Connect with us

Hi, what are you looking for?


Artificial Intelligence

New Tool Made by Microsoft and Mitre Emulates Attacks on Machine Learning Systems

Microsoft and Mitre release Arsenal plugin to help cybersecurity professionals emulate attacks on machine learning (ML) systems.

Microsoft and Mitre have announced the release of a new tool designed to help cybersecurity professionals emulate attacks on machine learning (ML) systems.

Called Arsenal, the tool is a plugin for the Mitre ATLAS (Adversarial Threat Landscape for Artificial-Intelligence Systems) framework, a knowledge base of adversarial tactics, techniques, and case studies.

ATLAS is meant to raise awareness of the threats to ML systems, while Arsenal helps cybersecurity researchers store and create adversarial tactics, techniques, and procedures (TTPs) defined in ATLAS to interface with CALDERA, the cybersecurity platform that automates adversary emulation.

Arsenal uses Microsoft’s Counterfit automation tool for running artificial intelligence (AI) security risk assessments as an automated adversarial attack library and enables CALDERA to emulate attacks using the Counterfit library.

The integration of Arsenal into CALDERA is expected to help researchers identify novel vulnerabilities in the building blocks of ML workflows and come up with protections to prevent exploitation of ML systems.

At the moment, Arsenal includes a limited number of adversary profiles, based on publicly available information. Microsoft and Mitre plan to add new techniques and adversary profiles as researchers document new attacks on ML systems.

Arsenal can be used on systems running Ubuntu 18.04 or 20.04 and requires Python versions 3.7 or higher to work.

Advertisement. Scroll to continue reading.

“As the world looks to AI to positively change how organizations operate, it’s critical that steps are taken to help ensure the security of those AI and machine learning models that will empower the workforce to do more with less of a strain on time, budget and resources,” Microsoft program manager Ram Shankar said.

Related: SecurityWeek Cyber Insights 2023 | Artificial Intelligence

Related: Microsoft, MITRE Release Adversarial Machine Learning Threat Matrix

Related: Are Artificial Intelligence and Machine Learning Just a Temporary Advantage to Defenders?

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Artificial Intelligence

ChatGPT is increasingly integrated into cybersecurity products and services as the industry is testing its capabilities and limitations.

Artificial Intelligence

The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.