AI Warfare

Abstract

Artificial intelligence (AI) is rapidly transforming military strategy, yet the idea of AI warfare remains loosely defined. This paper introduces a structured framework that views AI warfare as a form of strategic competition centred on algorithms, training datasets, AI-as-a-Service (AIaaS), and AI-generated content (AIGC). These technological instruments are used to influence adversaries’ decision-making and cognitive processes, while simultaneously undermining their defensive and command capacities. The analysis begins with the vulnerabilities of layered architecture of AI ecosystem—infrastructure, algorithm-data, foundation models, and applications—each containing vulnerabilities that can cascade through the system. AI systems also carry inherent limitations, such as unclear problem contexts, lack of creativity or emotional understanding, disembodiment, and weak collaboration between models. These traits distinguish AI warfare from conventional cyber operations and highlight why traditional cybersecurity measures often fall short. The proposed framework operates across three interlinked components: technological infrastructure—semiconductors, high‑performance computing, and high‑speed networks—sets the capability and flexibility of AI systems, while an opaque algorithm‑data core becomes a frontline where adversarial manipulations threaten reliability. At the operational level, AI is deployed through AIGC campaigns and AIaaS platforms, with feedback loops among these components driving continuous escalation and adaptation in AI warfare. Five critical focus areas emerge: (1) proprietary algorithms functioning as opaque “black boxes,” examined through a new Wargaming Design (WD) model using iterative red-blue team challenges; (2) vulnerable training datasets, tested for integrity via WD model’s consistency checks; (3) AIaaS platforms demanding security-by-design safeguards like role-based access and auditing; (4) AIGC as both an effective offensive tool and a potential source of self-sabotage; and (5) quantitative audience analysis to assess cognitive and behavioural outcomes. Defensive strategies include blockchain-based distributed architectures for resilience, secure interaction design, AI-native firewalls, interdisciplinary user/audience research drawing on sociology and psychology, and global governance structures akin to non-proliferation treaties. Through this approach, the paper explains why conventional defences fail against AI-specific threats. Future work will experimentally apply the WD model to existing AI systems, measuring its effectiveness in identifying algorithmic weaknesses and improving AI security. Ultimately, policymakers must balance the power of AI with the preservation of strategic stability and human agency.