APromptRiskDBThreat intelligence atlas
AI Security Technique

Discover AI Model Family - AI Security Technique

Adversaries may discover the general family of model. General information about the model may be revealed in documentation, or the adversary may use carefully constructed examples and analyze the model's responses to categorize it. Knowledge of the model family can help the adversary identify means of attacking the model and help tailor the attack.

View mitigationsRead context
AI Security TechniquefeasibleDiscovery

Record summary

A quick snapshot of what this page covers.

Tactics1Attacker goals connected to this method.
Mitigations3Defenses that may help against this attack.
AI risks0Research-backed risks connected to this topic.

Attack context

How this AI attack works in practice.

ATLAS ID
AML.T0014
Priority score
19
Maturity: feasible
Discovery

Mitigations

Defenses that may help against this attack.

AML.M0002 - Passive AI Output Obfuscation

DeploymentML Model Evaluation
LifecycleDeployment + 1 moreCategoryTechnical - ML

Suggested approaches:

  • Restrict the number of results shown
  • Limit specificity of output class ontology
  • Use randomized smoothing techniques
  • Reduce the precision of numerical outputs

AML.M0004 - Restrict Number of AI Model Queries

Business and Data UnderstandingDeployment+1 more
LifecycleBusiness and Data Understanding + 2 moreCategoryTechnical - Cyber

Limit the amount of information an attacker can learn about a model's ontology through API queries.

AML.M0006 - Use Ensemble Methods

ML Model Engineering
LifecycleML Model EngineeringCategoryTechnical - ML

Use multiple different models to fool adversaries of which type of model is used and how the model used.

Case studies

Examples from public reports and exercises.

No case studies found. No public example is connected to this attack in the current data.

Related risks

Research-backed risks connected to this topic.

No related AI risks. No research risk is connected to this topic in the current data.

Related CVEs

Known software flaws linked to this context.

No related CVEs. No software flaw is connected to this attack in the current data.

Source

Where this page information comes from.