In which applications are ML models hidden?

15 Apr 2024 By Skyld Labs

Artificial Intelligence (AI) and Machine Learning (ML) have rapidly evolved to become essential components of many applications we use daily. Whether it’s content recommendations, fraud detection, image recognition, or even personalized user experiences, AI models are becoming increasingly ubiquitous. But do you really know where these machine learning models are hidden? Let’s explore some common applications where these models are deployed.

  • Facial recognition and biometric unlocking

    These models, often considered as black boxes, take images as input and produce identification as output. The security of these models is important given the sensitivity of the data involved.

    For example, model inversion attacks can be used to extract training data or representations that allow identifying the individuals on which the model was trained. In this scenario, an attacker could steal the model, then use inversion techniques to retrieve sensitive information, such as training images. These images could then be used for malicious purposes, compromising the security and privacy of users.

    Therefore, it is essential to have robust security measures to protect these AI models to ensure user trust and prevent potential privacy breaches.

  • Voice assistant and natural language processing

    Voice assistants like Siri, Google Assistant, and Alexa use machine learning models to understand and interpret user voice commands. This enables more natural interaction and better understanding of spoken language.

    At the core of voice assistants is speech recognition technology, which uses sophisticated machine learning algorithms such as deep neural networks (DNNs). These models are trained on vast amounts of voice data to accurately transcribe spoken words into text. Voice assistants are susceptible to adversarial attacks, where malicious inputs are designed to deceive AI models and produce incorrect results. Adversarial examples can be generated by disrupting input audio signals or injecting subtle modifications into textual inputs.

  • Photo editing applications

    In the field of photo editing, artificial intelligence (AI) models often utilize Convolutional Neural Networks (CNNs) and advanced image processing techniques for tasks such as defect correction, detail enhancement, or even facial feature modification.

    However, once integrated into applications and deployed on devices, these AI models become vulnerable to various risks, including reverse engineering and malicious exploitation. For example, consider a popular photo editing application that uses an AI model to apply real-time beauty filters. When this model is deployed on a device, it becomes a potential target for attackers. This model could undergo a model extraction attack.

    Imagine a company develops an application offering advanced photo editing features, powered by an artificial intelligence model. This model is the result of significant investments in research and development and constitutes a competitive advantage for the company. If a competitor wishes to gain a similar advantage in the market without investing as many resources in developing a comparable model, they could simply download the competing application on their phone, then extract the AI model embedded in the application.

    Once the model is extracted, the competitor can deploy it. It is therefore important for companies to implement robust security measures to protect their AI models against such extraction attempts.

  • Medical applications

    In the context of a medical application, if an attacker manages to reverse engineer this model, they could compromise the confidentiality of sensitive medical data stored on the user’s device.

    Indeed, by retrieving the AI model itself, the attacker could access not only the model used to detect tumors but also confidential medical data, such as radiographic images, medical diagnoses, and personal patient information. This information can be exploited for malicious purposes such as extortion or medical fraud.

    For example, in the case of the membership inference attack, which is an attack aimed at determining whether a particular data point was used during the training of a machine learning model. This attack aims to identify if certain data is part of a model’s training set, potentially revealing sensitive information about individuals. This could lead to privacy breaches, such as inferring medical conditions like cancer based on data presence or absence in the training set.

About us

At Skyld, we understand the importance of securing these applications. Our proficiency in safeguarding embedded AI models assures the confidentiality of sensitive information, bringing peace of mind to developers and users.

The integration of AI into our daily lives is undeniable, and it is crucial to ensure the security of these applications. We are here to ensure that machine learning models remain at the forefront of innovation while preserving the confidentiality and security of all involved parties. »