Currently free during beta - premium features coming soon. Subscribe now to lock in early access.

arXiv: SoK: Attack and Defense Landscape of Mobile On-device AI Systems

AI_SAFETY AI Security & Safety · · arxiv_cscr

AI Analysis

This publication is a systematic academic review, not a regulatory change. It surveys the security and privacy vulnerabilities of on-device AI systems, such as those running on smartphones, wearables, and IoT devices. The paper categorizes attack vectors, including model extraction, data poisoning, and adversarial inputs, alongside existing defense mechanisms. It does not introduce new legal obligations but provides a technical landscape that may inform future regulatory guidance under the EU AI Act and related frameworks.

Organizations deploying on-device AI in consumer electronics, healthcare, automotive, or financial services should take note. Compliance teams in these sectors must consider how these documented threats could affect their AI system’s risk classification, transparency obligations, and conformity assessments under the AI Act. The paper highlights that on-device processing, while privacy-preserving in principle, introduces unique attack surfaces that may require additional technical safeguards.

Compliance teams should review their AI risk management processes to ensure they account for on-device threats, particularly model integrity and data confidentiality. Engage engineering teams to map the paper’s attack taxonomy against your deployed systems. Update internal documentation and, where relevant, prepare for potential regulatory scrutiny by documenting mitigation measures. Monitor the European Commission’s guidance on AI security for any alignment with these findings.

Get notified about AI_SAFETY changes

Subscribe to our free weekly digest covering 24 compliance frameworks.