CompTIA SecAI+ Domain 2.3: Model ...
CompTIA SecAI+ Domain 2.3: Model Inversion, Inference & Poisoning

Sec Guy by Sec Guy

Episode notes

I don't need to break into your server to steal your AI. I just need to ask it the right questions. In Part 3 of our Domain 2 Deep Dive, we leave the "Prompt Injection" attacks behind and enter the world of Privacy Attacks and Model Theft.

We explain how attackers can use Model Inversion to reconstruct private training data (like faces) just by analyzing confidence scores. We break down the difference between Membership Inference (knowing if you were a patient) and Attribute Inference (knowing what disease you have).

Finally, we cover Model Extraction (cloning GPT-4 for cheap) and the silent killer known as Data Poisoning—where attackers install "Backdoors" into the model before it's even trained.

🎓 In this video, you will learn:

Model Inversion: Reconstructing training data (faces/PII) from vector outputs.

Membersh ... 

Read more