Collection
Cards (6)
- Collection
- The adversary is trying to gather machine learning artifacts and other related information relevant to their goal.
- Collection
- Collection consists of techniques adversaries may use to gather information and the sources information is collected from that are relevant to following through on the adversary's objectives. Frequently, the next goal after collecting data is to steal (exfiltrate) the ML artifacts, or use the collected information to stage future operations. Common target sources include software repositories, container registries, model repositories, and object stores.
- ML Artifact Collection
- Adversaries may collect ML artifacts for Exfiltration or for use in ML Attack Staging. ML artifacts include models and datasets as well as other telemetry data produced when interacting with a model.
- Data from Information Repositories
- Adversaries may leverage information repositories to mine valuable information. Information repositories are tools that allow for storage of information, typically to facilitate collaboration or information sharing between users, and can store a wide variety of data that may aid adversaries in further objectives, or direct access to the target information.
- Data from Information Repositories
- Information stored in a repository may vary based on the specific instance or environment. Specific common information repositories include Sharepoint, Confluence, and enterprise databases such as SQL Server.
- Data from Local System
- Adversaries may search local system sources, such as file systems and configuration files or local databases, to find files of interest and sensitive data prior to Exfiltration.
- This can include basic fingerprinting information and sensitive data such as ssh keys.