Skip to content

Hide Navigation Hide TOC

Model Stealing (0f0da0cf-9922-55ee-9d1d-8cee4528fb8b)

In model stealing, the attackers can recreate the underlying model by legitimately querying the model. The functionality of the new model is the same as that of the underlying model. Example: in the BigML case, researchers were able to recover the model used to predict if someone should have a good/bad credit risk using 1,150 queries and within 10 minutes.

Threat-modeling question: Are we protected from model stealing attacks?

Cluster A Galaxy A Cluster B Galaxy B Level
Model Stealing (0f0da0cf-9922-55ee-9d1d-8cee4528fb8b) PLOT4ai Extract ML Model (f78e0ac3-6d72-42ed-b20a-e10d8c752cf6) MITRE ATLAS Attack Pattern 1
Exfiltration via ML Inference API (b07d147f-51c8-4eb6-9a05-09c86762a9c1) MITRE ATLAS Attack Pattern Extract ML Model (f78e0ac3-6d72-42ed-b20a-e10d8c752cf6) MITRE ATLAS Attack Pattern 2