Record summary
A quick snapshot of what this page covers.
Control summary
What this defense is meant to help prevent.
- ATLAS ID
- AML.M0019
- Priority score
- 55
Covered techniques
Attacks this defense is designed to help with.
AML.T0040 - AI Model Inference API Access
Adversaries can use unrestricted API access to gain information about a production system, stage attacks, and introduce malicious data to the system.
AML.T0043.001 - Black-Box Optimization
Access controls on model APIs can deny adversaries the access required for black-box optimization methods.
AML.T0034 - Cost Harvesting
Access controls can limit API access and prevent cost harvesting.
AML.T0043 - Craft Adversarial Data
Access controls on model APIs can restricts an adversary's access required to generate adversarial data.
AML.T0005 - Create Proxy AI Model
Access controls on models APIs can reduce an adversary's ability to produce an accurate proxy model.
AML.T0029 - Denial of AI Service
Access controls on model APIs can prevent an adversary from excessively querying and disabling the system.
AML.T0063 - Discover AI Model Outputs
Controlling access to the model in production can help prevent adversaries from inferring information from the model outputs.
AML.T0024 - Exfiltration via AI Inference API
Adversaries can use unrestricted API access to build a proxy training dataset and reveal private information.
AML.T0051 - LLM Prompt Injection
Use access controls in production to prevent adversaries from injecting malicious prompts.
AML.T0046 - Spamming AI System with Chaff Data
Authentication on production models can help prevent anonymous chaff data spam.
AML.T0042 - Verify Attack
Use access controls in production to prevent adversary's ability to verify attack efficacy.
Source
Where this page information comes from.
Original source
Original source links
Open the public records and source datasets used for this page.