DOI:
https://doi.org/10.14483/22487638.23438Publicado:
01-06-2026Número:
Vol. 30 Núm. 88 (2026): Abril - JunioSección:
ReflexiónOportunidades del Aprendizaje Automático Adversarial (AML) para fortalecer la ciberseguridad de la IA en el contexto colombiano
Opportunities of Adversarial Machine Learning for Strengthening Cybersecurity of AI in Colombian context
Palabras clave:
Aprendizaje Automático Adversarial, ciberseguridad, ataque cibernético, defensa cibernética, Inteligencia Artificial, inyección de prompt (es).Palabras clave:
Adversarial Machine Learning, Cybersecurity, Cyberattack, cyber defenses, Artificial Intelligence, prompt injection (en).Descargas
Resumen (es)
Objetivo: revisar los fundamentos del Aprendizaje Automático Adversarial (AML) y evaluar su potencial para el refuerzo de la ciberseguridad en sistemas de Inteligencia Artificial (IA) en Colombia. Metodología: se realizó una revisión documental analítica sobre ataques adversariales tradicionales y vulnerabilidades emergentes, con énfasis en la IA Generativa (inyección de prompt). Posteriormente, se analizó el marco regulatorio local (CONPES 4144) y se evaluaron cuatro casos de estudio representativos en los sectores de salud, agricultura, planeación pública y asistentes virtuales corporativos (chatbots).
Resultados: los sistemas de IA en Colombia enfrentan riesgos críticos que abarcan desde el fraude predictivo hasta la exfiltración de datos en Modelos de Lenguaje Grande (LLMs). Para mitigar estas amenazas es imperativo transitar hacia arquitecturas de seguridad por diseño y aplicar estrategias de AML adaptadas al entorno. Conclusiones: la integración segura de la IA en el país requiere superar barreras estructurales significativas como la limitación presupuestal de las MiPymes, la escasez de talento técnico especializado y la actual fragmentación regulatoria. Superar estos retos dependerá de una colaboración estrecha entre el gobierno, el sector privado y la academia para consolidar un entorno digital resiliente.
Resumen (en)
Objective: To review the fundamentals of Adversarial Machine Learning (AML) and evaluate its potential to strengthen the cybersecurity of Artificial Intelligence (AI) systems in Colombia. Methodology: An analytical documentary review was conducted on traditional adversarial attacks and emerging vulnerabilities, focusing on Generative AI (prompt injection). Subsequently, the local regulatory framework (CONPES 4144) was analyzed, and four representative case studies were evaluated in the healthcare, agriculture, public planning, and corporate virtual assistants (chatbots) sectors.
Results: AI systems in Colombia face critical risks ranging from predictive fraud to data exfiltration in Large Language Models (LLMs). To mitigate these threats, it is imperative to transition towards security-by-design architectures and apply AML strategies adapted to the environment. Conclusions: The secure integration of AI in the country requires overcoming significant structural barriers, such as the budget limitations of MSMEs, the shortage of specialized technical talent, and current regulatory fragmentation. Overcoming these challenges will depend on close collaboration among the government, the private sector, and academia to consolidate a resilient digital environment.
Referencias
[1] Fedesoft, “Colombia avanza en la adopción de la Inteligencia Artificial Generativa,” Fedesoft. Accessed: Apr. 16, 2026. [Online]. Available: https://fedesoft.org/colombia-avanza-en-la-adopcion-de-la-inteligencia-artificial-generativa-el-29-de-las-empresas-estan-en-fase-de-experimentacion-activa-revela-sondeo-de-fedesoft/
[2] Stanford HAI, “The 2026 AI Index Report,” Stanford University Human-Centered Artificial Intelligence. Accessed: Apr. 16, 2026. [Online]. Available: https://hai.stanford.edu/ai-index/2026-ai-index-report
[3] IBM, “IBM 2026 X-Force Threat Index: AI-Driven Attacks are Escalating as Basic Security Gaps Leave Enterprises Exposed,” IBM Newsroom. Accessed: Apr. 16, 2026. [Online]. Available: https://newsroom.ibm.com/2026-02-25-ibm-2026-x-force-threat-index-ai-driven-attacks-are-escalating-as-basic-security-gaps-leave-enterprises-exposed
[4] P. Girnus, V. Ciancaglini, M. Swimmer, D. Fiser, A. Oliveira, and B. Zigh, “Fault Lines in the AI Ecosystem: TrendAITM State of AI Security Report | Trend Micro (US),” Trend. Accessed: Apr. 16, 2026. [Online]. Available: https://www.trendmicro.com/vinfo/us/security/news/threat-landscape/fault-lines-in-the-ai-ecosystem-trendai-state-of-ai-security-report
[5] G. F. Petro Urrego et al., CONPES 4144: POLÍTICA NACIONAL DE INTELIGENCIA ARTIFICIAL. 2025. [Online]. Available: https://colaboracion.dnp.gov.co/CDT/Conpes/Econ%C3%B3micos/4144.pdf
[6] A. Vassilev, A. Oprea, A. Fordyce, H. Anderson, X. Davies, and M. Hamin, “Adversarial Machine Learning: A Taxonomy and Terminology of Attacks and Mitigations,” National Institute of Standards and Technology, Gaithersburg, MD, NIST AI 100-2e2025, 2025. doi: https://doi.org/10.6028/NIST.AI.100-2e2025
[7] OWASPGenAIProject Editor, “LLM01:2025 Prompt Injection,” OWASP Gen AI Security Project. Accessed: Apr. 15, 2026. [Online]. Available: https://genai.owasp.org/llmrisk/llm01-prompt-injection/
[8] A. Paverd, “How Microsoft defends against indirect prompt injection attacks,” Microsoft. Accessed: Apr. 16, 2026. [Online]. Available: https://www.microsoft.com/en-us/msrc/blog/2025/07/how-microsoft-defends-against-indirect-prompt-injection-attacks
[9] J. Zea, “Arkangel Ai AI use cases for HealthCare.” Aug. 15, 2025. [Online]. Available: https://arkangel.ai/en/research/arkangel-ai-predictive-models-reduce-hospital-admissions-45-68-million-chronic-patients
[10] “Sobre Demetria,” Demetria. Accessed: Apr. 16, 2026. [Online]. Available: https://www.demetria.ag/colombia/sobre-a-demetria
[11] Emilio, “Machine Learning enhances Public Policy in Colombia,” Technology and Operations Management. Accessed: Apr. 16, 2026. [Online]. Available: https://d3.harvard.edu/platform-rctom/submission/machine-learning-enhances-public-policy-in-colombia/
[12] News Center Microsoft Latinoamérica, “Grupo Aval y Microsoft se unen para impulsar la revolución de la inteligencia artificial en todas sus entidades,” News Center Latinoamérica. Accessed: Apr. 16, 2026. [Online]. Available: https://news.microsoft.com/es-xl/grupo-aval-y-microsoft-se-unen-para-impulsar-la-revolucion-de-la-inteligencia-artificial-en-todas-sus-entidades/
[13] R. R. Wiyatno, A. Xu, O. Dia, and A. de Berker, “Adversarial Examples in Modern Machine Learning: A Review,” Nov. 15, 2019, arXiv: arXiv:1911.05268. doi: https://doi.org/10.48550/arXiv.1911.05268
[14] I. J. Goodfellow, J. Shlens, and C. Szegedy, “Explaining and Harnessing Adversarial Examples,” Mar. 20, 2015, arXiv: arXiv:1412.6572. doi: https://doi.org/10.48550/arXiv.1412.6572
[15] L. Birch, “AI Under Attack: Six Key Adversarial Attacks and Their Consequences,” Mindgard. Accessed: Apr. 16, 2026. [Online]. Available: https://mindgard.ai/blog/ai-under-attack-six-key-adversarial-attacks-and-their-consequences
[16] S. Gulyamov et al., “Prompt Injection Attacks in Large Language Models and AI Agent Systems: A Comprehensive Review of Vulnerabilities, Attack Vectors, and Defense Mechanisms,” Information, vol. 17, no. 1, p. 54, Jan. 2026, doi: https://doi.org/10.3390/info17010054
[17] The MITRE Corporation, “Case Studies | MITRE ATLASTM.” Accessed: Apr. 16, 2026. [Online]. Available: https://atlas.mitre.org/studies
[18] Ley 2502 de 2025 Congreso de la República de Colombia. Accessed: Apr. 16, 2026. [Online]. Available: https://www.alcaldiabogota.gov.co/sisjur/normas/Norma1.jsp?dt=S&i=188454
[19] MINCIENCIAS, Proyecto de Ley "Por medio del cual se regula la inteligencia artificial en Colombia para garantizar su desarrollo ético y responsable y se dictan otras disposiciones”. 2025. Accessed: Apr. 16, 2026. [Online]. Available: https://minciencias.gov.co/sites/default/files/upload/noticias/pl_ia_finalizado.pdf
[20] A. S. Barliza, I. C. Gómez, J. M. Caballero, and S. V. Muñoz, “Towards a National Artificial Intelligence Policy in Colombia: A Comparative Analysis of International Frameworks,” OnBoard Knowl. J., pp. 1–13, Feb. 2026, doi: https://doi.org/10.70554/OBJK2025.v01n01.02
[21] S. Defelipe Díaz, “IA en Colombia: Innovación y casos de éxito reciente,” Impacto TIC. Accessed: Apr. 16, 2026. [Online]. Available: https://impactotic.co/inteligencia-artificial/ia-en-colombia-innovacion-y-casos-de-exito-reciente/
[22] Forbes Staff, “Colombia sigue siendo el país con más ataques de ciberseguridad en Latinoamérica, según IBM,” Forbes Colombia. Accessed: Apr. 16, 2026. [Online]. Available: https://forbes.co/2024/02/28/tecnologia/colombia-es-el-pais-con-mas-ataques-de-ciberseguridad-en-latinoamerica/
[23] J. Zea, “2024_Hippocrates_Ark_Whitepaper.” Aug. 15, 2025. [Online]. Available: https://arkangel.ai/en/research/no-code-hippocrates-automl-builds-pediatric-leukemia-ai-models-tenfold-faster
[24] J. Cock, D. Jiménez, H. Dorado, and T. Oberthür, “Operations research and machine learning to manage risk and optimize production practices in agriculture: good and bad experience,” Curr. Opin. Environ. Sustain., vol. 62, p. 101278, Jun. 2023, doi: https://doi.org/10.1016/j.cosust.2023.101278
[25] C. A. Ramírez Gómez, “Aplicación del Machine Learning en agricultura de precisión,” Rev. CINTEX, vol. 25, no. 2, pp. 14–27, Dec. 2020, doi: https://doi.org/10.33131/24222208.356
[26] L. Talero-Sarmiento, S. Roa-Prada, L. Caicedo-Chacon, and O. Gavanzo-Cardenas, “A Data-Driven Approach to Improve Cocoa Crop Establishment in Colombia: Insights and Agricultural Practice Recommendations from an Ensemble Machine Learning Model,” AgriEngineering, vol. 7, no. 1, p. 6, Jan. 2025, doi: https://doi.org/10.3390/agriengineering7010006
[27] J. D. Ayazo, “Formación gratuita en ciencia de datos e IA – Convocatorias,” Impacto TIC. Accessed: Apr. 16, 2026. [Online]. Available: https://impactotic.co/innovacion/convocatorias-tic/oportunidad-para-formarse-de-manera-gratuita-en-ciencia-de-datos-e-ia-convocatorias/
[28] Redacción Canal Trece Colombia, “Inteligencia Artificial hecha en Colombia: empresas y creadores que están marcando la diferencia | Canal Trece.” Accessed: Apr. 16, 2026. [Online]. Available: https://canaltrece.com.co/noticias/inteligencia-artificial-hecha-en-colombia-empresas-y-creadores-que-estan-marcando-la-diferencia/
[29] J. E. Fonseca Núñez and Nestlé Global Cyber SOC, “Adversarial Machine Learning for Cyber Security,” MASTER’S DEGREE THESIS, Universitat Politecnica de Catalunya Barcelonatech, 2022. [Online]. Available: https://upcommons.upc.edu/server/api/core/bitstreams/5a8cde84-4c2c-4ee4-9a2b-ac74cbca634c/content
[30] S. G. Finlayson, J. D. Bowers, J. Ito, J. L. Zittrain, A. L. Beam, and I. S. Kohane, “Adversarial attacks on medical machine learning,” Science, vol. 363, no. 6433, pp. 1287–1289, Mar. 2019, doi: https://doi.org/10.1126/science.aaw4399
[31] P. Reddy and A. S. Gujral, “EchoLeak: The First Real-World Zero-Click Prompt Injection Exploit in a Production LLM System,” Sep. 06, 2025, arXiv: arXiv:2509.10540. doi: https://doi.org/10.1609/aaaiss.v7i1.36899
[32] G. Tziakouris and Y. Kramarz, “Prompt injection is the new SQL injection, and guardrails aren’t enough,” Cisco Blogs. Accessed: Apr. 16, 2026. [Online]. Available: https://blogs.cisco.com/ai/prompt-injection-is-the-new-sql-injection-and-guardrails-arent-enough
[33] IBM, “Cost of a data breach 2025 | IBM.” Accessed: Apr. 16, 2026. [Online]. Available: https://www.ibm.com/reports/data-breach
[34] P. Bountakas, A. Zarras, A. Lekidis, and C. Xenakis, “Defense strategies for Adversarial Machine Learning: A survey,” Comput. Sci. Rev., vol. 49, p. 100573, Aug. 2023, doi: https://doi.org/10.1016/j.cosrev.2023.100573
[35] G. W. Muoka et al., “A Comprehensive Review and Analysis of Deep Learning-Based Medical Image Adversarial Attack and Defense,” Mathematics, vol. 11, no. 20, p. 4272, Jan. 2023, doi: https://doi.org/10.3390/math11204272
[36] Y. Wang et al., “Adversarial Attacks and Defenses in Machine Learning-Powered Networks: A Contemporary Survey,” arXiv.org. Accessed: Apr. 16, 2026. [Online]. Available: https://arxiv.org/abs/2303.06302v1
[37] M. Russinovich, A. Salem, S. Zanella-Béguelin, and Y. Zunger, “The Price of Intelligence: Three risks inherent in LLMs,” Queue, vol. 22, no. 6, pp. 38–61, Dec. 2024, doi: https://doi.org/10.1145/3711679
[38] K. Hines, G. Lopez, M. Hall, F. Zarfati, Y. Zunger, and E. Kiciman, “Defending Against Indirect Prompt Injection Attacks With Spotlighting,” Mar. 20, 2024, arXiv: arXiv:2403.14720. doi: https://doi.org/10.48550/arXiv.2403.14720
[39] “Project Glasswing: Securing critical software for the AI era,” Anthropic. Accessed: Apr. 16, 2026. [Online]. Available: https://www.anthropic.com/glasswing
Cómo citar
APA
ACM
ACS
ABNT
Chicago
Harvard
IEEE
MLA
Turabian
Vancouver
Descargar cita
Licencia
Derechos de autor 2026 Felipe Santiago Valderrama Ballesteros, Juan Manuel Cortés Jiménez, Jorge Eliecer Camargo Mendoza
Esta obra está bajo una licencia internacional Creative Commons Atribución-CompartirIgual 4.0.
Esta licencia permite a otros remezclar, adaptar y desarrollar su trabajo incluso con fines comerciales, siempre que le den crédito y concedan licencias para sus nuevas creaciones bajo los mismos términos. Esta licencia a menudo se compara con las licencias de software libre y de código abierto “copyleft”. Todos los trabajos nuevos basados en el tuyo tendrán la misma licencia, por lo que cualquier derivado también permitirá el uso comercial. Esta es la licencia utilizada por Wikipedia y se recomienda para materiales que se beneficiarían al incorporar contenido de Wikipedia y proyectos con licencias similares.
