Extract ML Model (f78e0ac3-6d72-42ed-b20a-e10d8c752cf6)
Adversaries may extract a functional copy of a private model. By repeatedly querying the victim's ML Model Inference API Access, the adversary can collect the target model's inferences into a dataset. The inferences are used as labels for training a separate model offline that will mimic the behavior and performance of the target model.
Adversaries may extract the model to avoid paying per query in a machine learning as a service setting. Model extraction is used for ML Intellectual Property Theft.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Exfiltration via ML Inference API (b07d147f-51c8-4eb6-9a05-09c86762a9c1) | MITRE ATLAS Attack Pattern | Extract ML Model (f78e0ac3-6d72-42ed-b20a-e10d8c752cf6) | MITRE ATLAS Attack Pattern | 1 |