Machine Learning Attack Series: Repudiation Threat and Auditing
Summary
Repudiation is a security threat where someone denies performing an action, such as replacing an AI model file with a malicious version. The source explains how to use auditd (a Linux auditing tool) and centralized monitoring systems like Splunk or Elastic Stack to create audit logs that track who accessed or modified files and when, helping prove or investigate whether specific accounts made changes.
Solution / Mitigation
To mitigate repudiation threats, the source recommends: (1) installing and configuring auditd on Linux using 'sudo apt install auditd', (2) adding file monitoring rules with auditctl (example: 'sudo auditctl -w /path/to/file -p rwa -k keyword' to audit read, write, and append operations), and (3) pushing audit logs to centralized monitoring systems such as Splunk, Elastic Stack, or Azure Sentinel for analysis and visualization.
Classification
Affected Vendors
Related Issues
Original source: https://embracethered.com/blog/posts/2020/husky-ai-repudiation-threat-deny-action-machine-learning/
First tracked: February 12, 2026 at 02:20 PM
Classified by LLM (prompt v3) · confidence: 75%