Limit Public Release of Information - AI Mitigation
AI MitigationLimit the public release of technical information about the AI stack used in an organization's products or services. Technical knowledge of how AI is used can be leveraged by adversaries to perform targeting and tailor attacks to the target system. Additionally, consider limiting the release of organizational information - including physical locations, researcher names, and department structures - from which techn...
Overview
A source-backed snapshot of this defense.
Limit the public release of technical information about the AI stack used in an organization's products or services. Technical knowledge of how AI is used can be leveraged by adversaries to perform targeting and tailor attacks to the target system. Additionally, consider limiting the release of organizational information - including physical locations, researcher names, and department structures - from which technical details such as AI techniques, model architectures, or datasets may be inferred.
Safeguard details
Where this defense applies and how the source classifies it.
- ATLAS ID
- AML.M0000
- Priority score
- 35
Covered techniques
Attacks this defense is designed to help with.
AML.T0002 - Acquire Public AI Artifacts
Limit the release of sensitive information in the metadata of deployed systems and publicly available applications.
AML.T0005 - Create Proxy AI Model
Limiting release of technical information about a model and training data can reduce an adversary's ability to create an accurate proxy model.
AML.T0004 - Search Application Repositories
Limit the release of sensitive information in the metadata of deployed systems and publicly available applications.
AML.T0000 - Search Open Technical Databases
Limit the connection between publicly disclosed approaches and the data, models, and algorithms used in production.
Showing 4 of 7
Source evidence
Original public records and references for this page.
Original source
Original source links
Open the public records and source datasets used for this page.
