Manipulate AI Model - AI Security Technique
AI Security TechniqueAdversaries may directly manipulate an AI model to change its behavior or introduce malicious code. Manipulating a model gives the adversary a persistent change in the system. This can include poisoning the model by changing its weights, modifying the model architecture to change its behavior, and embedding malware which may be executed when the model is loaded.
Overview
A source-backed snapshot of this AI security technique.
Technique details
Identifiers, maturity, and source taxonomy for this technique.
- ATLAS ID
- AML.T0018
- Maturity
- realized
- Priority score
- 104
Attack flow
How to read the public records connected to this technique.
Impact
Why this technique may deserve attention in the current dataset.
- Evidence levelrealized
- Mapped defenses3 ATLAS mitigation records
- Public examples0 linked case study records
- Research risks13 related MIT AI Risk records above the confidence threshold
- Vulnerabilities0 linked CVE records
Mitigations
Defenses that may help against this attack.
AML.M0013 - Code Signing
Code signing provides a guarantee that the model has not been manipulated after signing took place.
AML.M0005 - Control Access to AI Models and Data at Rest
Access controls can prevent tampering with AI artifacts and prevent unauthorized modification.
AML.M0008 - Validate AI Model
Validating an AI model against a wide range of adversarial inputs can help increase confidence that the model has not been manipulated.
Case studies
Examples from public reports and exercises.
Source evidence
Original public records and references for this page.
Original source
Original source links
Open the public records and source datasets used for this page.
