Vulnerability Scanning - AI Mitigation
AI MitigationVulnerability scanning is used to find potentially exploitable software vulnerabilities to remediate them. File formats such as pickle files that are commonly used to store AI models can contain exploits that allow for arbitrary code execution. These files should be scanned for potentially unsafe calls, which could be used to execute code, create new processes, or establish networking capabilities. Adversaries may...
Overview
A source-backed snapshot of this defense.
Vulnerability scanning is used to find potentially exploitable software vulnerabilities to remediate them.
File formats such as pickle files that are commonly used to store AI models can contain exploits that allow for arbitrary code execution. These files should be scanned for potentially unsafe calls, which could be used to execute code, create new processes, or establish networking capabilities. Adversaries may embed malicious code in model corrupt model files, so scanners should be capable of working with models that cannot be fully de-serialized. Model artifacts, downstream products produced by models, and external software dependencies should be scanned for known vulnerabilities.
Safeguard details
Where this defense applies and how the source classifies it.
- ATLAS ID
- AML.M0016
- ATT&CK external ID
- M1016
- Priority score
- 15
Covered techniques
Attacks this defense is designed to help with.
AML.T0011.001 - Malicious Package
Vulnerability scanning can help identify malicious packages and prevent user execution.
AML.T0011.000 - Unsafe AI Artifacts
Vulnerability scanning can help identify malicious AI artifacts, such as models or data, and prevent user execution.
AML.T0011 - User Execution
Vulnerability scanning can help identify malicious binaries and prevent user execution.
Source evidence
Original public records and references for this page.
Original source
Original source links
Open the public records and source datasets used for this page.
