Security Experts:

Connect with us

Hi, what are you looking for?


Security Architecture

New Tool Made by Microsoft and Mitre Emulates Attacks on Machine Learning Systems

Microsoft and Mitre release Arsenal plugin to help cybersecurity professionals emulate attacks on machine learning (ML) systems.

Microsoft and Mitre have announced the release of a new tool designed to help cybersecurity professionals emulate attacks on machine learning (ML) systems.

Called Arsenal, the tool is a plugin for the Mitre ATLAS (Adversarial Threat Landscape for Artificial-Intelligence Systems) framework, a knowledge base of adversarial tactics, techniques, and case studies.

ATLAS is meant to raise awareness of the threats to ML systems, while Arsenal helps cybersecurity researchers store and create adversarial tactics, techniques, and procedures (TTPs) defined in ATLAS to interface with CALDERA, the cybersecurity platform that automates adversary emulation.

Arsenal uses Microsoft’s Counterfit automation tool for running artificial intelligence (AI) security risk assessments as an automated adversarial attack library and enables CALDERA to emulate attacks using the Counterfit library.

The integration of Arsenal into CALDERA is expected to help researchers identify novel vulnerabilities in the building blocks of ML workflows and come up with protections to prevent exploitation of ML systems.

At the moment, Arsenal includes a limited number of adversary profiles, based on publicly available information. Microsoft and Mitre plan to add new techniques and adversary profiles as researchers document new attacks on ML systems.

Arsenal can be used on systems running Ubuntu 18.04 or 20.04 and requires Python versions 3.7 or higher to work.

“As the world looks to AI to positively change how organizations operate, it’s critical that steps are taken to help ensure the security of those AI and machine learning models that will empower the workforce to do more with less of a strain on time, budget and resources,” Microsoft program manager Ram Shankar said.

Related: SecurityWeek Cyber Insights 2023 | Artificial Intelligence

Related: Microsoft, MITRE Release Adversarial Machine Learning Threat Matrix

Related: Are Artificial Intelligence and Machine Learning Just a Temporary Advantage to Defenders?

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Security Architecture

ChatGPT is increasingly integrated into cybersecurity products and services as the industry is testing its capabilities and limitations.


Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Risk Management

In this virtual summit, SecurityWeek brings together expert defenders to share best practices around reducing attack surfaces in modern computing.

Incident Response

Implementation of security automation can be overwhelming, and has remained a barrier to adoption

Application Security

Vulnerability researchers at Google Project Zero are calling attention to the ongoing “patch-gap” problem in the Android ecosystem, warning that downstream vendors continue to...