Models (292ebe33-addc-4fe7-b2a9-4856293c4c96)
Adversaries may acquire public models to use in their operations. Adversaries may seek models used by the victim organization or models that are representative of those used by the victim organization. Representative models may include model architectures, or pre-trained models which define the architecture as well as model parameters from training on a dataset. The adversary may search public sources for common model architecture configuration file formats such as YAML or Python configuration files, and common model storage file formats such as ONNX (.onnx), HDF5 (.h5), Pickle (.pkl), PyTorch (.pth), or TensorFlow (.pb, .tflite).
Acquired models are useful in advancing the adversary's operations and are frequently used to tailor attacks to the victim model.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Models (292ebe33-addc-4fe7-b2a9-4856293c4c96) | MITRE ATLAS Attack Pattern | Acquire Public ML Artifacts (b41c38e9-80ca-421e-85c3-064440e12834) | MITRE ATLAS Attack Pattern | 1 |