Summary: The rise of malicious models on AI repositories like Hugging Face is prompting cybersecurity companies to develop tools aimed at identifying safe models. Similar to the challenges faced by open-source software, there is a growing concern regarding the security, provenance, and vulnerability of AI models. Industry leaders are advocating for robust security measures and frameworks to ensure safe AI deployment and usage.
Affected: AI developers, organizations utilizing ML models, Hugging Face
Keypoints :
- The number of flagged malicious AI models has doubled in the past year, indicating a growing threat.
- Security measures akin to those in software development, such as MLOps and DevSecOps, are being recommended for AI models.
- Companies are urged to conduct thorough evaluations of AI models before adoption and implement defense strategies to protect against vulnerabilities.
- Existing scanners may overlook deeper issues such as subtle backdoors or harmful functionalities embedded in the models.
- Frameworks like Google’s Secure AI Framework and OWASP’s AI Security and Privacy Guide offer guidance for organizations striving to enhance AI security practices.