Security News

New Attack Technique 'Sleepy Pickle' Targets Machine Learning Models
2024-06-13 14:08

The security risks posed by the Pickle format have once again come to the fore with the discovery of a new "hybrid machine learning (ML) model exploitation technique" dubbed Sleepy Pickle. The...

Applying DevSecOps principles to machine learning workloads
2024-04-25 04:30

As artificial intelligence advances and machine learning moves to the center of an organization, there's an emerging challenge: how to incorporate ML security into the broad development cycle. That's where machine learning security operations enters the picture.

Modernizing fraud prevention with machine learning
2023-09-15 05:30

Nearly 70% of businesses said that fraud losses have increased in recent years and most businesses reported that they plan to increase their fraud management budgets by at least 8% to as much as 19%. Despite their plans to increase their fraud prevention budgets, data shows that businesses may not be completely aligned with consumer expectations. Enable real-time fraud detection: Machine learning can help businesses detect and prevent fraud threats in real time, helping to identify both known and unknown threats to stay ahead of fraudsters.

Uncovering a privacy-preserving approach to machine learning
2023-08-28 05:00

Machine learning models are algorithms that process data to generate meaningful insights and inform critical business decisions. When these data sources contain sensitive or proprietary information, using them for machine learning model training or evaluation/inference raises significant privacy and security concerns.

Using Machine Learning to Detect Keystrokes
2023-08-09 11:08

Researchers have trained a ML model to detect keystrokes by sound with 95% accuracy. Abstract: With recent developments in deep learning, the ubiquity of microphones and the rise in online services via personal devices, acoustic side channel attacks present a greater threat to keyboards than ever.

Unveiling the Unseen: Identifying Data Exfiltration with Machine Learning
2023-06-22 11:10

Data exfiltration often serves as the final act of a cyberattack, making it the last window of opportunity to detect the breach before the data is made public or is used for other sinister activities, such as espionage. While prevention of data exfiltration through security controls is ideal, the escalating complexity and dispersion of infrastructures, accompanied by the integration of legacy devices, makes prevention a strenuous task.

Malware and machine learning: A match made in hell
2023-04-03 09:11

Automated malware campaigns will drastically change the reaction speed of malware gangs. The technology to run malware campaigns and automatically bypass new defenses is most definitely doable nowadays, but thus far, we haven't seen anything of the kind.

Putting Undetectable Backdoors in Machine Learning Models
2023-02-24 12:34

Abstract: Given the computational cost and technical expertise required to train machine learning models, users may delegate the task of learning to a service provider. We show how a malicious learner can plant an undetectable backdoor into a classifier.

Attacking Machine Learning Systems
2023-02-06 11:02

There is a lesson in that similarity: the complex mathematical attacks make for good academic papers, but we mustn't lose sight of the fact that insecure software will be the likely attack vector for most ML systems. At their core, modern ML systems have complex mathematical models that use training data to become competent at a task.

Machine-Learning Python package compromised in supply chain attack
2023-01-04 17:00

Dec. 31, 2022, the PyTorch machine learning framework announced on its website that one of its packages had been compromised via the PyPI repository. According to the PyTorch team, a malicious torchtriton dependency package was uploaded to the PyPI code repository on Friday, Dec. 30, 2022, at around 4:40 p.m. The malicious package had the same package name as the one shipped on the PyTorch nightly package index.