AI Model Extraction Attacks: Bypassing Single-Client Assumptions in Defenses

Ensuring the protection of Artificial Intelligence AI models deployed in military Command and Control C2 systems and critical infrastructure is essential for maintaining information superiority. Model Extraction Attacks MEAs pose a significant threat, as they enable adversaries to replicate...

Anthropic Claims Chinese AI Firms ‘Distilled’ Claude to Train Their Models

Anthropic claims Chinese AI firms distilled Claude to train rival AI models, raising concerns about model extraction, security risks, and AI distillation abuse...

Breaking SafetyCore: Exploring the Risks of On-Device AI Deployment

Due to hardware and software improvements, an increasing number of AI models are deployed on-device. This shift enhances privacy and reduces latency, but also introduces security risks distinct from traditional software. In this article, we examine these risks through the real-world case study of...

Measuring the Vulnerability Disclosure Policies of AI Vendors

As AI is increasingly integrated into products and critical systems, researchers are paying greater attention to identifying related vulnerabilities. Effective remediation depends on whether vendors are willing to accept and respond to AI vulnerability reports. In this paper, we examine the...

LLM4MEA: Data-Free Model Extraction Attacks on Sequential Recommenders Via Large Language Models

Recent studies have demonstrated the vulnerability of sequential recommender systems to Model Extraction Attacks MEAs. MEAs collect responses from recommender systems to replicate their functionality, enabling unauthorized deployments and posing critical privacy and security risks. Black-box...

Entangled Threats: a Unified Kill Chain Model for Quantum Machine Learning Security

Quantum Machine Learning QML systems inherit vulnerabilities from classical machine learning while introducing new attack surfaces rooted in the physical and algorithmic layers of quantum computing. Despite a growing body of research on individual attack vectors - ranging from adversarial poisoni...

BarkBeetle: Stealing Decision Tree Models with Fault Injection

Machine learning models, particularly decision trees DTs, are widely adopted across various domains due to their interpretability and efficiency. However, as ML models become increasingly integrated into privacy-sensitive applications, concerns about their confidentiality have grown, particularly...

CEGA: a Cost-Effective Approach for Graph-Based Model Extraction and Acquisition

Graph Neural Networks GNNs have demonstrated remarkable utility across diverse applications, and their growing complexity has made Machine Learning as a Service MLaaS a viable platform for scalable deployment. However, this accessibility also exposes GNN to serious security threats, most notably...

GradEscape: a Gradient-Based Evader against AI-Generated Text Detectors

In this paper, we introduce GradEscape, the first gradient-based evader designed to attack AI-generated text AIGT detectors. GradEscape overcomes the undifferentiable computation problem, caused by the discrete nature of text, by introducing a novel approach to construct weighted embeddings for t...

MISLEADER: Defending against Model Extraction with Ensembles of Distilled Models

Model extraction attacks aim to replicate the functionality of a black-box model through query access, threatening the intellectual property IP of machine-learning-as-a-service MLaaS providers. Defending against such attacks is challenging, as it must balance efficiency, robustness, and utility...

RADEP: a Resilient Adaptive Defense Framework against Model Extraction Attacks

Machine Learning as a Service MLaaS enables users to leverage powerful machine learning models through cloud-based APIs, offering scalability and ease of deployment. However, these services are vulnerable to model extraction attacks, where adversaries repeatedly query the application programming...

Evaluating Query Efficiency and Accuracy of Transfer Learning-Based Model Extraction Attack in Federated Learning

Federated Learning FL is a collaborative learning framework designed to protect client data, yet it remains highly vulnerable to Intellectual Property IP threats. Model extraction ME attacks pose a significant risk to Machine Learning as a Service MLaaS platforms, enabling attackers to replicate...

On the Interplay of Explainability, Privacy and Predictive Performance with Explanation-Assisted Model Extraction

Machine Learning as a Service MLaaS has gained important attraction as a means for deploying powerful predictive models, offering ease of use that enables organizations to leverage advanced analytics without substantial investments in specialized infrastructure or expertise. However, MLaaS...

Deep Java Library path traversal issue

Summary Deep Java Library DJL is an open-source, high-level, engine-agnostic Java framework for deep learning. DJL is designed to be easy to get started with and simple to use for Java developers. DJL provides a native Java development experience and functions like any other regular Java library...

Model Extraction from Neural Networks

A new paper, "Polynomial Time Cryptanalytic Extraction of Neural Network Models," by Adi Shamir and others, uses ideas from differential cryptanalysis to extract the weights inside a neural network using specific queries and their results. This is much more theoretical than practical, but its a...

Model Extraction Attack on Neural Networks

Adi Shamir et al. have a new model extraction attack on neural networks: Polynomial Time Cryptanalytic Extraction of Neural Network Models Abstract: Billions of dollars and countless GPU hours are currently spent on training Deep Neural Networks DNNs for a variety of tasks. Thus, it is essential ...

Brother Printer Detection (PJL)

Printer Job Language PJL based detection of Brother printer devices. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

Riverbed SteelHead Detection (SSH)

Detection of Riverbed SteelHead. The script tries to log in to Riverbed SteelHead and execute SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...