AVID-2023-V012
Vulnerability from avid – Published: 2023-03-31 – Updated: 2023-03-31 ATLAS Case StudySummary
MITRE's AI Red Team demonstrated a physical-domain evasion attack on a commercial face identification service with the intention of inducing a targeted misclassification.
This operation had a combination of traditional ATT&CK enterprise techniques such as finding Valid account, and Executing code via an API - all interleaved with adversarial ML specific attacks.
Risk domain
Security
SEP view
S0100: Software Vulnerability, S0301: Information Leak, S0403: Adversarial Example
Lifecycle
L06: Deployment
Organisations
Commercial Face Identification Service (deployer)
Affected artifacts
1 artifact
| Artifact | Type |
|---|---|
| Commercial Face Identification Service | System |
References
1 reference
| URL | Label |
|---|---|
| https://atlas.mitre.org/studies/AML.CS0012 | Face Identification System Evasion via Physical Countermeasures |
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…