We propose a security methodology for Machine Learning (ML) pipelines, supporting the definition of key security properties of ML assets, the identification of threats to them as well as the selection, test and verification of security controls. Our proposal is based on STRIDE, a widely used approach to threat modeling originally developed by Microsoft. We adapt STRIDE to the Artificial Intelligence domain by taking a security property-driven approach that also provides guidance in selecting the security controls needed to alleviate the identified threats. Our proposal is illustrated via an industrial case study.

STRIDE-AI: An Approach to Identifying Vulnerabilities of Machine Learning Assets / L. Mauri, E. Damiani - In: 2021 IEEE International Conference on Cyber Security and Resilience (CSR)[s.l] : IEEE, 2021. - ISBN 978-1-6654-0285-9. - pp. 147-154 (( convegno IEEE International Conference on Cyber Security and Resilience tenutosi a Rhodes nel 2021 [10.1109/CSR51186.2021.9527917].

STRIDE-AI: An Approach to Identifying Vulnerabilities of Machine Learning Assets

Mauri, Lara;Damiani, Ernesto
2021

Abstract

We propose a security methodology for Machine Learning (ML) pipelines, supporting the definition of key security properties of ML assets, the identification of threats to them as well as the selection, test and verification of security controls. Our proposal is based on STRIDE, a widely used approach to threat modeling originally developed by Microsoft. We adapt STRIDE to the Artificial Intelligence domain by taking a security property-driven approach that also provides guidance in selecting the security controls needed to alleviate the identified threats. Our proposal is illustrated via an industrial case study.
Artificial Intelligence security; Threat modeling; Vulnerability assessment
Settore INF/01 - Informatica
Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni
H20_RIA18EDAMI_01 - THREAT-ARREST Cyber Security Threats and Threat Actors Training - Assurance Driven Multi-Layer, end-to-end Simulation and Training (THREAT-ARREST) - FRATI, FULVIO - H20_RIA - Horizon 2020_Research & Innovation Action/Innovation Action - 2018
Book Part (author)
File in questo prodotto:
File Dimensione Formato  
STRIDE_AI__An_Approach_to_Identifying_Vulnerabilities_of_Machine_Learning_Assets.pdf

accesso aperto

Descrizione: Articolo principale
970.67 kB Adobe PDF Visualizza/Apri
STRIDE-AI_An_Approach_to_Identifying_Vulnerabilities_of_Machine_Learning_Assets.pdf

non disponibili

3.64 MB Adobe PDF   Visualizza/Apri   Richiedi una copia
Pubblicazioni consigliate

Caricamento pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: http://hdl.handle.net/2434/866875
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 0
  • ???jsp.display-item.citation.isi??? 0
social impact