@inproceedings{848b0efc2e5443978a22d95a57b2de01,
title = "STRIDE-AI: An approach to identifying vulnerabilities of machine learning assets",
abstract = "We propose a security methodology for Machine Learning (ML) pipelines, supporting the definition of key security properties of ML assets, the identification of threats to them as well as the selection, test and verification of security controls. Our proposal is based on STRIDE, a widely used approach to threat modeling originally developed by Microsoft. We adapt STRIDE to the Artificial Intelligence domain by taking a security property-driven approach that also provides guidance in selecting the security controls needed to alleviate the identified threats. Our proposal is illustrated via an industrial case study.",
keywords = "Artificial Intelligence security, Threat modeling, Vulnerability assessment",
author = "Lara Mauri and Ernesto Damiani",
note = "Funding Information: ACKNOWLEDGMENT This research was supported in part by the EU-funded project THREAT-ARREST (grant agreement No. H2020-786890) and in part by the Northrop Grumman Master Agreement fund provided for the C2PS for the project “Customization of Cyber-Physical Systems Testing” (No. 8434000041). Publisher Copyright: {\textcopyright} 2021 IEEE.; 2021 IEEE International Conference on Cyber Security and Resilience, CSR 2021 ; Conference date: 26-07-2021 Through 28-07-2021",
year = "2021",
month = jul,
day = "26",
doi = "10.1109/CSR51186.2021.9527917",
language = "British English",
series = "Proceedings of the 2021 IEEE International Conference on Cyber Security and Resilience, CSR 2021",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "147--154",
booktitle = "Proceedings of the 2021 IEEE International Conference on Cyber Security and Resilience, CSR 2021",
address = "United States",
}