Google’s AI Fight Club Will Train Systems to Defend Against Future Cyberattacks

“The bad guys will be using machine learning to automate their attacks, and we will be using machine learning to defend.”

7. 21. 17 by Dom Galeon
monsitj/Adobe Stock

Reinforcing AI Systems

When artificial intelligence (AI) is discussed today, most people are referring to machine learning algorithms or deep learning systems. While AI has advanced significantly over the years, the principle behind these technologies remains the same. Someone trains a system to receive certain data and asks it to produce a specified outcome — it’s up to the machine to develop its own algorithm to reach this outcome.

Alas, while we’ve been able to create some very smart systems, they are not foolproof. Yet.

Click to View Full Infographic

Data science competition platform Kaggle wants to prepare AI systems for super-smart cyberattacks, and they’re doing so by pitting AI against AI in a contest dubbed the Competition on Adversarial Attacks and Defenses. The battle is organized by Google Brain and will be part of the Neural Information Processing Systems (NIPS) Foundation’s 2017 competition track later this year.

This AI fight club will feature three adversarial challenges. The first (non-targeted adversarial attack) involves getting algorithms to confuse a machine learning system so it won’t work properly. Another battle (targeted adversarial attack) requires training one AI to force another to classify data incorrectly. The third challenge (defense against adversarial attacks) focuses on beefing up a smart system’s defenses.


“It’s a brilliant idea to catalyze research into both fooling deep neural networks and designing deep neural networks that cannot be fooled,” Jeff Clune, a University of Wyoming assistant professor whose own work involves studying the limits of machine learning systems, told the MIT Technology Review.

Responsible AI Development

AI is actually more pervasive now than most people think, and as computer systems have become more advanced, the use of machine learning algorithms has become more common. The problem is that the same smart technology can be used to undermine these systems.

“Computer security is definitely moving toward machine learning,” Google Brain researcher Ian Goodfellow told the MIT Technology Review. “The bad guys will be using machine learning to automate their attacks, and we will be using machine learning to defend.”

Training AI to fight malicious AI is the best way to prepare for these attacks, but that’s easier said than done. “Adversarial machine learning is more difficult to study than conventional machine learning,” explained Goodfellow. “It’s hard to tell if your attack is strong or if your defense is actually weak.”


The unpredictability of AI is one of the reasons some, including serial entrepreneur Elon Musk, are concerned that the tech may prove malicious in the future. They suggest that AI development be carefully monitored and regulated, but ultimately, it’s the people behind these systems and not the systems themselves that present the true threat.

In an effort to get ahead of the problem, the Institute of Electrical and Electronics Engineers has created guidelines for ethical AI, and groups like the Partnership on AI have also set up standards. Kaggle’s contest could illuminate new AI vulnerabilities that must be accounted for in future regulations, and by continuing to approach AI development cautiously, we can do more to ensure that the tech isn’t used for nefarious means in the future.

Care about supporting clean energy adoption? Find out how much money (and planet!) you could save by switching to solar power at By signing up through this link, may receive a small commission.

Share This Article

Keep up.
Subscribe to our daily newsletter to keep in touch with the subjects shaping our future.
I understand and agree that registration on or use of this site constitutes agreement to its User Agreement and Privacy Policy


Copyright ©, Camden Media Inc All Rights Reserved. See our User Agreement, Privacy Policy and Data Use Policy. The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with prior written permission of Futurism. Fonts by Typekit and Monotype.