{"data":{"id":"b980cb0a-e77e-4604-91fc-899bc2d914e8","title":"Machine Learning Attack Series: Stealing a model file","summary":"Attackers can steal machine learning model files through direct approaches like compromising systems to find model files (often with .h5 extensions), or through indirect approaches like model stealing where attackers build similar models themselves. One specific attack vector involves SSH agent hijacking (exploiting SSH keys stored in memory on compromised machines), which allows attackers to access production systems containing model files without needing the original passphrases.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://embracethered.com/blog/posts/2020/husky-ai-machine-learning-model-stealing/","publishedAt":"2020-10-10T12:50:21.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"medium","attackType":["model_theft"],"issueType":"news","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["Husky AI"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"model","llmSpecific":false,"classifierConfidence":0.75,"researchCategory":null,"atlasIds":null}}