SubTechniqueai-attack-stagingATLAS

AML.T0043.002Black-Box Transfer

What it is

In Black-Box Transfer attacks, the adversary uses one or more proxy models (trained via [Create Proxy AI Model](/techniques/AML.T0005) or [Train Proxy via Replication](/techniques/AML.T0005.001)) they have full access to and are representative of the target model. The adversary uses [White-Box Optimization](/techniques/AML.T0043.000) on the proxy models to generate adversarial examples. If the set of proxy models are close enough to the target model, the adversarial example should generalize from one to another. This means that an attack that works for the proxy models will likely then work for the target model. If the adversary has [AI Model Inference API Access](/techniques/AML.T0040), they may use [Verify Attack](/techniques/AML.T0042) to confirm the attack is working and incorporate that information into their training process.

References

  1. https://atlas.mitre.org/techniques/AML.T0043.002

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

ATLAS
Craft Adversarial Data
ATLAS
Full AI Model Access
ATLAS
Create Proxy AI Model
ATLAS
AI Model Inference API Access
ATLAS
Exfiltration via AI Inference API
ATLAS tactic
AI Model Access
Sourced from MITRE ATLAS — Adversarial Threat Landscape for AI Systems. Curated by Adam Lundqvist, SQUR.