An attack has occurred on an AI system that has been in use for two...

When an AI system experiences an attack after being in production for an extended period, the most effective mitigation strategy is to update the deployed training data with new adversarial data. This process strengthens the model’s resilience by retraining it to recognize and resist attack vectors that were previously unknown or unaccounted for. According to the AI Security Management™ (AAISM) framework, risk mitigation for AI systems must address model robustness through adversarial retraining, data quality improvement, and model lifecycle hardening rather than relying solely on reactive measures.

Why Option B is Correct:

Incorporating adversarial examples into the training set enhances the system’s ability to correctly classify and withstand malicious inputs.

This approach directly mitigates the vulnerability exploited in the attack and supports a proactive, continuous risk management cycle.

Why Other Options Are Incorrect:

Option A: Monitoring helps detect suspicious activity but does not resolve the underlying vulnerability.

Option C: Concealing confidence scores may reduce model transparency but does not address the attack mechanism or its root cause.

Option D: Implementing access controls protects the model’s architecture but does not improve model robustness against input manipulation attacks.

Exact Extract from Official AAISM Study Guide:

“AI risk management requires continuous improvement following incidents. After an adversarial or data poisoning event, the preferred risk treatment involves retraining the model using adversarial data and updated datasets to enhance robustness. This ensures the AI model adapts to evolving threat landscapes rather than merely restricting access or obscuring outputs.”