CanSecWest 2024

Presentations

From March 20 to 22

Marta Janus Robert Yuen Marta Janus Robert Yuen

Malice in Chains: Supply Chain Attacks using Machine Learning Models

This past year marked a rapid acceleration in the adoption of artificial intelligence. As AI-based solutions have started to dominate the market, a new cyber attack vector opened up taking CISOs by surprise: the exploitation of the underlying machine-learning models. These models are often treated as black boxes that process the input data and compute the output, communicating with users through an API/UI while their internals are hidden away. However, it is crucial to understand that these models are essentially code - and as such, can be manipulated in unexpected and potentially malicious ways.

Read More