Balázs Kiss

A hundred ways to wreck your AI - the (in)security of machine learning systems

Loading a pre-trained model can lead to remote code execution. Learn how the `pickle` format creates a massive security hole in your AI supply chain.

A hundred ways to wreck your AI - the (in)security of machine learning systems
#1about 4 minutes

The security risks of AI-generated code

AI systems can generate code quickly but may introduce vulnerabilities or rely on outdated practices, highlighting that all AI systems are fundamentally code and can be exploited.

#2about 5 minutes

Fundamental AI vulnerabilities and malicious misuse

AI systems are prone to classic failures like overfitting and can be maliciously manipulated through deepfakes, chatbot poisoning, and adversarial patterns.

#3about 1 minute

Exploring threat modeling frameworks for AI security

Several organizations like OWASP, NIST, and MITRE provide threat models and standards to help developers understand and mitigate AI security risks.

#4about 6 minutes

Deconstructing AI attacks from evasion to model stealing

Attack trees categorize novel threats like evasion with adversarial samples, data poisoning to create backdoors, and model stealing to replicate proprietary systems.

#5about 2 minutes

Demonstrating an adversarial attack on digit recognition

A live demonstration shows how pre-generated adversarial samples can trick a digit recognition model into misclassifying numbers as zero.

#6about 5 minutes

Analyzing supply chain and framework security risks

Security risks extend beyond the model to the supply chain, including backdoors in pre-trained models, insecure serialization formats like Pickle, and vulnerabilities in ML frameworks.

#7about 1 minute

Choosing secure alternatives to the Pickle model format

The HDF5 format is recommended as a safer, industry-standard alternative to Python's insecure Pickle format for serializing machine learning models.

Related jobs
Jobs that call for the skills explored in this talk.

Matching moments

New security vulnerabilities and monitoring for AI systems
02:17 MIN

New security vulnerabilities and monitoring for AI systems

The State of GenAI & Machine Learning in 2025

Navigating the new landscape of AI and cybersecurity
09:15 MIN

Navigating the new landscape of AI and cybersecurity

From Monolith Tinkering to Modern Software Development

The complex relationship between AI and cybersecurity
09:15 MIN

The complex relationship between AI and cybersecurity

Panel: How AI is changing the world of work

The dual nature of machine learning's power
04:53 MIN

The dual nature of machine learning's power

Machine Learning: Promising, but Perilous

Understanding the fundamental security risks in AI models
03:28 MIN

Understanding the fundamental security risks in AI models

Can Machines Dream of Secure Code? Emerging AI Security Risks in LLM-driven Developer Tools

Understanding AI security risks for developers
03:35 MIN

Understanding AI security risks for developers

The AI Security Survival Guide: Practical Advice for Stressed-Out Developers

Understanding the current state of AI security challenges
04:09 MIN

Understanding the current state of AI security challenges

Delay the AI Overlords: How OAuth and OpenFGA Can Keep Your AI Agents from Going Rogue

The security risks of AI agents and generated code
02:13 MIN

The security risks of AI agents and generated code

Five things in tech that matter and we have to make work

Featured Partners

Related Videos

See all videos
Machine Learning: Promising, but Perilous
27:19

Machine Learning: Promising, but Perilous

Nura Kawa

Hacking AI - how attackers impose their will on AI
27:02

Hacking AI - how attackers impose their will on AI

Mirko Ross

Skynet wants your Passwords! The Role of AI in Automating Social Engineering
31:19

Skynet wants your Passwords! The Role of AI in Automating Social Engineering

Wolfgang Ettlinger & Alexander Hurbean

Staying Safe in the AI Future
27:26

Staying Safe in the AI Future

Cassie Kozyrkov

The AI Security Survival Guide: Practical Advice for Stressed-Out Developers
30:36

The AI Security Survival Guide: Practical Advice for Stressed-Out Developers

Mackenzie Jackson

The AI Elections: How Technology Could Shape Public Sentiment
30:02

The AI Elections: How Technology Could Shape Public Sentiment

Martin Förtsch & Thomas Endres

How AI Models Get Smarter
35:16

How AI Models Get Smarter

Ankit Patel

ChatGPT, ignore the above instructions! Prompt injection attacks and how to avoid them.
27:32

ChatGPT, ignore the above instructions! Prompt injection attacks and how to avoid them.

Sebastian Schrittwieser

Related Articles

View all articles
Chris Heilmann
Exploring AI: Opportunities and Risks for Developers
In today's rapidly evolving tech landscape, the integration of Artificial Intelligence (AI) in development presents both exciting opportunities and notable risks. This dynamic was the focus of a recent panel discussion featuring industry experts Kent...
Exploring AI: Opportunities and Risks for Developers
Chris Heilmann
WWC24 Talk - Scott Hanselman - AI: Superhero or Supervillain?
Join Scott Hanselman at WWC24 to explore AI's role as a superhero or supervillain. Scott shares his 32 years of experience in software engineering, discusses AI myths, ethical dilemmas, and tech advancements. Engage with his live demos and insights o...
WWC24 Talk - Scott Hanselman - AI: Superhero or Supervillain?
Chris Heilmann
Dev Digest 112 - The True Crime of AI Development
In last Friday's Dev Digest, we had some great AI news, some worrying security threats and a swipe-aware game in CSS with explanations! News and ArticlesLet's kick off with some AI news. Netflix caused a stir with AI-generated images in a true crime ...
Dev Digest 112 - The True Crime of AI Development

From learning to earning

Jobs that call for the skills explored in this talk.

AI Software Engineer

AI Software Engineer

DTS Systeme GmbH

Docker
Kubernetes
Microservices
Machine Learning
Software Architecture