AI Supply Chain Access (03dce20b-b9fa-5d6f-a132-d2ad2bee778f)
- Malicious ML providers could query the model used by a customer and recover the customer’s training data. If the training process is either fully or partially outsourced to a malicious third party, this one could provide the user with a trained model that contains a backdoor.
Threat-modeling question: Could third-party AI/ML providers compromise our training data or insert backdoors?
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| AI Supply Chain Access (03dce20b-b9fa-5d6f-a132-d2ad2bee778f) | PLOT4ai | ML Supply Chain Compromise (d2cf31e0-a550-4fe0-8fdb-8941b3ac00d9) | MITRE ATLAS Attack Pattern | 1 |