Safety Detectives: Please share your company background, how you got started, and your mission.
TrojAI: TrojAI provides cybersecurity solutions to protect AI systems from adversarial “data poisoning” and “model evasion” attacks. These attacks came to our attention through our previous work using computer vision to automate video surveillance systems for the early detection of weapons and disturbances. AI is uniquely vulnerable because the inputs to AI pipelines fall outside of traditional cybersecurity perimeters both during training and deployment, where it is possible to introduce adversarial noise that can influence model behaviors. Our team has an interesting mix of deep learning and cybersecurity professionals that have a passion for public safety.
SD: What is the main service your company offers?
TrojAI: We provide several tools that protect different points in the AI pipeline. We provide a robustness assessment that empirically measures how robust models are to long-tailed edge cases found in the real world, a data poisoning audit to identify possible embedded Trojan attacks, and an AI firewall to protect deployed models from out-of-distribution inputs.
SD: What is something unique that helps you stay ahead of your competition?
TrojAI: Unfortunately, there are fewer than 10 firms globally that focus on protecting AI systems. All of these companies are doing meaningful work and the solutions can actually be complementary. In this regard, we don’t view companies with DNA in protection as competition. That said, most are focused on protecting different disciplines of AI and we believe our approach to building tools that help data science teams protect computer vision and NLP models sets us apart.
SD: What do you think are the worst cyberthreats today?
TrojAI: AI is reorganizing our world daily like the web did in the early 90s, both sit on technology that was not created with security in mind and we have been dealing with that ever since. Cybersecurity for AI is the most significant problem we are facing over the next decade and we need more solutions to ensure we protect our current pace of innovation.