Litcius/Paper detail

STRIDE-AI: An Approach to Identifying Vulnerabilities of Machine Learning Assets

Lara Mauri, Ernesto Damiani

202116 citationsDOIOpen Access PDF

Abstract

We propose a security methodology for Machine Learning (ML) pipelines, supporting the definition of key security properties of ML assets, the identification of threats to them as well as the selection, test and verification of security controls. Our proposal is based on STRIDE, a widely used approach to threat modeling originally developed by Microsoft. We adapt STRIDE to the Artificial Intelligence domain by taking a security property-driven approach that also provides guidance in selecting the security controls needed to alleviate the identified threats. Our proposal is illustrated via an industrial case study.

Topics & Concepts

STRIDEComputer scienceComputer securityDomain (mathematical analysis)Identification (biology)Key (lock)Machine learningSelection (genetic algorithm)Artificial intelligenceSecurity domainMathematicsBotanyBiologyMathematical analysisAdversarial Robustness in Machine LearningAdvanced Malware Detection TechniquesPrivacy-Preserving Technologies in Data
STRIDE-AI: An Approach to Identifying Vulnerabilities of Machine Learning Assets | Litcius