Reply to post: Researchers discover how to hack an ML model

Creep learning: How to tamper with neural nets to turn them against us

Gordon 10 Silver badge

Researchers discover how to hack an ML model

... by having write access to the files that make it up. Popes and woods come to mind.

I wonder if they would have got the research grant if they phrased it as I did?

So in summary - you need write access to either the memory or disk where the model code is stored. In fact lets call it the "Application". You need write access to the Application space - and possibly the OS space on a good implementation.

Lets take a IRL example - say the iPhoneX

I have full write access to the OS level Application partition where the FaceID ML model is stored. I have reverse engineered the FaceID ML model enough to understand how to tweak it.

Do I

a) Only allow my ugly mug to unlock the phone.

b) Rampage through the whole OS looking for a much higher value target.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2021