market data on threats and select the most appropriate best practices. The implementation unit can also adjust the timing of best practice implementation based on market data. Furthermore, the implementation unit can analyze market data, predict threat trends, and implement best practices accordingly. This allows for more effective implementation by referring to relevant market data on threats. Some or all of the above processes in the implementation unit may be performed using AI, for example, or not using AI. For example, the implementation unit can have a generating AI perform the referencing of relevant market data on threats.
[0050] The evaluation unit can analyze past evaluation data and optimize the evaluation method based on the accuracy and reliability of the evaluation. For example, the evaluation unit can analyze past evaluation data and select the most reliable evaluation method. The evaluation unit can also adjust the evaluation criteria based on past evaluation data to improve the accuracy of the evaluation. Furthermore, the evaluation unit can optimize the evaluation method for specific threats based on past evaluation data. In this way, the evaluation method can be optimized by analyzing past evaluation data. Some or all of the above processes in the evaluation unit may be performed using AI, for example, or not using AI. For example, the evaluation unit can have a generative AI perform the analysis of past evaluation data.
[0051] The evaluation unit can apply different evaluation methods depending on the type and impact of the threat when evaluating performance indicators. For example, the evaluation unit can apply data protection evaluation criteria to data privacy attacks. The evaluation unit can also apply model protection evaluation criteria to model theft. Furthermore, the evaluation unit can apply service availability evaluation criteria to DoS / DDoS attacks. This allows for a more appropriate evaluation by applying evaluation methods according to the type and impact of the threat. Some or all of the above processing in the evaluation unit may be performed using AI, for example, or without AI. For example, the evaluation unit can have a generating AI perform the application of evaluation methods according to the type and impact of the threat.
[0052] The evaluation unit can determine the priority of evaluations based on the timing of threat occurrences when evaluating performance indicators. For example, if the timing of threat occurrences is concentrated in a particular period, the evaluation unit will prioritize the evaluation of that period. The evaluation unit can also adjust the priority of evaluations based on the timing of threat occurrences. Furthermore, the evaluation unit can predict the timing of threat occurrences and conduct evaluations in advance. This allows for more appropriate evaluations by determining the priority of evaluations based on the timing of threat occurrences. Some or all of the above processes in the evaluation unit may be performed using AI, for example, or not using AI. For example, the evaluation unit can have a generative AI perform the analysis of the timing of threat occurrences.
[0053] The evaluation unit can perform evaluations by referring to relevant market data on threats when evaluating performance indicators. For example, the evaluation unit can refer to relevant market data on threats and select the optimal evaluation method. The evaluation unit can also adjust the timing of evaluations based on market data. Furthermore, the evaluation unit can analyze market data and predict threat occurrence trends to perform evaluations. This allows for more appropriate evaluations by referring to relevant market data on threats. Some or all of the above processes in the evaluation unit may be performed using AI, for example, or without AI. For example, the evaluation unit can have a generating AI perform the referencing of relevant market data on threats.
[0054] The system according to the embodiment is not limited to the example described above, and various modifications are possible, for example, as follows.
[0055] The classification unit can consider a user's past behavioral history when classifying threats. For example, if a user has reacted sensitively to a particular threat in the past, that threat will be given priority in classification. Furthermore, if a user has a history of taking countermeasures against a particular threat in the past, that threat can be given higher priority when reclassifying it. This allows for more personalized threat classification by considering the user's past behavioral history.
[0056] The countermeasures department can consider the user's current system resource usage when implementing countermeasures against threats. For example, if system resources are under heavy load, countermeasures that consume fewer resources will be prioritized. Conversely, if there are available system resources, more powerful countermeasures can be implemented. Furthermore, the timing of countermeasure implementation can be adjusted according to system resource usage. This allows for efficient countermeasure implementation by considering system resource usage.
[0057] The implementation department can share threat information in real time during the collection of threat intelligence. For example, it can collaborate with other security systems and the security community to share the latest threat information in real time. Furthermore, real-time threat information sharing enables rapid countermeasures. In addition, real-time threat information sharing enables early detection of threats and rapid response. In this way, security can be strengthened by sharing threat information in real time.
[0058] The evaluation department can consider user feedback when evaluating performance indicators. For example, it can adjust evaluation criteria based on user feedback. It can also improve evaluation results based on user feedback. Furthermore, it can optimize evaluation methods based on user feedback. This allows for more appropriate evaluations by considering user feedback.
[0059] The classification unit can consider both the frequency and impact of a threat simultaneously. For example, it can prioritize classifying threats that occur frequently and have a high impact. Conversely, it can postpone the classification of threats that occur infrequently and have a low impact. Furthermore, it can adjust the classification priority by considering the balance between frequency and impact. This allows for more effective threat classification by considering both frequency and impact simultaneously.
[0060] The following briefly describes the processing flow for example form 1.
[0061] Step 1: The classification unit classifies threats to the AI agent. For example, the classification unit classifies data privacy attacks, model theft, adversarial sampling attacks, supply chain attacks, and DoS / DDoS attacks. The classification unit can use AI to identify and classify the type of threat. Step 2: The countermeasures department implements specific countermeasures against the threats classified by the classification department. For example, the countermeasures department implements data encryption, authentication and authorization protocols, model watermarking, adversarial sample protection, traffic filtering, and AI-enabled WAFs. The countermeasures department can use AI to implement specific countermeasures. Step 3: The implementation team implements best practices based on the countermeasures taken by the countermeasures team. For example, the implementation team conducts threat intelligence, monitoring and log management, and periodic penetration testing. The implementation team can use AI to implement best practices. Step 4: The evaluation unit evaluates performance indicators based on the best practices implemented by the implementation unit. For example, the evaluation unit evaluates attack detection rate, average response time, and security event reduction rate. The evaluation unit may use AI to evaluate performance indicators.
[0062] (Example of form 2) The security system according to an embodiment of the present invention is a system for protecting AI agents from various attacks. This security system classifies threats to AI agents and identifies threats such as data privacy attacks, model theft, adversarial sampling attacks, supply chain attacks, and DoS / DDoS attacks. Next, it takes specific countermeasures against these threats. For example, it implements data encryption and authentication / authorization protocols to protect data privacy, and models are protected by model watermarking and adversarial sampling. It also uses traffic filtering and an AI-enabled WAF to defend against DoS / DDoS attacks. Furthermore, it incorporates the latest security technologies and best practices, updates security policies based on threat intelligence, and performs monitoring and log management. Specifically, it monitors AI operation logs and security events and utilizes SIEM tools. It also conducts regular penetration tests and strives for continuous improvement through the PDCA cycle of security operations. For example, the security system classifies threats to AI agents. For example, it identifies threats such as data privacy attacks, model theft, adversarial sampling attacks, supply chain attacks, and DoS / DDoS attacks. Next, it takes specific countermeasures against these threats. For example, data encryption and authentication / authorization protocols are implemented to protect data privacy, and model watermarking and adversarial sample defenses are used to protect models. Traffic filtering and AI-enabled WAFs are also used to defend against DoS / DDoS attacks. Furthermore, the latest security technologies and best practices are adopted, security policies are updated based on threat intelligence, and monitoring and log management are performed. Specifically, AI operation logs and security events are monitored, and SIEM tools are utilized. Regular penetration testing is also conducted, and continuous improvement is pursued through the PDCA cycle of security operations. This strengthens the security of AI agents and improves performance indicators such as attack detection rates, mean response times, and security event reduction rates.This allows security systems to enhance the security of AI agents and improve performance metrics such as attack detection rates, average response time, and security event reduction rates.
[0063] The security system according to this embodiment comprises a classification unit, a countermeasure unit, an implementation unit, and an evaluation unit. The classification unit classifies threats to the AI agent. For example, the classification unit classifies data privacy attacks, model theft, adversarial sample attacks, supply chain attacks, and DoS / DDoS attacks. The classification unit can identify and classify the type of threat using AI. For example, the classification unit can identify and classify data privacy attacks using AI. The classification unit can also identify and classify model theft using AI. Furthermore, the classification unit can also identify and classify adversarial sample attacks using AI. The countermeasure unit takes specific countermeasures against the threats classified by the classification unit. For example, the countermeasure unit implements data encryption, authentication and authorization protocols, model watermarking, adversarial sample defense, traffic filtering, and an AI-enabled WAF. The countermeasure unit can take specific countermeasures using AI. For example, the countermeasure unit can implement data encryption using AI. Furthermore, the countermeasure unit can implement authentication and authorization protocols using AI. Furthermore, the countermeasures department can also perform model watermarking using AI. The implementation department implements best practices based on the countermeasures taken by the countermeasures department. The implementation department performs, for example, threat intelligence, monitoring and log management, and periodic penetration testing. The implementation department can implement best practices using AI. For example, the implementation department can perform threat intelligence using AI. The implementation department can also perform monitoring and log management using AI. Furthermore, the implementation department can also perform periodic penetration testing using AI. The evaluation department evaluates performance indicators based on the best practices implemented by the implementation department. The evaluation department evaluates, for example, attack detection rate, average response time, and security event reduction rate. The evaluation department can evaluate performance indicators using AI. For example, the evaluation department can evaluate attack detection rate using AI. The evaluation department can also evaluate average response time using AI. Furthermore, the evaluation department can also evaluate security event reduction rate using AI.As a result, the security system according to the embodiment can enhance the security of the AI agent and improve performance indicators such as attack detection rate, average response time, and security event reduction rate.
[0064] The classification unit categorizes threats to the AI agent. For example, the classification unit classifies data privacy attacks, model theft, adversarial sampling attacks, supply chain attacks, and DoS / DDoS attacks. The classification unit can use AI to identify and classify the type of threat. Specifically, the AI analyzes large amounts of log data and network traffic to detect anomalous patterns and behaviors. For example, in the case of data privacy attacks, the AI detects anomalous patterns of data access and determines whether this is an attempt to illegally extract data. Regarding model theft, the AI monitors model usage patterns and detects unusual access or download attempts. In adversarial sampling attacks, the AI analyzes anomalous features of input data and determines whether this is an adversarial attempt to induce model malfunction. For supply chain attacks, the AI monitors data from software and hardware suppliers and detects anomalous data or updates from unreliable suppliers. Regarding DoS / DDoS attacks, the AI detects sudden increases in network traffic or excessive requests to specific services and determines whether this is an attack aimed at denial of service. This allows the classification unit to use AI to quickly and accurately identify and classify a variety of threats. Furthermore, the classification unit can share this threat information with other systems and departments, providing a foundation for strengthening overall security measures.
[0065] The Countermeasures Department implements specific countermeasures against threats classified by the Classification Department. For example, the Countermeasures Department implements data encryption, authentication and authorization protocols, model watermarking, adversarial sample defense, traffic filtering, and AI-enabled WAFs. The Countermeasures Department can use AI to implement specific countermeasures. Specifically, in data encryption, the AI selects the optimal encryption algorithm according to the importance and confidentiality of the data and encrypts the data in real time. Regarding authentication and authorization protocols, the AI analyzes user behavior patterns and access history to detect and block abnormal access attempts. In model watermarking, the AI embeds identification information into the model to prevent misuse and theft. In adversarial sample defense, the AI analyzes input data in real time to detect and block data with adversarial characteristics. In traffic filtering, the AI monitors network traffic, detects abnormal traffic patterns, and filters them. In AI-enabled WAFs (Web Application Firewalls), the AI analyzes requests to web applications to detect and block signs of attacks. This allows the Countermeasures Department to implement specific and effective countermeasures against a variety of threats using AI. Furthermore, the countermeasures department will continuously monitor these measures and update and strengthen them as needed to maintain the reliability and effectiveness of the security system.
[0066] The Implementation Department implements best practices based on the countermeasures taken by the Countermeasures Department. For example, the Implementation Department conducts threat intelligence, monitoring and log management, and periodic penetration testing. The Implementation Department can utilize AI to implement best practices. Specifically, in threat intelligence, AI collects data from external threat sources and analyzes it to identify new threats and attack methods. Regarding monitoring and log management, AI analyzes system-wide log data in real time to detect anomalous activity and security incidents. In periodic penetration testing, AI automatically scans the system for vulnerabilities, identifying and remediating potential security holes. This allows the Implementation Department to continuously monitor the system's security status using AI and take necessary measures quickly. Furthermore, the Implementation Department can maintain optimal system security at all times by regularly reviewing these best practices and updating them based on the latest threat information and technological trends. This enables the Implementation Department to leverage AI to implement advanced security measures and improve the overall system security level.
[0067] The evaluation department evaluates performance indicators based on best practices implemented by the implementation department. For example, the evaluation department evaluates attack detection rates, average response times, and security event reduction rates. The evaluation department can use AI to evaluate performance indicators. Specifically, for attack detection rates, the AI compares past attack data with current detection data to evaluate improvements in detection rates. Regarding average response times, the AI analyzes the time from the occurrence of a security incident to the completion of the response to evaluate reductions in response times. For security event reduction rates, the AI analyzes the frequency of security events across the entire system to evaluate the effectiveness of countermeasures. This allows the evaluation department to quantitatively evaluate performance indicators using AI and objectively understand the system's security status. Furthermore, based on these evaluation results, the evaluation department can propose improvements and additional measures to the countermeasures and implementation departments. For example, if the attack detection rate is declining, the evaluation department proposes the introduction of a new detection algorithm. Also, if the average response time is long, the evaluation department proposes a review of the response process or the introduction of automation. This allows the evaluation department to continuously evaluate the system's security status using AI and provide feedback for improvement.
[0068] The classification unit can classify data privacy attacks, model theft, adversarial sampling attacks, supply chain attacks, and DoS / DDoS attacks. For example, the classification unit can classify data privacy attacks. The classification unit can identify and classify data privacy attacks such as unauthorized access to data and information leakage. The classification unit can also classify model theft. The classification unit can identify and classify model theft such as unauthorized copying of machine learning models and infringement of intellectual property. Furthermore, the classification unit can also classify adversarial sampling attacks. The classification unit can identify and classify adversarial sampling attacks such as the creation of input data that induces misidentification of AI models. This allows for the specific classification of threats, enabling appropriate countermeasures to be taken. Some or all of the above processing in the classification unit may be performed using AI, for example, or not using AI. For example, the classification unit can have a generative AI perform the identification and classification of data privacy attacks.
[0069] The countermeasures unit can implement data encryption, authentication and authorization protocols, model watermarking, adversarial sample protection, traffic filtering, and AI-enabled WAFs. For example, the countermeasures unit can implement data encryption. The countermeasures unit can protect data using data encryption technologies such as AES encryption and RSA encryption. The countermeasures unit can also implement authentication and authorization protocols. The countermeasures unit can enhance access control using authentication and authorization protocols such as OAuth and SAML. Furthermore, the countermeasures unit can implement model watermarking. The countermeasures unit can protect machine learning models using digital watermarking technology. This allows for enhanced defense against threats by implementing specific countermeasures. Some or all of the above processes in the countermeasures unit may be performed using AI, for example, or not using AI. For example, the countermeasures unit can have a generative AI perform data encryption.
[0070] The implementation unit can perform threat intelligence, monitoring and log management, and periodic penetration testing. For example, the implementation unit can perform threat intelligence activities such as collecting, analyzing, and sharing threat information. The implementation unit can also perform monitoring and log management activities such as real-time monitoring and log collection and analysis. Furthermore, the implementation unit can also perform periodic penetration testing. The implementation unit can perform periodic penetration testing such as annual tests and tests by external experts. This allows for the maintenance and improvement of security through threat intelligence, monitoring and log management, and periodic penetration testing. Some or all of the above processes performed by the implementation unit may be performed using AI, for example, or not. For example, the implementation unit can have a generative AI perform the implementation of threat intelligence.
[0071] The evaluation unit can evaluate the attack detection rate, average response time, and security event reduction rate. For example, the evaluation unit can evaluate the attack detection rate. The evaluation unit can evaluate the attack detection rate based on criteria such as the method of calculating the detection rate and the frequency of evaluation. The evaluation unit can also evaluate the average response time. The evaluation unit can evaluate the average response time based on criteria such as the method of measuring the response time and the frequency of evaluation. Furthermore, the evaluation unit can also evaluate the security event reduction rate. The evaluation unit can evaluate the security event reduction rate based on criteria such as the method of calculating the reduction rate and the frequency of evaluation. By evaluating performance indicators, the effectiveness of security measures can be confirmed and improvements can be made. Some or all of the above processing in the evaluation unit may be performed using AI, for example, or without using AI. For example, the evaluation unit can have a generating AI perform the evaluation of the attack detection rate.
[0072] The classification unit can estimate the user's emotions and adjust the threat classification criteria based on the estimated emotions. For example, if the user is feeling anxious, the classification unit can tighten the threat classification criteria to detect more threats. If the user is relaxed, the classification unit can also loosen the threat classification criteria to reduce false positives. Furthermore, if the user is in a hurry, the classification unit can prioritize classifying high-priority threats. This allows for more accurate threat classification by adjusting the threat classification criteria according to the user's emotions. Emotion estimation is achieved using an emotion estimation function, for example, using an emotion engine or generative AI. Generative AI includes, but is not limited to, text generation AI (e.g., LLM) or multimodal generation AI. Some or all of the above processing in the classification unit may be performed using AI, for example, or not using AI. For example, the classification unit can have a generative AI perform the estimation of the user's emotions.
[0073] The classification unit can analyze historical threat data and determine classification priorities based on the frequency and impact of threats. For example, the classification unit can analyze threat data from the past year and prioritize the classification of frequently occurring threats. The classification unit can also prioritize the classification of high-impact threats and postpone the classification of low-priority threats. Furthermore, based on historical threat data, the classification unit can predict threats that are likely to occur during a specific period and prioritize their classification. This allows for appropriate determination of threat priorities by analyzing historical threat data. Some or all of the above processing in the classification unit may be performed using AI, for example, or not. For example, the classification unit can have a generative AI perform the analysis of historical threat data.
[0074] The classification unit can set detailed subcategories based on the source of the threat and the attack method. For example, if the source of the threat is concentrated in a particular country or region, the classification unit can set a subcategory based on that region. If the attack methods differ, such as phishing and malware, the classification unit can also set a subcategory based on each method. Furthermore, if the source of the threat is concentrated in a particular IP address range, the classification unit can also set a subcategory based on that IP address range. This allows for a detailed classification of threats by setting subcategories based on the source of the threat and the attack method. Some or all of the above processing in the classification unit may be performed using AI, for example, or not. For example, the classification unit can have a generating AI perform the identification of the source of the threat and the attack method and the setting of subcategories.
[0075] The classification unit can estimate the user's emotions and adjust the order in which threat classification results are displayed based on the estimated user emotions. For example, if the user is feeling anxious, the classification unit will display the most important threats first. If the user is relaxed, the classification unit can also adjust the order according to the importance of the threats to make it easier to grasp the overall situation. Furthermore, if the user is in a hurry, the classification unit can prioritize displaying threats that require immediate attention. This allows for the provision of optimal information to the user by adjusting the display order of threat classification results according to the user's emotions. Emotion estimation is achieved using an emotion estimation function, for example, using an emotion engine or generative AI. Generative AI is, but is not limited to, text generation AI (e.g., LLM) or multimodal generation AI. Some or all of the above processing in the classification unit may be performed using AI, for example, or not using AI. For example, the classification unit can have a generative AI perform the estimation of the user's emotions.
[0076] The classification unit can perform classification while considering the geographical distribution of threats. For example, the classification unit can display the areas where threats occur on a map and classify them based on their geographical distribution. The classification unit can also prioritize the classification of threats occurring in specific areas and strengthen security measures in those areas. Furthermore, the classification unit can analyze the trends in threat occurrence based on geographical distribution and take preventive measures. This makes it possible to take appropriate measures against threats in each region by considering the geographical distribution of threats. Some or all of the above processing in the classification unit may be performed using AI, for example, or not using AI. For example, the classification unit can have a generating AI perform the analysis of the geographical distribution of threats.
[0077] The classification unit can improve the accuracy of its classification by referring to relevant threat literature. For example, the classification unit can improve the accuracy of its classification by referring to the latest security research papers when classifying threats. The classification unit can also improve the accuracy of its classification by referring to past security incident reports when classifying threats. Furthermore, the classification unit can improve the accuracy of its classification by referring to industry best practices when classifying threats. This improves the accuracy of classification by referring to relevant threat literature. Some or all of the above processes in the classification unit may be performed using AI, for example, or not using AI. For example, the classification unit can have a generating AI perform the referencing of relevant threat literature.
[0078] The response unit can estimate the user's emotions and adjust the timing of the response based on the estimated emotions. For example, if the user is feeling anxious, the response unit can implement the response immediately. If the user is relaxed, the response unit can also adjust the timing of the response to implement it at the optimal time. Furthermore, if the user is in a hurry, the response unit can implement the response quickly. This allows for more effective responses by adjusting the timing of the response according to the user's emotions. Emotion estimation is achieved using an emotion estimation function, for example, using an emotion engine or generative AI. Generative AI is, but is not limited to, text generation AI (e.g., LLM) or multimodal generation AI. Some or all of the above processing in the response unit may be performed using AI, for example, or without AI. For example, the response unit can have a generative AI perform the estimation of the user's emotions.
[0079] The countermeasures department can analyze past countermeasures data and select the optimal countermeasure based on its effectiveness and implementation cost. For example, the countermeasures department can analyze past countermeasures data and select the most effective countermeasure. The countermeasures department can also consider the implementation cost of the countermeasure and select a cost-effective countermeasure. Furthermore, the countermeasures department can select the optimal countermeasure for a specific threat based on past countermeasures data. In this way, the optimal countermeasure can be selected by analyzing past countermeasures data. Some or all of the above processes in the countermeasures department may be performed using AI, for example, or not using AI. For example, the countermeasures department can have a generative AI perform the analysis of past countermeasures data.
[0080] The countermeasures unit can apply different countermeasures depending on the type and severity of the threat. For example, the unit can apply data encryption to data privacy attacks. It can also apply model watermarking to model theft. Furthermore, it can apply traffic filtering to DoS / DDoS attacks. This allows for more effective countermeasures by applying countermeasures according to the type and severity of the threat. Some or all of the above processing in the countermeasures unit may be performed using AI, for example, or without AI. For example, the countermeasures unit can have a generative AI perform the application of countermeasures according to the type and severity of the threat.
[0081] The response unit can estimate the user's emotions and determine the priority of countermeasures based on the estimated emotions. For example, if the user is feeling anxious, the response unit will prioritize the most important countermeasures. If the user is relaxed, the response unit can also adjust the priority of countermeasures, taking the overall balance into consideration. Furthermore, if the user is in a hurry, the response unit can prioritize countermeasures that can be implemented quickly. This allows for more effective countermeasures by determining the priority of countermeasures according to the user's emotions. Emotion estimation is achieved using an emotion estimation function, for example, using an emotion engine or generative AI. Generative AI is, but is not limited to, text generation AI (e.g., LLM) or multimodal generation AI. Some or all of the above processing in the response unit may be performed using AI, for example, or not using AI. For example, the response unit can have a generative AI perform the estimation of the user's emotions.
[0082] The countermeasures department can adjust the priority of countermeasures based on the timing of threat occurrences. For example, if threat occurrences are concentrated in a specific period, the department will prioritize countermeasures during that period. The countermeasures department can also adjust the timing of countermeasure implementation based on the timing of threat occurrences. Furthermore, the countermeasures department can predict the timing of threat occurrences and take countermeasures in advance. This allows for more effective countermeasures by adjusting the priority of countermeasures based on the timing of threat occurrences. Some or all of the above processes in the countermeasures department may be performed using AI, for example, or not. For example, the countermeasures department can have a generative AI perform the analysis of threat occurrence timings.
[0083] The countermeasures department can take countermeasures by referring to relevant market data on threats. For example, the countermeasures department can refer to relevant market data on threats and select the optimal countermeasure. The countermeasures department can also adjust the timing of countermeasure implementation based on market data. Furthermore, the countermeasures department can analyze market data, predict threat occurrence trends, and take countermeasures. This makes it possible to take more effective countermeasures by referring to relevant market data on threats. Some or all of the above processes in the countermeasures department may be performed using AI, for example, or not using AI. For example, the countermeasures department can have a generating AI perform the referencing of relevant market data on threats.
[0084] The implementation unit can estimate the user's emotions and adjust the implementation of best practices based on the estimated emotions. For example, if the user is feeling anxious, the implementation unit can quickly implement the best practices. If the user is relaxed, the implementation unit can also adjust the implementation of best practices and implement them at the optimal time. Furthermore, if the user is in a hurry, the implementation unit can prioritize implementing best practices that can be done quickly. This allows for more effective implementation by adjusting the implementation of best practices according to the user's emotions. Emotion estimation is achieved using an emotion estimation function, for example, using an emotion engine or generative AI. Generative AI is, but is not limited to, text generation AI (e.g., LLM) or multimodal generation AI. Some or all of the above processing in the implementation unit may be performed using AI, for example, or not using AI. For example, the implementation unit can have a generative AI perform the estimation of the user's emotions.
[0085] The implementation department can analyze past implementation data and select the optimal implementation method based on the effectiveness and cost of the implementation. For example, the implementation department can analyze past implementation data and select the most effective implementation method. The implementation department can also consider the effectiveness and cost of the implementation and select a cost-effective implementation method. Furthermore, the implementation department can select the optimal implementation method for a specific threat based on past implementation data. In this way, the optimal implementation method can be selected by analyzing past implementation data. Some or all of the above processes in the implementation department may be performed using AI, for example, or not using AI. For example, the implementation department can have a generative AI perform the analysis of past implementation data.
[0086] The implementation unit can apply different implementation methods depending on the type and impact of the threat when implementing best practices. For example, the implementation unit can apply data encryption against data privacy attacks. The implementation unit can also apply model watermarking against model theft. Furthermore, the implementation unit can apply traffic filtering against DoS / DDoS attacks. This allows for more effective implementation by applying implementation methods according to the type and impact of the threat. Some or all of the above processing in the implementation unit may be performed using AI, for example, or not using AI. For example, the implementation unit can have a generative AI perform the application of implementation methods according to the type and impact of the threat.
[0087] The implementation unit can estimate the user's emotions and prioritize best practices based on those emotions. For example, if the user is feeling anxious, the implementation unit will prioritize the most important best practices. If the user is relaxed, the implementation unit may adjust the priority of best practices, taking the overall balance into consideration. Furthermore, if the user is in a hurry, the implementation unit may prioritize best practices that can be implemented quickly. This allows for more effective implementation by prioritizing best practices according to the user's emotions. Emotion estimation is achieved using emotion estimation functions, such as emotion engines or generative AI. Generative AI includes, but is not limited to, text generation AI (e.g., LLM) or multimodal generation AI. Some or all of the above processing in the implementation unit may be performed using AI, for example, or not using AI. For example, the implementation unit can have a generative AI perform the estimation of the user's emotions.
[0088] The implementation unit can adjust the priority of best practices based on the timing of threat occurrences. For example, if threat occurrences are concentrated in a specific period, the implementation unit will prioritize the implementation of best practices during that period. The implementation unit can also adjust the timing of best practice implementation based on the timing of threat occurrences. Furthermore, the implementation unit can predict the timing of threat occurrences and implement best practices in advance. This allows for more effective implementation by adjusting the priority of implementation based on the timing of threat occurrences. Some or all of the above processes in the implementation unit may be performed using AI, for example, or not using AI. For example, the implementation unit can have a generative AI perform the analysis of threat occurrence timing.
[0089] The implementation unit can refer to relevant market data on threats when implementing best practices. For example, the implementation unit can refer to relevant market data on threats and select the most appropriate best practices. The implementation unit can also adjust the timing of best practice implementation based on market data. Furthermore, the implementation unit can analyze market data, predict threat trends, and implement best practices accordingly. This allows for more effective implementation by referring to relevant market data on threats. Some or all of the above processes in the implementation unit may be performed using AI, for example, or not using AI. For example, the implementation unit can have a generating AI perform the referencing of relevant market data on threats.
[0090] The evaluation unit can estimate the user's emotions and adjust the evaluation criteria for performance indicators based on the estimated user emotions. For example, if the user is feeling anxious, the evaluation unit may apply stricter evaluation criteria and enhance security. If the user is relaxed, the evaluation unit may also relax the evaluation criteria and consider the overall balance. Furthermore, if the user is in a hurry, the evaluation unit can perform a rapid evaluation and immediately identify areas for improvement. This allows for more appropriate evaluations by adjusting the evaluation criteria for performance indicators according to the user's emotions. Emotion estimation is achieved using an emotion estimation function, for example, using an emotion engine or generative AI. Generative AI is, but is not limited to, text generation AI (e.g., LLM) or multimodal generation AI. Some or all of the above processing in the evaluation unit may be performed using AI, for example, or not using AI. For example, the evaluation unit may have a generative AI perform the estimation of the user's emotions.
[0091] The evaluation unit can analyze past evaluation data and optimize the evaluation method based on the accuracy and reliability of the evaluation. For example, the evaluation unit can analyze past evaluation data and select the most reliable evaluation method. The evaluation unit can also adjust the evaluation criteria based on past evaluation data to improve the accuracy of the evaluation. Furthermore, the evaluation unit can optimize the evaluation method for specific threats based on past evaluation data. In this way, the evaluation method can be optimized by analyzing past evaluation data. Some or all of the above processes in the evaluation unit may be performed using AI, for example, or not using AI. For example, the evaluation unit can have a generative AI perform the analysis of past evaluation data.
[0092] The evaluation unit can apply different evaluation methods depending on the type and impact of the threat when evaluating performance indicators. For example, the evaluation unit can apply data protection evaluation criteria to data privacy attacks. The evaluation unit can also apply model protection evaluation criteria to model theft. Furthermore, the evaluation unit can apply service availability evaluation criteria to DoS / DDoS attacks. This allows for a more appropriate evaluation by applying evaluation methods according to the type and impact of the threat. Some or all of the above processing in the evaluation unit may be performed using AI, for example, or without AI. For example, the evaluation unit can have a generating AI perform the application of evaluation methods according to the type and impact of the threat.
[0093] The evaluation unit can estimate the user's emotions and adjust how the evaluation results are displayed based on the estimated emotions. For example, if the user is feeling anxious, the evaluation unit can display detailed evaluation results to provide reassurance. If the user is relaxed, the evaluation unit can also display evaluation results concisely to make it easier to grasp the overall situation. Furthermore, if the user is in a hurry, the evaluation unit can prioritize displaying important evaluation results. This allows for more appropriate information to be provided by adjusting how evaluation results are displayed according to the user's emotions. Emotion estimation is achieved using an emotion estimation function, for example, using an emotion engine or generative AI. Generative AI is, but is not limited to, text generation AI (e.g., LLM) or multimodal generation AI. Some or all of the above processing in the evaluation unit may be performed using AI, for example, or without AI. For example, the evaluation unit can have a generative AI perform the estimation of the user's emotions.
[0094] The evaluation unit can determine the priority of evaluations based on the timing of threat occurrences when evaluating performance indicators. For example, if the timing of threat occurrences is concentrated in a particular period, the evaluation unit will prioritize the evaluation of that period. The evaluation unit can also adjust the priority of evaluations based on the timing of threat occurrences. Furthermore, the evaluation unit can predict the timing of threat occurrences and conduct evaluations in advance. This allows for more appropriate evaluations by determining the priority of evaluations based on the timing of threat occurrences. Some or all of the above processes in the evaluation unit may be performed using AI, for example, or not using AI. For example, the evaluation unit can have a generative AI perform the analysis of the timing of threat occurrences.
[0095] The evaluation unit can perform evaluations by referring to relevant market data on threats when evaluating performance indicators. For example, the evaluation unit can refer to relevant market data on threats and select the optimal evaluation method. The evaluation unit can also adjust the timing of evaluations based on market data. Furthermore, the evaluation unit can analyze market data and predict threat occurrence trends to perform evaluations. This allows for more appropriate evaluations by referring to relevant market data on threats. Some or all of the above processes in the evaluation unit may be performed using AI, for example, or without AI. For example, the evaluation unit can have a generating AI perform the referencing of relevant market data on threats.
[0096] The system according to the embodiment is not limited to the example described above, and various modifications are possible, for example, as follows.
[0097] The classification unit can consider a user's past behavioral history when classifying threats. For example, if a user has reacted sensitively to a particular threat in the past, that threat will be given priority in classification. Furthermore, if a user has a history of taking countermeasures against a particular threat in the past, that threat can be given higher priority when reclassifying it. This allows for more personalized threat classification by considering the user's past behavioral history.
[0098] The countermeasures department can consider the user's current system resource usage when implementing countermeasures against threats. For example, if system resources are under heavy load, countermeasures that consume fewer resources will be prioritized. Conversely, if there are available system resources, more powerful countermeasures can be implemented. Furthermore, the timing of countermeasure implementation can be adjusted according to system resource usage. This allows for efficient countermeasure implementation by considering system resource usage.
[0099] The implementation department can share threat information in real time during the collection of threat intelligence. For example, it can collaborate with other security systems and the security community to share the latest threat information in real time. Furthermore, real-time threat information sharing enables rapid countermeasures. In addition, real-time threat information sharing enables early detection of threats and rapid response. In this way, security can be strengthened by sharing threat information in real time.
[0100] The evaluation department can consider user feedback when evaluating performance indicators. For example, it can adjust evaluation criteria based on user feedback. It can also improve evaluation results based on user feedback. Furthermore, it can optimize evaluation methods based on user feedback. This allows for more appropriate evaluations by considering user feedback.
[0101] The classification unit can consider both the frequency and impact of a threat simultaneously. For example, it can prioritize classifying threats that occur frequently and have a high impact. Conversely, it can postpone the classification of threats that occur infrequently and have a low impact. Furthermore, it can adjust the classification priority by considering the balance between frequency and impact. This allows for more effective threat classification by considering both frequency and impact simultaneously.
[0102] The classification unit can estimate the user's emotions and adjust the threat classification criteria based on those emotions. For example, if the user is feeling anxious, the threat classification criteria can be tightened to detect more threats. If the user is relaxed, the classification unit can also loosen the criteria to reduce false positives. Furthermore, if the user is in a hurry, the classification unit can prioritize classifying high-priority threats. This allows for more accurate threat classification by adjusting the threat classification criteria according to the user's emotions.
[0103] The response team can estimate the user's emotions and adjust the timing of countermeasures based on those estimates. For example, if the user is feeling anxious, countermeasures can be implemented immediately. If the user is relaxed, the response team can also adjust the timing of countermeasures to implement them at the optimal time. Furthermore, if the user is in a hurry, the response team can implement countermeasures quickly. By adjusting the timing of countermeasures according to the user's emotions, more effective countermeasures become possible.
[0104] The implementation team can estimate the user's emotions and adjust the implementation of best practices based on those emotions. For example, if the user is feeling anxious, they can implement the best practices quickly. If the user is relaxed, the implementation team can also adjust the implementation of best practices and implement them at the optimal time. Furthermore, if the user is in a hurry, the implementation team can prioritize implementing best practices that can be done quickly. By adjusting the implementation of best practices according to the user's emotions, more effective implementation becomes possible.
[0105] The evaluation unit can estimate the user's emotions and adjust the evaluation criteria for performance indicators based on those estimated emotions. For example, if the user is feeling anxious, stricter evaluation criteria may be applied to enhance security. If the user is relaxed, the evaluation unit may also relax the evaluation criteria and consider the overall balance. Furthermore, if the user is in a hurry, the evaluation unit can conduct a rapid evaluation and immediately identify areas for improvement. This allows for more appropriate evaluations by adjusting the evaluation criteria for performance indicators according to the user's emotions.
[0106] The evaluation unit can estimate the user's emotions and adjust how the evaluation results are displayed based on those emotions. For example, if the user is feeling anxious, it can display detailed evaluation results to provide reassurance. If the user is relaxed, the evaluation unit can also display evaluation results concisely to make it easier to grasp the overall situation. Furthermore, if the user is in a hurry, the evaluation unit can prioritize displaying important evaluation results. By adjusting how evaluation results are displayed according to the user's emotions, it becomes possible to provide more appropriate information.
[0107] The following briefly describes the processing flow for example form 2.
[0108] Step 1: The classification unit classifies threats to the AI agent. For example, the classification unit classifies data privacy attacks, model theft, adversarial sampling attacks, supply chain attacks, and DoS / DDoS attacks. The classification unit can use AI to identify and classify the type of threat. Step 2: The countermeasures department implements specific countermeasures against the threats classified by the classification department. For example, the countermeasures department implements data encryption, authentication and authorization protocols, model watermarking, adversarial sample protection, traffic filtering, and AI-enabled WAFs. The countermeasures department can use AI to implement specific countermeasures. Step 3: The implementation team implements best practices based on the countermeasures taken by the countermeasures team. For example, the implementation team conducts threat intelligence, monitoring and log management, and periodic penetration testing. The implementation team can use AI to implement best practices. Step 4: The evaluation unit evaluates performance indicators based on the best practices implemented by the implementation unit. For example, the evaluation unit evaluates attack detection rate, average response time, and security event reduction rate. The evaluation unit may use AI to evaluate performance indicators.
[0109] The specific processing unit 290 transmits the result of the specific processing to the smart device 14. In the smart device 14, the control unit 46A causes the output device 40 to output the result of the specific processing. The microphone 38B acquires audio indicating user input for the result of the specific processing. The control unit 46A transmits the audio data indicating user input acquired by the microphone 38B to the data processing device 12. In the data processing device 12, the specific processing unit 290 acquires the audio data.
[0110] Data generation model 58 is a form of so-called generative AI (Artificial Intelligence). An example of data generation model 58 is ChatGPT (registered trademark) (Internet search).<URL: https: / / openai.com / blog / chatgpt> Examples of generative AI include text generation AI, image generation AI, and multimodal generation AI. The data generation model 58 is obtained by performing deep learning on a neural network. The data generation model 58 is input with prompts containing instructions, and with inference data such as audio data representing speech, text data representing text, and image data representing images (e.g., still image data or video data). The data generation model 58 infers from the input inference data according to the instructions indicated by the prompts, and outputs the inference result in one or more data formats from audio data, text data, and image data. The data generation model 58 includes, for example, text generation AI, image generation AI, and multimodal generation AI. Here, inference refers to, for example, analysis, classification, prediction, and / or summarization. The specific processing unit 290 performs the specific processing described above using the data generation model 58. The data generation model 58 may be a fine-tuned model that outputs inference results from prompts that do not contain instructions, in which case the data generation model 58 can output inference results from prompts that do not contain instructions. In the data processing device 12, etc., there are multiple types of data generation models 58, and the data generation model 58 includes AI other than generative AI. AI other than generative AI includes, for example, linear regression, logistic regression, decision trees, random forests, support vector machines (SVMs), k-means clustering, convolutional neural networks (CNNs), recurrent neural networks (RNNs), generative adversarial networks (GANs), or naive Bayes, and can perform various processes, but is not limited to these examples. Also, the AI may be an AI agent. Furthermore, when the processing of each of the above parts is performed by the AI, the processing may be performed by the AI in part or in whole, but is not limited to this example.Furthermore, processing performed by AI, including generative AI, may be replaced with rule-based processing, and rule-based processing may be replaced with processing performed by AI, including generative AI.
[0111] Furthermore, the processing performed by the data processing system 10 described above is carried out by the specific processing unit 290 of the data processing device 12 or the control unit 46A of the smart device 14, but it may also be carried out by the specific processing unit 290 of the data processing device 12 and the control unit 46A of the smart device 14. In addition, the specific processing unit 290 of the data processing device 12 acquires or collects information necessary for processing from the smart device 14 or an external device, and the smart device 14 acquires or collects information necessary for processing from the data processing device 12 or an external device.
[0112] Each of the multiple elements described above, including the classification unit, countermeasure unit, implementation unit, and evaluation unit, is implemented in at least one of the smart device 14 and the data processing unit 12. For example, the classification unit is implemented by the control unit 46A of the smart device 14 and classifies threats to the AI agent. The countermeasure unit is implemented by the specific processing unit 290 of the data processing unit 12 and takes specific countermeasures against the classified threats. The implementation unit is implemented by the control unit 46A of the smart device 14 and implements best practices based on the countermeasures. The evaluation unit is implemented by the specific processing unit 290 of the data processing unit 12 and evaluates performance indicators based on the implemented best practices. The correspondence between each unit and the device or control unit is not limited to the example described above and can be changed in various ways.
[0113] [Second Embodiment] Figure 3 shows an example of the configuration of the data processing system 210 according to the second embodiment.
[0114] As shown in Figure 3, the data processing system 210 includes a data processing device 12 and smart glasses 214. An example of the data processing device 12 is a server.
[0115] The data processing device 12 comprises a computer 22, a database 24, and a communication interface 26. The computer 22 comprises a processor 28, RAM 30, and storage 32. The processor 28, RAM 30, and storage 32 are connected to a bus 34. The database 24 and the communication interface 26 are also connected to the bus 34. The communication interface 26 is connected to a network 54. An example of the network 54 is a WAN and / or LAN.
[0116] The smart glasses 214 include a computer 36, a microphone 238, a speaker 240, a camera 42, and a communication interface 44. The computer 36 includes a processor 46, RAM 48, and storage 50. The processor 46, RAM 48, and storage 50 are connected to a bus 52. The microphone 238, speaker 240, and camera 42 are also connected to the bus 52.
[0117] The microphone 238 receives voice signals from the user and accepts instructions from the user. The microphone 238 captures the voice signals from the user, converts the captured voice into audio data, and outputs it to the processor 46. The speaker 240 outputs audio according to the instructions from the processor 46.
[0118] Camera 42 is a small digital camera equipped with an optical system including a lens, aperture, and shutter, and an image sensor such as a CMOS (Complementary Metal-Oxide-Semiconductor) image sensor or a CCD (Charge Coupled Device) image sensor, which captures images of the area around the user (for example, an imaging range defined by a field of view equivalent to the field of vision of a typical healthy person).
[0119] Communication interface 44 is connected to network 54. Communication interfaces 44 and 26 are responsible for the exchange of various information between processor 46 and processor 28 via network 54. The exchange of various information between processor 46 and processor 28 using communication interfaces 44 and 26 is performed in a secure manner.
[0120] Figure 4 shows an example of the main functions of the data processing device 12 and the smart glasses 214. As shown in Figure 4, the data processing device 12 performs specific processing by the processor 28. The storage 32 stores the specific processing program 56.
[0121] The processor 28 reads a specific processing program 56 from the storage 32 and executes the read specific processing program 56 on the RAM 30. The specific processing is realized by the processor 28 acting as a specific processing unit 290 according to the specific processing program 56 executed on the RAM 30.
[0122] Storage 32 stores the data generation model 58 and the emotion identification model 59. The data generation model 58 and the emotion identification model 59 are used by the identification processing unit 290. The identification processing unit 290 can estimate the user's emotions using the emotion identification model 59 and perform identification processing using the user's emotions. The emotion estimation function (emotion identification function) using the emotion identification model 59 performs various estimations and predictions regarding the user's emotions, including but not limited to these examples. Furthermore, emotion estimation and prediction also include, for example, emotion analysis.
[0123] In the smart glasses 214, specific processing is performed by the processor 46. The storage 50 stores a specific processing program 60. The processor 46 reads the specific processing program 60 from the storage 50 and executes the read specific processing program 60 on the RAM 48. The specific processing is realized by the processor 46 acting as a control unit 46A according to the specific processing program 60 executed on the RAM 48. The smart glasses 214 also have a data generation model 58 and an emotion identification model 59, similar to the data generation model and emotion identification model 59, and can perform processing similar to that of the specific processing unit 290 using these models.
[0124] Furthermore, other devices besides the data processing device 12 may also have the data generation model 58. For example, a server device may have the data generation model 58. In this case, the data processing device 12 obtains processing results (such as prediction results) using the data generation model 58 by communicating with the server device that has the data generation model 58. Also, the data processing device 12 may be a server device or a terminal device owned by the user (for example, a mobile phone, robot, home appliance, etc.).
[0125] The specific processing unit 290 transmits the result of the specific processing to the smart glasses 214. In the smart glasses 214, the control unit 46A causes the speaker 240 to output the result of the specific processing. The microphone 238 acquires audio indicating user input for the result of the specific processing. The control unit 46A transmits the audio data indicating user input acquired by the microphone 238 to the data processing unit 12. In the data processing unit 12, the specific processing unit 290 acquires the audio data.
[0126] The data generation model 58 is a so-called generative AI. An example of a data generation model 58 is a generative AI such as ChatGPT. The data generation model 58 is obtained by performing deep learning on a neural network. The data generation model 58 is input with prompts containing instructions, and inference data such as audio data representing speech, text data representing text, and image data representing images (e.g., still image data or video data). The data generation model 58 infers from the input inference data according to the instructions indicated by the prompts, and outputs the inference result in one or more data formats such as audio data, text data, and image data. The data generation model 58 includes, for example, text generation AI, image generation AI, and multimodal generation AI. Here, inference refers to, for example, analysis, classification, prediction, and / or summarization. The specific processing unit 290 performs the specific processing described above using the data generation model 58. The data generation model 58 may be a fine-tuned model that outputs inference results from prompts that do not contain instructions, in which case the data generation model 58 can output inference results from prompts that do not contain instructions. In the data processing device 12, etc., there are multiple types of data generation models 58, and the data generation model 58 includes AI other than generative AI. AI other than generative AI includes, for example, linear regression, logistic regression, decision trees, random forests, support vector machines (SVM), k-means clustering, convolutional neural networks (CNN), recurrent neural networks (RNN), generative adversarial networks (GAN), or naive Bayes, and can perform various processes, but is not limited to these examples. Also, the AI may be an AI agent. Furthermore, when the processing of each part described above is performed by the AI, the processing may be performed by the AI in part or in whole, but is not limited to this example. Also, processing performed by an AI including a generative AI may be replaced by rule-based processing, and rule-based processing may be replaced by processing performed by an AI including a generative AI.
[0127] The data processing system 210 according to the second embodiment performs the same processing as the data processing system 10 according to the first embodiment. The processing by the data processing system 210 is performed by the specific processing unit 290 of the data processing device 12 or the control unit 46A of the smart glasses 214, but it may also be performed by the specific processing unit 290 of the data processing device 12 and the control unit 46A of the smart glasses 214. In addition, the specific processing unit 290 of the data processing device 12 acquires or collects information necessary for processing from the smart glasses 214 or an external device, and the smart glasses 214 acquires or collects information necessary for processing from the data processing device 12 or an external device.
[0128] Each of the multiple elements described above, including the classification unit, countermeasure unit, implementation unit, and evaluation unit, is implemented by, for example, at least one of the smart glasses 214 and the data processing unit 12. For example, the classification unit is implemented by the control unit 46A of the smart glasses 214 and classifies threats to the AI agent. The countermeasure unit is implemented by, for example, the specific processing unit 290 of the data processing unit 12 and takes specific countermeasures against the classified threats. The implementation unit is implemented by, for example, the control unit 46A of the smart glasses 214 and implements best practices based on the countermeasures. The evaluation unit is implemented by, for example, the specific processing unit 290 of the data processing unit 12 and evaluates performance indicators based on the implemented best practices. The correspondence between each unit and the device or control unit is not limited to the example described above and can be changed in various ways.
[0129] [Third Embodiment] Figure 5 shows an example of the configuration of the data processing system 310 according to the third embodiment.
[0130] As shown in Figure 5, the data processing system 310 includes a data processing device 12 and a headset terminal 314. An example of the data processing device 12 is a server.
[0131] The data processing device 12 comprises a computer 22, a database 24, and a communication interface 26. The computer 22 comprises a processor 28, RAM 30, and storage 32. The processor 28, RAM 30, and storage 32 are connected to a bus 34. The database 24 and the communication interface 26 are also connected to the bus 34. The communication interface 26 is connected to a network 54. An example of the network 54 is a WAN and / or LAN.
[0132] The headset terminal 314 includes a computer 36, a microphone 238, a speaker 240, a camera 42, a communication interface 44, and a display 343. The computer 36 includes a processor 46, RAM 48, and storage 50. The processor 46, RAM 48, and storage 50 are connected to a bus 52. The microphone 238, speaker 240, camera 42, and display 343 are also connected to the bus 52.
[0133] The microphone 238 receives voice signals from the user and accepts instructions from the user. The microphone 238 captures the voice signals from the user, converts the captured voice into audio data, and outputs it to the processor 46. The speaker 240 outputs audio according to the instructions from the processor 46.
[0134] Camera 42 is a small digital camera equipped with an optical system including a lens, aperture, and shutter, and an image sensor such as a CMOS (Complementary Metal-Oxide-Semiconductor) image sensor or a CCD (Charge Coupled Device) image sensor, which captures images of the area around the user (for example, an imaging range defined by a field of view equivalent to the field of vision of a typical healthy person).
[0135] Communication interface 44 is connected to network 54. Communication interfaces 44 and 26 are responsible for the exchange of various information between processor 46 and processor 28 via network 54. The exchange of various information between processor 46 and processor 28 using communication interfaces 44 and 26 is performed in a secure manner.
[0136] Figure 6 shows an example of the main functions of the data processing device 12 and the headset terminal 314. As shown in Figure 6, the data processing device 12 performs specific processing using the processor 28. The storage 32 stores the specific processing program 56.
[0137] The processor 28 reads a specific processing program 56 from the storage 32 and executes the read specific processing program 56 on the RAM 30. The specific processing is realized by the processor 28 acting as a specific processing unit 290 according to the specific processing program 56 executed on the RAM 30.
[0138] Storage 32 stores the data generation model 58 and the emotion identification model 59. The data generation model 58 and the emotion identification model 59 are used by the identification processing unit 290. The identification processing unit 290 can estimate the user's emotions using the emotion identification model 59 and perform identification processing using the user's emotions. The emotion estimation function (emotion identification function) using the emotion identification model 59 performs various estimations and predictions regarding the user's emotions, including but not limited to these examples. Furthermore, emotion estimation and prediction also include, for example, emotion analysis.
[0139] In the headset terminal 314, specific processing is performed by the processor 46. The storage 50 stores a specific program 60. The processor 46 reads the specific program 60 from the storage 50 and executes the read specific program 60 on the RAM 48. The specific processing is realized by the processor 46 acting as a control unit 46A according to the specific program 60 executed on the RAM 48. The headset terminal 314 also has a data generation model 58 and an emotion identification model 59, similar to the data generation model and emotion identification model 59, and can perform processing similar to that of the specific processing unit 290 using these models.
[0140] Furthermore, other devices besides the data processing device 12 may also have the data generation model 58. For example, a server device may have the data generation model 58. In this case, the data processing device 12 obtains processing results (such as prediction results) using the data generation model 58 by communicating with the server device that has the data generation model 58. Also, the data processing device 12 may be a server device or a terminal device owned by the user (for example, a mobile phone, robot, home appliance, etc.).
[0141] The specific processing unit 290 transmits the result of the specific processing to the headset terminal 314. In the headset terminal 314, the control unit 46A causes the speaker 240 and display 343 to output the result of the specific processing. The microphone 238 acquires audio indicating user input for the result of the specific processing. The control unit 46A transmits the audio data indicating user input acquired by the microphone 238 to the data processing unit 12. In the data processing unit 12, the specific processing unit 290 acquires the audio data.
[0142] The data generation model 58 is a so-called generative AI. An example of a data generation model 58 is a generative AI such as ChatGPT. The data generation model 58 is obtained by performing deep learning on a neural network. The data generation model 58 is input with prompts containing instructions, and inference data such as audio data representing speech, text data representing text, and image data representing images (e.g., still image data or video data). The data generation model 58 infers from the input inference data according to the instructions indicated by the prompts, and outputs the inference result in one or more data formats such as audio data, text data, and image data. The data generation model 58 includes, for example, text generation AI, image generation AI, and multimodal generation AI. Here, inference refers to, for example, analysis, classification, prediction, and / or summarization. The specific processing unit 290 performs the specific processing described above using the data generation model 58. The data generation model 58 may be a fine-tuned model that outputs inference results from prompts that do not contain instructions, in which case the data generation model 58 can output inference results from prompts that do not contain instructions. In the data processing device 12, etc., there are multiple types of data generation models 58, and the data generation model 58 includes AI other than generative AI. AI other than generative AI includes, for example, linear regression, logistic regression, decision trees, random forests, support vector machines (SVM), k-means clustering, convolutional neural networks (CNN), recurrent neural networks (RNN), generative adversarial networks (GAN), or naive Bayes, and can perform various processes, but is not limited to these examples. Also, the AI may be an AI agent. Furthermore, when the processing of each part described above is performed by the AI, the processing may be performed by the AI in part or in whole, but is not limited to this example. Also, processing performed by an AI including a generative AI may be replaced by rule-based processing, and rule-based processing may be replaced by processing performed by an AI including a generative AI.
[0143] The data processing system 310 according to the third embodiment performs the same processing as the data processing system 10 according to the first embodiment. The processing by the data processing system 310 is performed by the specific processing unit 290 of the data processing device 12 or the control unit 46A of the headset terminal 314, but may also be performed by the specific processing unit 290 of the data processing device 12 and the control unit 46A of the headset terminal 314. In addition, the specific processing unit 290 of the data processing device 12 acquires or collects information necessary for processing from the headset terminal 314 or an external device, and the headset terminal 314 acquires or collects information necessary for processing from the data processing device 12 or an external device.
[0144] Each of the multiple elements described above, including the classification unit, countermeasure unit, implementation unit, and evaluation unit, is implemented by, for example, at least one of the headset terminal 314 and the data processing unit 12. For example, the classification unit is implemented by the control unit 46A of the headset terminal 314 and classifies threats to the AI agent. The countermeasure unit is implemented by, for example, the specific processing unit 290 of the data processing unit 12 and takes specific countermeasures against the classified threats. The implementation unit is implemented by, for example, the control unit 46A of the headset terminal 314 and implements best practices based on the countermeasures. The evaluation unit is implemented by, for example, the specific processing unit 290 of the data processing unit 12 and evaluates performance indicators based on the implemented best practices. The correspondence between each unit and the device or control unit is not limited to the example described above and can be changed in various ways.
[0145] [Fourth Embodiment] Figure 7 shows an example of the configuration of the data processing system 410 according to the fourth embodiment.
[0146] As shown in Figure 7, the data processing system 410 includes a data processing device 12 and a robot 414. An example of the data processing device 12 is a server.
[0147] The data processing device 12 comprises a computer 22, a database 24, and a communication interface 26. The computer 22 comprises a processor 28, RAM 30, and storage 32. The processor 28, RAM 30, and storage 32 are connected to a bus 34. The database 24 and the communication interface 26 are also connected to the bus 34. The communication interface 26 is connected to a network 54. An example of the network 54 is a WAN and / or LAN.
[0148] The robot 414 includes a computer 36, a microphone 238, a speaker 240, a camera 42, a communication interface 44, and a controlled object 443. The computer 36 includes a processor 46, RAM 48, and storage 50. The processor 46, RAM 48, and storage 50 are connected to a bus 52. The microphone 238, speaker 240, camera 42, and controlled object 443 are also connected to the bus 52.
[0149] The microphone 238 receives voice signals from the user and accepts instructions from the user. The microphone 238 captures the voice signals from the user, converts the captured voice into audio data, and outputs it to the processor 46. The speaker 240 outputs audio according to the instructions from the processor 46.
[0150] Camera 42 is a small digital camera equipped with an optical system including a lens, aperture, and shutter, and an image sensor such as a CMOS image sensor or CCD image sensor, which captures images of the area around the user (for example, an imaging range defined by a field of view equivalent to the field of vision of a typical healthy person).
[0151] Communication interface 44 is connected to network 54. Communication interfaces 44 and 26 are responsible for the exchange of various information between processor 46 and processor 28 via network 54. The exchange of various information between processor 46 and processor 28 using communication interfaces 44 and 26 is performed in a secure manner.
[0152] The controlled object 443 includes a display device, LEDs in the eyes, and motors that drive the arms, hands, and feet. The posture and gestures of the robot 414 are controlled by controlling the motors of the arms, hands, and feet. Some of the robot 414's emotions can be expressed by controlling these motors. The robot 414's facial expressions can also be expressed by controlling the illumination state of the LEDs in its eyes.
[0153] Figure 8 shows an example of the main functions of the data processing device 12 and the robot 414. As shown in Figure 8, the data processing device 12 performs specific processing using the processor 28. The storage 32 stores the specific processing program 56.
[0154] The processor 28 reads a specific processing program 56 from the storage 32 and executes the read specific processing program 56 on the RAM 30. The specific processing is realized by the processor 28 acting as a specific processing unit 290 according to the specific processing program 56 executed on the RAM 30.
[0155] Storage 32 stores the data generation model 58 and the emotion identification model 59. The data generation model 58 and the emotion identification model 59 are used by the identification processing unit 290. The identification processing unit 290 can estimate the user's emotions using the emotion identification model 59 and perform identification processing using the user's emotions. The emotion estimation function (emotion identification function) using the emotion identification model 59 performs various estimations and predictions regarding the user's emotions, including but not limited to these examples. Furthermore, emotion estimation and prediction also include, for example, emotion analysis.
[0156] In robot 414, specific processing is performed by processor 46. A specific program 60 is stored in storage 50. Processor 46 reads the specific program 60 from storage 50 and executes it on RAM 48. The specific processing is achieved by processor 46 acting as a control unit 46A according to the specific program 60 executed on RAM 48. Robot 414 also has data generation model 58 and emotion identification model 59, similar to those of the robot, and can perform processing similar to that of the specific processing unit 290 using these models.
[0157] Furthermore, other devices besides the data processing device 12 may also have the data generation model 58. For example, a server device may have the data generation model 58. In this case, the data processing device 12 obtains processing results (such as prediction results) using the data generation model 58 by communicating with the server device that has the data generation model 58. Also, the data processing device 12 may be a server device or a terminal device owned by the user (for example, a mobile phone, robot, home appliance, etc.).
[0158] The specific processing unit 290 transmits the result of the specific processing to the robot 414. In the robot 414, the control unit 46A causes the speaker 240 and the controlled object 443 to output the result of the specific processing. The microphone 238 acquires audio indicating user input for the result of the specific processing. The control unit 46A transmits the audio data indicating user input acquired by the microphone 238 to the data processing unit 12. In the data processing unit 12, the specific processing unit 290 acquires the audio data.
[0159] The data generation model 58 is a so-called generative AI. An example of a data generation model 58 is a generative AI such as ChatGPT. The data generation model 58 is obtained by performing deep learning on a neural network. The data generation model 58 is input with prompts containing instructions, and inference data such as audio data representing speech, text data representing text, and image data representing images (e.g., still image data or video data). The data generation model 58 infers from the input inference data according to the instructions indicated by the prompts, and outputs the inference result in one or more data formats such as audio data, text data, and image data. The data generation model 58 includes, for example, text generation AI, image generation AI, and multimodal generation AI. Here, inference refers to, for example, analysis, classification, prediction, and / or summarization. The specific processing unit 290 performs the specific processing described above using the data generation model 58. The data generation model 58 may be a fine-tuned model that outputs inference results from prompts that do not contain instructions, in which case the data generation model 58 can output inference results from prompts that do not contain instructions. In the data processing device 12, etc., there are multiple types of data generation models 58, and the data generation model 58 includes AI other than generative AI. AI other than generative AI includes, for example, linear regression, logistic regression, decision trees, random forests, support vector machines (SVM), k-means clustering, convolutional neural networks (CNN), recurrent neural networks (RNN), generative adversarial networks (GAN), or naive Bayes, and can perform various processes, but is not limited to these examples. Also, the AI may be an AI agent. Furthermore, when the processing of each part described above is performed by the AI, the processing may be performed by the AI in part or in whole, but is not limited to this example. Also, processing performed by an AI including a generative AI may be replaced by rule-based processing, and rule-based processing may be replaced by processing performed by an AI including a generative AI.
[0160] The data processing system 410 according to the fourth embodiment performs the same processing as the data processing system 10 according to the first embodiment. The processing by the data processing system 410 is performed by the specific processing unit 290 of the data processing device 12 or the control unit 46A of the robot 414, but it may also be performed by the specific processing unit 290 of the data processing device 12 and the control unit 46A of the robot 414. In addition, the specific processing unit 290 of the data processing device 12 acquires or collects information necessary for processing from the robot 414 or an external device, and the robot 414 acquires or collects information necessary for processing from the data processing device 12 or an external device.
[0161] Each of the multiple elements described above, including the classification unit, countermeasure unit, implementation unit, and evaluation unit, is implemented by, for example, at least one of the robot 414 and the data processing unit 12. For example, the classification unit is implemented by the control unit 46A of the robot 414 and classifies threats to the AI agent. The countermeasure unit is implemented by, for example, the specific processing unit 290 of the data processing unit 12 and takes specific countermeasures against the classified threats. The implementation unit is implemented by, for example, the control unit 46A of the robot 414 and implements best practices based on the countermeasures. The evaluation unit is implemented by, for example, the specific processing unit 290 of the data processing unit 12 and evaluates performance indicators based on the implemented best practices. The correspondence between each unit and the device or control unit is not limited to the example described above and can be changed in various ways.
[0162] Furthermore, the emotion identification model 59, acting as an emotion engine, may determine the user's emotion according to a specific mapping. Specifically, the emotion identification model 59 may determine the user's emotion according to a specific mapping, which is an emotion map (see Figure 9). Similarly, the emotion identification model 59 may also determine the robot's emotion, and the identification processing unit 290 may perform identification processing using the robot's emotion.
[0163] Figure 9 shows the emotion map 400, in which multiple emotions are mapped. In the emotion map 400, emotions are arranged in concentric circles radiating from the center. The closer to the center of the concentric circles, the more primitive the emotions are located. Further out of the concentric circles, emotions representing states and actions arising from mental states are located. Emotion is a concept that includes feelings and mental states. On the left side of the concentric circles, emotions that are generally generated from reactions occurring in the brain are located. On the right side of the concentric circles, emotions that are generally induced by situational judgment are located. Above and below the concentric circles, emotions that are generally generated from reactions occurring in the brain and induced by situational judgment are located. In addition, the emotion of "pleasure" is located on the upper side of the concentric circles, and the emotion of "displeasure" is located on the lower side. Thus, in the emotion map 400, multiple emotions are mapped based on the structure in which emotions arise, and emotions that are likely to occur simultaneously are mapped close together.
[0164] These emotions are distributed at the 3 o'clock position on the Emotion Map 400, and usually fluctuate between feelings of security and anxiety. In the right half of the Emotion Map 400, situational awareness takes precedence over internal feelings, resulting in a calm impression.
[0165] The inside of the Emotion Map 400 represents inner thoughts, while the outside represents actions. Therefore, the further you go from the outside of the Emotion Map 400, the more visible (expressed in actions) your emotions become.
[0166] Here, human emotions are based on various balances, such as posture and blood sugar levels. When these balances deviate from the ideal, it results in discomfort, and when they approach the ideal, it results in pleasure. Similarly, in robots, cars, and motorcycles, emotions can be created based on various balances, such as posture and battery level. When these balances deviate from the ideal, it results in discomfort, and when they approach the ideal, it results in pleasure. The emotion map can be generated based, for example, on Dr. Mitsuyoshi's emotion map (Research on a system for analyzing brain physiological signals of speech emotion recognition and emotion, Tokushima University, doctoral dissertation: https: / / ci.nii.ac.jp / naid / 500000375379). The left half of the emotion map contains emotions belonging to a region called "response," where sensation is dominant. The right half of the emotion map contains emotions belonging to a region called "situation," where situational awareness is dominant.
[0167] The emotion map defines two emotions that promote learning. One is the emotion around the middle of the negative "repentance" and "reflection" on the situation side. In other words, it is when the robot experiences negative emotions such as "I never want to feel this way again" or "I don't want to be scolded again." The other is the emotion around the positive "desire" on the reaction side. In other words, it is when the robot has positive feelings such as "I want more" or "I want to know more."
[0168] The emotion identification model 59 inputs user input into a pre-trained neural network, obtains emotion values representing each emotion shown in the emotion map 400, and determines the user's emotion. This neural network is pre-trained based on multiple training data sets, which are combinations of user input and emotion values representing each emotion shown in the emotion map 400. Furthermore, this neural network is trained so that emotions located close together have similar values, as shown in the emotion map 900 in Figure 10. Figure 10 shows an example where multiple emotions such as "reassured," "calm," and "confident" have similar emotion values.
[0169] In the above embodiment, an example was given in which a specific process is performed by a single computer 22. However, the technology of this disclosure is not limited thereto, and a distributed processing method for the specific process may be used, which includes computer 22 and multiple other computers.
[0170] In the above embodiment, an example was given in which the specific processing program 56 is stored in the storage 32, but the technology of this disclosure is not limited thereto. For example, the specific processing program 56 may be stored in a portable, computer-readable, non-temporary storage medium such as a USB (Universal Serial Bus) memory. The specific processing program 56 stored in the non-temporary storage medium is installed in the computer 22 of the data processing device 12. The processor 28 executes specific processing according to the specific processing program 56.
[0171] Alternatively, the specific processing program 56 may be stored in a storage device such as a server connected to the data processing device 12 via the network 54, and the specific processing program 56 may be downloaded and installed on the computer 22 in response to a request from the data processing device 12.
[0172] Furthermore, it is not necessary to store the entirety of the specific processing program 56 in a storage device such as a server connected to the data processing device 12 via the network 54, or to store the entirety of the specific processing program 56 in the storage 32; it is acceptable to store only a portion of the specific processing program 56.
[0173] The following types of processors can be used as hardware resources to perform specific processing. Examples of processors include a CPU, a general-purpose processor that functions as a hardware resource to perform specific processing by executing software, i.e., a program. Other examples of processors include dedicated electrical circuits, such as FPGAs (Field-Programmable Gate Arrays), PLDs (Programmable Logic Devices), or ASICs (Application Specific Integrated Circuits), which have circuit configurations specifically designed to perform specific processing. All of these processors have built-in or connected memory, and all of them perform specific processing by using memory.
[0174] The hardware resource that performs a specific process may consist of one of these various processors, or it may consist of a combination of two or more processors of the same or different types (for example, a combination of multiple FPGAs, or a combination of a CPU and an FPGA). Alternatively, the hardware resource that performs a specific process may consist of a single processor.
[0175] Examples of configurations using a single processor include, firstly, a configuration in which one or more CPUs and software are combined to form a single processor, and this processor functions as a hardware resource that performs a specific process. Secondly, there is a configuration using a processor that realizes the functions of the entire system, including multiple hardware resources that perform a specific process, on a single IC chip, as exemplified by SoCs (System-on-a-chip). In this way, a specific process is realized using one or more of the above types of processors as hardware resources.
[0176] Furthermore, the hardware structure of these various processors can more specifically utilize electrical circuits that combine circuit elements such as semiconductor devices. Also, the specific processing described above is merely an example. Therefore, it goes without saying that unnecessary steps can be deleted, new steps added, or the processing order rearranged, as long as it does not deviate from the main purpose.
[0177] Furthermore, although the above-described examples were divided into four embodiments, some or all of these embodiments may be combined. Also, the smart device 14, smart glasses 214, headset terminal 314, and robot 414 are just examples, and they may be combined, or other devices may be used. Also, although the above-described examples were divided into two embodiments, Embodiment 1 and Embodiment 2, these may be combined.
[0178] The descriptions and illustrations presented above are detailed explanations of the technical aspects of this disclosure and are merely examples of the technical aspects. For example, the above descriptions of the structure, function, operation, and effect are examples of the structure, function, operation, and effect of the technical aspects of this disclosure. Therefore, it goes without saying that you may delete unnecessary parts, add new elements, or replace elements in the descriptions and illustrations presented above, as long as you do not deviate from the essence of the technical aspects of this disclosure. Furthermore, in order to avoid confusion and facilitate understanding of the technical aspects of this disclosure, explanations of common technical knowledge and other things that do not require special explanation to enable the implementation of the technical aspects of this disclosure have been omitted from the descriptions and illustrations presented above.
[0179] All documents, patent applications, and technical standards described herein are incorporated by reference to the same extent as if each individual document, patent application, and technical standard were specifically and individually noted to be incorporated by reference.
[0180] (Note 1) A classification unit that categorizes threats to AI agents, A countermeasures unit that takes specific countermeasures against threats classified by the classification unit, An implementation unit that implements best practices based on the measures taken by the aforementioned countermeasures unit, The system includes an evaluation unit that evaluates performance indicators based on best practices implemented by the aforementioned implementation unit. A system characterized by the following features. (Note 2) The aforementioned classification unit is Classify data privacy attacks, model theft, adversarial sampling attacks, supply chain attacks, and DoS / DDoS attacks. The system described in Appendix 1, characterized by the features described herein. (Note 3) The aforementioned countermeasures unit, Implement data encryption, authentication and authorization protocols, model watermarking, adversarial sample protection, traffic filtering, and AI-enabled WAF. The system described in Appendix 1, characterized by the features described herein. (Note 4) The aforementioned implementation unit is Threat intelligence, monitoring and log management, and regular penetration testing. The system described in Appendix 1, characterized by the features described herein. (Note 5) The evaluation unit, Evaluate attack detection rate, average response time, and security event reduction rate. The system described in Appendix 1, characterized by the features described herein. (Note 6) The aforementioned classification unit is It estimates user sentiment and adjusts threat classification criteria based on the estimated user sentiment. The system described in Appendix 1, characterized by the features described herein. (Note 7) The aforementioned classification unit is We analyze past threat data and determine classification priorities based on the frequency and impact of threats. The system described in Appendix 1, characterized by the features described herein. (Note 8) The aforementioned classification unit is Detailed subcategories are set based on the source of the threat and the attack method. The system described in Appendix 1, characterized by the features described herein. (Note 9) The aforementioned classification unit is It estimates the user's sentiment and adjusts the order in which threat classification results are displayed based on the estimated user sentiment. The system described in Appendix 1, characterized by the features described herein. (Note 10) The aforementioned classification unit is Classification is performed considering the geographical distribution of threats. The system described in Appendix 1, characterized by the features described herein. (Note 11) The aforementioned classification unit is Improve the accuracy of the classification by referring to relevant threat literature. The system described in Appendix 1, characterized by the features described herein. (Note 12) The aforementioned countermeasures unit, We estimate the user's emotions and adjust the timing of countermeasures based on the estimated user emotions. The system described in Appendix 1, characterized by the features described herein. (Note 13) The aforementioned countermeasures unit, By analyzing past countermeasure data, the optimal countermeasure is selected based on its effectiveness and implementation cost. The system described in Appendix 1, characterized by the features described herein. (Note 14) The aforementioned countermeasures unit, Apply different countermeasures depending on the type and severity of the threat. The system described in Appendix 1, characterized by the features described herein. (Note 15) The aforementioned countermeasures unit, It estimates user sentiment and determines the priority of countermeasures based on the estimated user sentiment. The system described in Appendix 1, characterized by the features described herein. (Note 16) The aforementioned countermeasures unit, Prioritize countermeasures based on when the threat occurred. The system described in Appendix 1, characterized by the features described herein. (Note 17) The aforementioned countermeasures unit, Take countermeasures by referring to relevant market data on threats. The system described in Appendix 1, characterized by the features described herein. (Note 18) The aforementioned implementation unit is We estimate user emotions and adjust the implementation of best practices based on those estimated emotions. The system described in Appendix 1, characterized by the features described herein. (Note 19) The aforementioned implementation unit is We analyze past implementation data and select the optimal implementation method based on the effectiveness and cost of the implementation. The system described in Appendix 1, characterized by the features described herein. (Note 20) The aforementioned implementation unit is When implementing best practices, apply different implementation methods depending on the type and impact of the threat. The system described in Appendix 1, characterized by the features described herein. (Note 21) The aforementioned implementation unit is Estimate user emotions and prioritize best practices based on those estimated emotions. The system described in Appendix 1, characterized by the features described herein. (Note 22) The aforementioned implementation unit is When implementing best practices, adjust the prioritization of implementation based on when the threat occurred. The system described in Appendix 1, characterized by the features described herein. (Note 23) The aforementioned implementation unit is When implementing best practices, refer to relevant market data on threats. The system described in Appendix 1, characterized by the features described herein. (Note 24) The evaluation unit, We estimate user emotions and adjust performance indicator evaluation criteria based on the estimated user emotions. The system described in Appendix 1, characterized by the features described herein. (Note 25) The evaluation unit, We analyze past evaluation data and optimize the evaluation method based on the accuracy and reliability of the evaluation. The system described in Appendix 1, characterized by the features described herein. (Note 26) The evaluation unit, When evaluating performance indicators, different evaluation methods should be applied depending on the type and impact of the threat. The system described in Appendix 1, characterized by the features described herein. (Note 27) The evaluation unit, The system estimates the user's emotions and adjusts how the evaluation results are displayed based on those estimated emotions. The system described in Appendix 1, characterized by the features described herein. (Note 28) The evaluation unit, When evaluating performance indicators, prioritize the evaluation based on when the threat occurred. The system described in Appendix 1, characterized by the features described herein. (Note 29) The evaluation unit, When evaluating performance indicators, the assessment will be conducted by referring to relevant market data on threats. The system described in Appendix 1, characterized by the features described herein. [Explanation of symbols]
[0181] 10, 210, 310, 410 Data Processing Systems 12 Data Processing Devices 14 Smart Devices 214 Smart Glasses 314 Headset-type terminal 414 Robots
Claims
1. A classification unit that categorizes threats to AI agents, A countermeasures unit that takes specific countermeasures against threats classified by the classification unit, An implementation unit that implements best practices based on the measures taken by the aforementioned countermeasures unit, The system includes an evaluation unit that evaluates performance indicators based on best practices implemented by the aforementioned implementation unit. A system characterized by the following features.
2. The aforementioned classification unit is Classify data privacy attacks, model theft, adversarial sampling attacks, supply chain attacks, and DoS / DDoS attacks. The system according to feature 1.
3. The aforementioned countermeasures unit, Implement data encryption, authentication and authorization protocols, model watermarking, adversarial sample protection, traffic filtering, and AI-enabled WAF. The system according to feature 1.
4. The aforementioned implementation unit is Threat intelligence, monitoring and log management, and regular penetration testing. The system according to feature 1.
5. The evaluation unit described above, Evaluate attack detection rate, average response time, and security event reduction rate. The system according to feature 1.
6. The aforementioned classification unit is It estimates user sentiment and adjusts threat classification criteria based on the estimated user sentiment. The system according to feature 1.
7. The aforementioned classification unit is We analyze past threat data and determine classification priorities based on the frequency and impact of threats. The system according to feature 1.
8. The aforementioned classification unit is Detailed subcategories are set based on the source of the threat and the attack method. The system according to feature 1.
9. The aforementioned classification unit is It estimates the user's sentiment and adjusts the order in which threat classification results are displayed based on the estimated user sentiment. The system according to feature 1.
10. The aforementioned classification unit is Classification is performed considering the geographical distribution of threats. The system according to feature 1.