Asia-24-Wood-Confused-Learning

Confused Learning:Supply Chain Attacks through Machine Learning ModelsThreat IntelligenceDropboxHello!Mary WalkerAdrian Wood Red Team DropboxThrelfall@whitehacksecMairebear@mairebearIntroduction01Target Selection02WeaponizingModels03Attacker Observations04AgendaDeployment05Post Exploitation06Threat Research07Defense & Prevention08Introduction01Key ConceptsModified prediction algorithmsA lot can go wrong with modelsBackdoorsHijacksModels containing malware\… and much moreMalicious models won’t execute themselvesHere’s how we do it for bug bounty and red team operationsYou need a victim and processTargetPick a victimEncourageHow will you get them to run it?CoerceWhat’s the bait or trick?VictimologyData ScientistStores and retrieves●datasets●modelsSWE OpsML EngineerFacilitates pulling and serving all the above into pipelinesStores and retrieves●datasets●modelsRetrieves●Applications●Sometimes modelsTarget SelectionPrerequisite: Under