SlideShare a Scribd company logo

Open Source models security- Supply chain

N
Natan Katz

The document discusses the evolution of supply chain security in relation to open source AI models, particularly highlighting the shift from in-house trained models to more flexible and accessible open-source alternatives like those provided by Hugging Face. It outlines both the benefits, such as cost-effectiveness and customization, and the risks, including data security vulnerabilities and a lack of attention from data scientists on security matters. The growing concerns of Chief Information Security Officers (CISOs) regarding these security challenges in open-source models are also emphasized.

Data & Analytics
1 of 32
Download to read offline
1
2
Most read
3
4
5
Most read
6
7
8
Most read
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
1 Supply Chain Security For Open Source Models
• M.sc in applied math • A year in Goethe universitat FFM • AI researcher in various domains • More than 10 patents AI & Cyber • Academic papers on AI & AI ethic • Official author at TDS • Representing Israel in QC stand. • A little of YouTube presence • Co-founder of LuminAI Security! natan.katz@gmail.com natan.katz@luminaisec.com https://www.linkedin.com/in/natan-katz-2936425/ J J
Models History 3
Before Hugging Face Until 20172018 models were nearly always a in-house product. • The organization aggregated data • Upon LOBʼs request data scientists trained models • Deployment- R&D with LOBʼs oversight Costs: • Data storage • DevOps • Cloud resources • Data scientists spent their time on “dark laborˮ Results depend on the amount of data and the quality of the work
Open Source Models • Attention is all you need 2017 • Model zoo began to appear Hugging Face What does the organization gain? • Data scientists need significantly less data • Flexible : Extremely easy to modify their task
AI Security Before ChatGPT The focus is mainly on the model files: • Pickle files are wrapped by operational code • This code can be vulnerable
SAAS  Chat GPT November 2022 • OpenAI releases ChatGPT • Some other players appear Anthropic)
New Security Challenges • Chat GPT is used by all the organization • CISOs begin to ask questions • A new set of security challenges was born OWASP LLM 2023 InputOutput handling Data Leakage Prevention
Which One is Better? 9
Open Source models security- Supply chain
Open Source Models - Benefits • Privacy - You don't share your data • R&D Efforts - It is extremely easy to customize • BI Flexibility - Easy to modify the model upon the organization needs • Cost - Only the cloud
Cyber Security In Open Source Models
Open Source models security- Supply chain
Everyone can upload and even fake his affiliation Data scientists hardly ever care about security Security?! - “They lost to Bayern last week didn't they? I prefer basketballˮ
Open Source Models - Risks • Free upload- Everyone can upload and even fake his affiliation Meta • Web Security tests - Hardly exists • Hackersʼ motivationDevelopers rely on open-source. Attackers use that. • Data scientists don't care too much about security
What do CISOs think? • CISOs rarely talk to ds “I don't know about open source model. I guess there are noˮ • CISOs can take the hard decision: “Open-source models are risky we don't useˮ No AI. • CISOs focus mainly on the data itself and not on the models “We have rule based solutions for PI & PII“
Securing AI Development. Protecting AI-Powered Applications. OWASP ML
Poisoned Models
Open Source models security- Supply chain
Open Source models security- Supply chain
Intrinsic Vulnerabilities
Open Source models security- Supply chain
Open Source models security- Supply chain
Open Source models security- Supply chain
Open Source models security- Supply chain
Open Source models security- Supply chain
Open Source models security- Supply chain
Open Source models security- Supply chain
Open Source models security- Supply chain
Open Source models security- Supply chain
Open Source models security- Supply chain
Open Source models security- Supply chain

More Related Content

PPTX
AI Open-Source Models- Benefits vs. Risks.
Natan Katz
 
PPTX
Decentralized AI for the Rest of Us
Jesus Rodriguez
 
PDF
Beyond the Scan: The Value Proposition of Vulnerability Assessment
Damon Small
 
PDF
A Mashup with Backbone
C/D/H Technology Consultants
 
PPTX
The Journey to DevSecOps
Shannon Lietz
 
PPTX
The Journey to DevSecOps
SeniorStoryteller
 
PDF
Defcon 23 - damon small - beyond the scan
Felipe Prado
 
PDF
[Webinar] Building a Product Security Incident Response Team: Learnings from ...
bugcrowd
 
AI Open-Source Models- Benefits vs. Risks.
Natan Katz
 
Decentralized AI for the Rest of Us
Jesus Rodriguez
 
Beyond the Scan: The Value Proposition of Vulnerability Assessment
Damon Small
 
A Mashup with Backbone
C/D/H Technology Consultants
 
The Journey to DevSecOps
Shannon Lietz
 
The Journey to DevSecOps
SeniorStoryteller
 
Defcon 23 - damon small - beyond the scan
Felipe Prado
 
[Webinar] Building a Product Security Incident Response Team: Learnings from ...
bugcrowd
 

Similar to Open Source models security- Supply chain (20)

PPTX
Threat Modeling In 2021
Adam Shostack
 
PPTX
Data In Action: Business Value of Data
Matt Turner
 
PPTX
Research, the Cloud, and the IRB
Michael Zimmer
 
PPTX
Managing AI Products
Prasad Velamuri
 
PDF
Lean Security
Ben Johnson
 
PPTX
Technology in Teaching, Research & Admin’: Some Quick Wins & Data Protection
Simon Bignell
 
PPTX
Protect your Database with Data Masking & Enforced Version Control
DBmaestro - Database DevOps
 
PDF
Learning Silicon Valley Culture
Taro L. Saito
 
PPTX
CIO 360 grados: empoderamiento total
Corporacion Colombia Digital
 
PDF
Keith prabhu global high on cloud summit
administrator_confidis
 
PDF
BSides Vienna 2015
Daniel Liber
 
PDF
Security Training: Making your weakest link the strongest - CircleCityCon 2017
Aaron Hnatiw
 
PPTX
2014 - KSU - So You Want to Be in Cyber Security?
Phil Agcaoili
 
PDF
Outpost24 webinar: Turning DevOps and security into DevSecOps
Outpost24
 
PDF
IT security for all. Bootcamp slides
Wallarm
 
PDF
ICP for Data- Enterprise platform for AI, ML and Data Science
Karan Sachdeva
 
PPTX
Patterns for Successful Data Science Projects (Spark AI Summit)
Bill Chambers
 
PDF
Ciso executive forum 2013
Bill Burns
 
PDF
Secured Development
Burhan Khalid
 
PDF
Mr. Burhan Khalid - secure dev.
nooralmousa
 
Threat Modeling In 2021
Adam Shostack
 
Data In Action: Business Value of Data
Matt Turner
 
Research, the Cloud, and the IRB
Michael Zimmer
 
Managing AI Products
Prasad Velamuri
 
Lean Security
Ben Johnson
 
Technology in Teaching, Research & Admin’: Some Quick Wins & Data Protection
Simon Bignell
 
Protect your Database with Data Masking & Enforced Version Control
DBmaestro - Database DevOps
 
Learning Silicon Valley Culture
Taro L. Saito
 
CIO 360 grados: empoderamiento total
Corporacion Colombia Digital
 
Keith prabhu global high on cloud summit
administrator_confidis
 
BSides Vienna 2015
Daniel Liber
 
Security Training: Making your weakest link the strongest - CircleCityCon 2017
Aaron Hnatiw
 
2014 - KSU - So You Want to Be in Cyber Security?
Phil Agcaoili
 
Outpost24 webinar: Turning DevOps and security into DevSecOps
Outpost24
 
IT security for all. Bootcamp slides
Wallarm
 
ICP for Data- Enterprise platform for AI, ML and Data Science
Karan Sachdeva
 
Patterns for Successful Data Science Projects (Spark AI Summit)
Bill Chambers
 
Ciso executive forum 2013
Bill Burns
 
Secured Development
Burhan Khalid
 
Mr. Burhan Khalid - secure dev.
nooralmousa
 
Ad

More from Natan Katz (19)

PDF
AI HIT taught in HIT always believe thanks
Natan Katz
 
PPTX
final_v.pptx
Natan Katz
 
PPTX
AI for PM.pptx
Natan Katz
 
PPTX
SGLD Berlin ML GROUP
Natan Katz
 
PPTX
Ancestry, Anecdotes & Avanan -DL for Amateurs
Natan Katz
 
PDF
Cyn meetup
Natan Katz
 
PDF
Finalver
Natan Katz
 
PDF
Foundation of KL Divergence
Natan Katz
 
PDF
Quant2a
Natan Katz
 
PPTX
Bismark
Natan Katz
 
PPTX
Bayesian Neural Networks
Natan Katz
 
PDF
Deep VI with_beta_likelihood
Natan Katz
 
PPTX
NICE Research -Variational inference project
Natan Katz
 
PPTX
NICE Implementations of Variational Inference
Natan Katz
 
PPTX
Ucb
Natan Katz
 
PDF
Reinfrocement Learning
Natan Katz
 
PPTX
Neural ODE
Natan Katz
 
PDF
Variational inference
Natan Katz
 
PPTX
GAN for Bayesian Inference objectives
Natan Katz
 
AI HIT taught in HIT always believe thanks
Natan Katz
 
final_v.pptx
Natan Katz
 
AI for PM.pptx
Natan Katz
 
SGLD Berlin ML GROUP
Natan Katz
 
Ancestry, Anecdotes & Avanan -DL for Amateurs
Natan Katz
 
Cyn meetup
Natan Katz
 
Finalver
Natan Katz
 
Foundation of KL Divergence
Natan Katz
 
Quant2a
Natan Katz
 
Bismark
Natan Katz
 
Bayesian Neural Networks
Natan Katz
 
Deep VI with_beta_likelihood
Natan Katz
 
NICE Research -Variational inference project
Natan Katz
 
NICE Implementations of Variational Inference
Natan Katz
 
Ucb
Natan Katz
 
Reinfrocement Learning
Natan Katz
 
Neural ODE
Natan Katz
 
Variational inference
Natan Katz
 
GAN for Bayesian Inference objectives
Natan Katz
 
Ad

Recently uploaded (20)

PDF
168300704-gasification-ppt.pdfhghhhsjsjhsuxush
sriram270905
 
PPTX
MODULE 8 - DISASTER risk PREPAREDNESS.pptx
AceAquino4
 
PPTX
Introduction to Basics of Ethical Hacking and Penetration Testing -Unit No. 1...
AshutoshDeshmukh33
 
PPTX
Microsoft-Fabric-Unifying-Analytics-for-the-Modern-Enterprise Solution.pptx
Mahesh Reddy
 
PDF
BF and FI - Blockchain, fintech and Financial Innovation Lesson 2.pdf
JamesWilliams752225
 
PPTX
Data_Analytics_and_PowerBI_Presentation.pptx
ZubyrAhmed
 
PPT
ISS -ESG Data flows What is ESG and HowHow
lucandthemachine
 
PPTX
Qualitative Qantitative and Mixed Methods.pptx
AhmaduMohammed
 
PPTX
IB Computer Science - Internal Assessment.pptx
agarwal18harsh08
 
PDF
Lecture1 pattern recognition............
ZafriFarid
 
PPTX
Database Infoormation System (DBIS).pptx
TefferiMekonnen2
 
PPTX
The THESIS FINAL-DEFENSE-PRESENTATION.pptx
hshakobe3
 
PPTX
1_Introduction to advance data techniques.pptx
AshutoshDeshmukh33
 
PPTX
Introduction-to-Cloud-ComputingFinal.pptx
testnet29393883
 
PDF
Business Analytics and business intelligence.pdf
khalidisah4750
 
PDF
"Python Programming for Geospatial Data Science." ...
institute of Geoinformatics and Earth Observation at PMAS ARID Agriculture University of Rawalpindi
 
PDF
Recruitment and Placement PPT.pdfbjfibjdfbjfobj
Alka392097
 
PPTX
Introduction to machine learning and Linear Models
ShivanshMehta17
 
PPTX
Computer network topology notes for revision
BatoolRawat
 
PPTX
Acceptance and paychological effects of mandatory extra coach I classes.pptx
ZaheerAhmad228692
 
168300704-gasification-ppt.pdfhghhhsjsjhsuxush
sriram270905
 
MODULE 8 - DISASTER risk PREPAREDNESS.pptx
AceAquino4
 
Introduction to Basics of Ethical Hacking and Penetration Testing -Unit No. 1...
AshutoshDeshmukh33
 
Microsoft-Fabric-Unifying-Analytics-for-the-Modern-Enterprise Solution.pptx
Mahesh Reddy
 
BF and FI - Blockchain, fintech and Financial Innovation Lesson 2.pdf
JamesWilliams752225
 
Data_Analytics_and_PowerBI_Presentation.pptx
ZubyrAhmed
 
ISS -ESG Data flows What is ESG and HowHow
lucandthemachine
 
Qualitative Qantitative and Mixed Methods.pptx
AhmaduMohammed
 
IB Computer Science - Internal Assessment.pptx
agarwal18harsh08
 
Lecture1 pattern recognition............
ZafriFarid
 
Database Infoormation System (DBIS).pptx
TefferiMekonnen2
 
The THESIS FINAL-DEFENSE-PRESENTATION.pptx
hshakobe3
 
1_Introduction to advance data techniques.pptx
AshutoshDeshmukh33
 
Introduction-to-Cloud-ComputingFinal.pptx
testnet29393883
 
Business Analytics and business intelligence.pdf
khalidisah4750
 
"Python Programming for Geospatial Data Science." ...
institute of Geoinformatics and Earth Observation at PMAS ARID Agriculture University of Rawalpindi
 
Recruitment and Placement PPT.pdfbjfibjdfbjfobj
Alka392097
 
Introduction to machine learning and Linear Models
ShivanshMehta17
 
Computer network topology notes for revision
BatoolRawat
 
Acceptance and paychological effects of mandatory extra coach I classes.pptx
ZaheerAhmad228692
 

Open Source models security- Supply chain

  • 2. • M.sc in applied math • A year in Goethe universitat FFM • AI researcher in various domains • More than 10 patents AI & Cyber • Academic papers on AI & AI ethic • Official author at TDS • Representing Israel in QC stand. • A little of YouTube presence • Co-founder of LuminAI Security! natan.katz@gmail.com natan.katz@luminaisec.com https://www.linkedin.com/in/natan-katz-2936425/ J J
  • 4. Before Hugging Face Until 20172018 models were nearly always a in-house product. • The organization aggregated data • Upon LOBʼs request data scientists trained models • Deployment- R&D with LOBʼs oversight Costs: • Data storage • DevOps • Cloud resources • Data scientists spent their time on “dark laborˮ Results depend on the amount of data and the quality of the work
  • 5. Open Source Models • Attention is all you need 2017 • Model zoo began to appear Hugging Face What does the organization gain? • Data scientists need significantly less data • Flexible : Extremely easy to modify their task
  • 6. AI Security Before ChatGPT The focus is mainly on the model files: • Pickle files are wrapped by operational code • This code can be vulnerable
  • 7. SAAS  Chat GPT November 2022 • OpenAI releases ChatGPT • Some other players appear Anthropic)
  • 8. New Security Challenges • Chat GPT is used by all the organization • CISOs begin to ask questions • A new set of security challenges was born OWASP LLM 2023 InputOutput handling Data Leakage Prevention
  • 11. Open Source Models - Benefits • Privacy - You don't share your data • R&D Efforts - It is extremely easy to customize • BI Flexibility - Easy to modify the model upon the organization needs • Cost - Only the cloud
  • 14. Everyone can upload and even fake his affiliation Data scientists hardly ever care about security Security?! - “They lost to Bayern last week didn't they? I prefer basketballˮ
  • 15. Open Source Models - Risks • Free upload- Everyone can upload and even fake his affiliation Meta • Web Security tests - Hardly exists • Hackersʼ motivationDevelopers rely on open-source. Attackers use that. • Data scientists don't care too much about security
  • 16. What do CISOs think? • CISOs rarely talk to ds “I don't know about open source model. I guess there are noˮ • CISOs can take the hard decision: “Open-source models are risky we don't useˮ No AI. • CISOs focus mainly on the data itself and not on the models “We have rule based solutions for PI & PII“
  • 17. Securing AI Development. Protecting AI-Powered Applications. OWASP ML