Search

EP-4738172-A1 - CYBERSECURITY PROVENANCE OF ML/AI MODELS

EP4738172A1EP 4738172 A1EP4738172 A1EP 4738172A1EP-4738172-A1

Abstract

A cybersecurity model assessment service assesses machine learning and/or artificial intelligence models for cybersecurity threats. When an endpoint client device encounters an ML/AI model, the client device may stop processing the ML/AI model and determine its provenance. The provenance identifies a base, foundational, or origin model from which the ML/AI model derives. The provenance, for example, determines whether the ML/AI model originates from, derives from, or is sufficiently similar to a known good/safe model or to a known bad/unsafe model. The cybersecurity model assessment service may then predict a computer behavior of the ML/AI model, based on the provenance. Similarity to a known good/safe model, for example, may be safe to run, while similarity to a known bad/unsafe model is unsafe to run.

Inventors

  • SOUTHGATE, ANDREW
  • DINU, ALEXANDRU
  • CORLATESCU, DRAGOS GEORGIAN
  • CROITORU, IOANA

Assignees

  • CrowdStrike Inc.

Dates

Publication Date
20260506
Application Date
20251030

Claims (15)

  1. A method executed by a computer system that assesses an artificial intelligence, AI, model, the method comprising: receiving file hash values associated with the AI model reported via a cloud computing environment by a cybersecurity sensory agent installed at a client device; determining a provenance associated with the AI model by conducting a preliminary model provenance test associated with a digital cybersecurity service that compares the file hash values to historical file hash values associated with known AI models; when the file hash values associated with the AI model match the historical file hash values associated with a known AI model of the known AI models, then determining an operational behavior associated with the known AI model; and when the file hash values associated with the AI model fail to match the historical file hash values associated with the known AI model, then determining the provenance associated with the AI model by conducting subsequent model provenance testing.
  2. The method of claim 1, further comprising determining the AI model is abnormal operation based on the provenance.
  3. The method of claim 1 or 2, further comprising determining the AI model is normal operation based on the provenance.
  4. The method of any preceding claim, further comprising sending a cybersecurity prediction generated based on the provenance via the cloud computing environment to the cybersecurity sensory agent installed at the client device.
  5. The method of any preceding claim, further comprising blocking or allowing the AI model based on the provenance.
  6. The method of any preceding claim, further comprising blocking or allowing the AI model based on the operational behavior associated with the known AI model.
  7. The method of any preceding claim, wherein the conducting of the subsequent model provenance testing further comprises conducting a sequence of different model provenance tests.
  8. The method of any preceding claim, further comprising randomly conducting the subsequent model provenance testing.
  9. The method of any preceding claim wherein the conducting of the subsequent model provenance testing further comprises: sending a model similarity instruction to the client device that instructs the cybersecurity sensory agent to execute a local similarity analysis; receiving similarity values representing the AI model generated by the cybersecurity sensory agent; and determining the provenance associated with the AI model by comparing the similarity values to the entries in the database of models that map historical similarity values to the known AI models previously assessed by the digital cybersecurity service
  10. A computer program which, when executed by at least one central processing unit, is configured to carry out the method of any preceding claim.
  11. A computer system that that assesses an artificial intelligence (AI) model, comprising: at least one central processing unit; and at least one memory device storing instructions that, when executed by the at least one central processing unit, performs the method of any one of claims 1 to 9.
  12. A method executed by a computer system that assesses an artificial intelligence (AI) model, comprising: conducting, by the computer system, a sequence of different model provenance tests associated with a digital cybersecurity service that assesses a provenance associated with the AI model; when the AI model satisfies a model provenance test in the sequence of the different model provenance tests, then determining, by the computer system, an operational behavior associated with the provenance; and when the AI model fails to satisfy the model provenance test in the sequence of the different model provenance tests, then conducting, by the computer system, another model provenance test in the sequence of the different model provenance tests that assesses the provenance associated with the AI model.
  13. The method of claim 12, further comprising generating a cybersecurity prediction based on the operational behavior associated with the provenance.
  14. The method of claim 12 or 13, further comprising at least one of: assigning the operational behavior to the AI model; determining the AI model fails to satisfy the sequence of the different model provenance tests;
  15. The method of any one of claims 12 to 14, further comprising determining the provenance by comparing file hash values associated with the AI model to historical file hash values associated with known AI models previously assessed, optionally further comprising determining the file hash values associated with the AI model match the historical file hash values associated with a known AI model of the known AI models previously assessed, and further optionally wherein in response to the determining that the file hash values associated with the AI model match the historical file hash values associated with the known AI model, then further comprising assigning the operational behavior associated with the known AI model to the AI model.

Description

BACKGROUND The subject matter described herein generally relates to computers and to computer security and, more particularly, the subject matter relates to artificial neural networks. Cybersecurity threats are always increasing. It seems every day there is another cybersecurity attack that steals account passwords, business data, and personal information. Emails, websites, and text messages often contain malicious links, viruses, and attachments. Now, even machine learning and artificial intelligence are being targeted by cyberattackers. SUMMARY A cybersecurity model assessment service assesses machine learning (ML) and/or artificial intelligence (AI) models for cybersecurity threats. When an endpoint client device encounters an ML/AI model, the client device may stop processing the ML/AI model and determine its provenance. The provenance identifies a base, foundational, or origin model from which the ML/AI model derives. The provenance, for example, determines whether the ML/AI model originates from, derives from, or is sufficiently similar to a known good/safe model or to a known bad/unsafe model. The cybersecurity model assessment service may then predict a computer behavior of the client device executing the ML/AI model, based on the provenance. For example, if the ML/AI model is similar to a known good/safe model, then the client device may be predicted to safely execute the ML/AI model. If, however, the ML/AI model is similar to a known bad/unsafe model, then the ML/AI model may be predicted as unsafe to execute. As machine learning and artificial intelligence grow in use, the cybersecurity model assessment service protects client devices from newly-emerging cybersecurity threats related to unsafe model usage. Accordingly there is provided a method as detailed in each of the independent claims. A computer program and computing device are also provided per the respective claims. BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWINGS The features, aspects, and advantages of predictive cybersecurity provenance of ML/AI models are understood when the following Detailed Description is read with reference to the accompanying drawings, wherein: FIGs. 1-3 illustrate some examples of machine learning (or ML) and artificial intelligence (or AI) model provenance;FIG. 4 illustrates examples of intellectual property protection;FIGs. 5-7 illustrate more examples of a cybersecurity service;FIG. 8 illustrates still more examples of the cybersecurity service and the cybersecurity model assessment service;FIG. 9 illustrates more examples of the cybersecurity model assessment service;FIGs. 10-12 illustrate examples of the cybersecurity model assessment service and preliminary model provenance testing;FIGs. 13-16 illustrate examples of the cybersecurity model assessment service and subsequent model provenance testing;FIG. 17 illustrates examples of sequential model provenance testing;FIG. 18 illustrates examples of numerically counting model provenance testing;FIG. 19 illustrates examples of random model provenance testing to avoid obfuscation;FIGs. 20-21 illustrate more examples of the cybersecurity model assessment service;FIG. 22 illustrates examples of host monitoring;FIG. 23 illustrates examples of client assessment;FIGs. 24-26 illustrate examples of methods or operations that assess ML/AI models; andFIG. 27 illustrates a more detailed example of an operating environment. DETAILED DESCRIPTION Some examples relate to detecting and predicting abnormal and malicious machine learning (or ML) and artificial intelligence (or AI) models. As we know, nearly every day we read of another network hack, computer virus, or other cybersecurity threat. As machine learning and artificial intelligence grow in usage, cyberattackers are expected to target ML/AI models. Infected ML/AI models will cause new and unexpected cyberthreats. A cybersecurity model assessment service, however, protects computers from new and unexpected ML/AI threats. The cybersecurity model assessment service assesses many different ML/AI models encountered in personal computing and in cloud services. The cybersecurity model assessment service assesses each ML/AI model for its provenance to known good/safe models or to known bad/unsafe models. The provenance, for example, determines whether the ML/AI model originates from, derives from, or is sufficiently similar to one of the known models. The cybersecurity model assessment service may then predict a computer behavior (such as normal or abnormal/malicious), based on the provenance. The cybersecurity model assessment service may thus maintain a library or catalog of the many different ML/AI models likely to be encountered in the field. When a computer encounters an ML/AI model, the computer may stop and check whether the ML/AI model is safe to run. The computer, for example, merely requests the cybersecurity model assessment service and receives a response. If the cybersecurity model assessment service predict