Attribute inference attack

Record summary

A quick snapshot of what this page covers.

Techniques9Attack methods connected to this risk.

Mitigations17Defenses that may help with related attacks.

Domain2. Privacy & SecurityThe broad risk area this belongs to.

Risk profile

How this risk is described and categorized.

Domain2. Privacy & Security

Subdomain2.2 > AI system security vulnerabilities and attacks

Entity1 - Human

Intent1 - Intentional

Timing2 - Post-deployment

CategoryInference risks (Privacy)

SubcategoryAttribute inference attack

Related techniques

Attack methods connected to this risk.

AML.T0044 - Full AI Model Access

demonstrated

Methodtaxonomy_keyword_ruleConfidence60%

AML.T0107 - Exploitation for Defense Evasion

demonstrated

Methodtaxonomy_keyword_ruleConfidence59%

AML.T0043.001 - Black-Box Optimization

demonstrated

Methodtext_similarity_sqliteConfidence55%

AML.T0048.004 - AI Intellectual Property Theft

realized

Methodtaxonomy_keyword_ruleConfidence55%

AML.T0084.001 - Tool Definitions

demonstrated

Methodtaxonomy_keyword_ruleConfidence55%

AML.T0043.004 - Insert Backdoor Trigger

demonstrated

Methodtaxonomy_keyword_ruleConfidence55%

AML.T0011.000 - Unsafe AI Artifacts

realized

Methodtaxonomy_keyword_ruleConfidence55%

AML.T0013 - Discover AI Model Ontology

demonstrated

Methodtext_similarity_sqliteConfidence54%

AML.T0014 - Discover AI Model Family

feasible

Methodtext_similarity_sqliteConfidence53%

Suggested mitigations

Defenses that may help with related attacks.

Control Access to AI Models and Data at Rest

Business and Data UnderstandingData Preparation+2 more

LifecycleBusiness and Data Understanding + 3 moreCategoryPolicy

AI Model Distribution Methods

Deployment

LifecycleDeploymentCategoryPolicy

Passive AI Output Obfuscation

DeploymentML Model Evaluation

LifecycleDeployment + 1 moreCategoryTechnical - ML

Model Hardening

Data PreparationML Model Engineering

LifecycleData Preparation + 1 moreCategoryTechnical - ML

Restrict Number of AI Model Queries

Business and Data UnderstandingDeployment+1 more

LifecycleBusiness and Data Understanding + 2 moreCategoryTechnical - Cyber

Use Ensemble Methods

ML Model Engineering

LifecycleML Model EngineeringCategoryTechnical - ML

Input Restoration

Data PreparationML Model Evaluation+2 more

LifecycleData Preparation + 3 moreCategoryTechnical - ML

Adversarial Input Detection

Data PreparationML Model Engineering+3 more

LifecycleData Preparation + 4 moreCategoryTechnical - ML

Control Access to AI Models and Data in Production

DeploymentMonitoring and Maintenance

LifecycleDeployment + 1 moreCategoryPolicy

Encrypt Sensitive Information

Data PreparationML Model Engineering+1 more

LifecycleData Preparation + 2 moreCategoryTechnical - Cyber

Validate AI Model

ML Model EvaluationMonitoring and Maintenance

LifecycleML Model Evaluation + 1 moreCategoryTechnical - ML

Restrict Library Loading

Deployment

LifecycleDeploymentCategoryTechnical - Cyber

Code Signing

Deployment

LifecycleDeploymentCategoryTechnical - Cyber

Verify AI Artifacts

Business and Data UnderstandingData Preparation+1 more

LifecycleBusiness and Data Understanding + 2 moreCategoryTechnical - Cyber

Vulnerability Scanning

ML Model EngineeringData Preparation

LifecycleML Model Engineering + 1 moreCategoryTechnical - Cyber

User Training

Business and Data UnderstandingData Preparation+4 more

LifecycleBusiness and Data Understanding + 5 moreCategoryPolicy

AI Bill of Materials

Business and Data UnderstandingData Preparation+1 more

LifecycleBusiness and Data Understanding + 2 moreCategoryPolicy

Source

Research source for this risk, when available.

Included resource

AI Risk Atlas

AuthorsIBMYear2025TypeWebsite

URLhttps://www.ibm.com/docs/en/watsonx/saas?topic=ai-risk-atlas

Original source

MIT AI Risk Repository

Open the public repository used for AI risk records and taxonomy fields.

Repositoryhttps://airisk.mit.edu/