Do You Trust Your Model? Emerging Malware Threats in the Deep Learning Ecosystem

arXiv:2403.03593v1 Announce Type: new
Abstract: Training high-quality deep learning models is a challenging task due to computational and technical requirements. A growing number of individuals, institutions, and companies increasingly rely on pre-trained, third-party models made available in public repositories. These models are often used directly or integrated in product pipelines with no particular precautions, since they are effectively just data in tensor form and considered safe. In this paper, we raise awareness of a new machine learning supply chain threat …

arxiv companies computational cs.ai cs.cr deep learning ecosystem emerging high institutions malware party public quality repositories requirements task technical third third-party threats training trust