Model Extraction Attacks

https://is1-ssl.mzstatic.com/image/thumb/Podcasts211/v4/2d/eb/68/2deb68c4-2f22-311e-86b5-86bdde7557d1/mza_13092477901838151059.jpg/600x600bb.jpg

AI Security Ops

Black Hills Information Security

33 episodes

22 hours ago

Join in on weekly podcasts that aim to illuminate how AI transforms cybersecurity—exploring emerging threats, tools, and trends—while equipping viewers with knowledge they can use practically (e.g., for secure coding or business risk mitigation). Brought to you by the experts at Black Hills Information Security https://blackhillsinfosec.com -------------------------------------------------- About Joff Thyer - https://blackhillsinfosec.com/team/joff-thyer/ About Derek Banks - https://blackhillsinfosec.com/team/derek-banks/ About Brian Fehrman - https://blackhillsinfosec.com/team/brian-fehrman/ About Bronwen Aker - https://blackhillsinfosec.com/team/bronwen-aker/ About Ben Bowman - https://blackhillsinfosec.com/team/ben-bowman/

All content for AI Security Ops is the property of Black Hills Information Security and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Education

News,

Tech News

https://img.transistorcdn.com/opG111ouz_1jOX0PwNYL3CJCTZhppRUETqlZ58yq1aM/rs:fill:0:0:1/w:1400/h:1400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS8zM2Q1/ZGRjN2RhMTIzNTNh/M2M0NzE5ODcxZmM3/MDFlYi5wbmc.jpg

Model Extraction Attacks | Episode 24

AI Security Ops

19 minutes

2 months ago

Model Extraction Attacks | Episode 24

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits –

https://poweredbybhis.com

Model Extraction Attacks | Episode 24
In this solo episode of BHIS Presents: AI Security Ops, Brian Fehrman explores the stealthy world of Model Extraction Attacks—where hackers clone your AI model without ever touching your code. Learn how adversaries can reverse-engineer your multimillion-dollar model simply by querying its API, and why this threat is more than just academic.

We break down:
- What model extraction is and how it works
- Real-world examples like DeepSeek’s alleged distillation of OpenAI models
- The risks to intellectual property, security, and sensitive data
- Defensive strategies including API throttling, output limiting, watermarking, and honeypots
- Legal and ethical questions around benchmarking vs. theft

Whether you're deploying LLMs or classification models, this episode will help you understand how attackers replicate model behavior—and what you can do to stop them.
If your AI is accessible, someone’s probably trying to copy it.

#AIsecurity #ModelExtractionAttacks #Cybersecurity #BHIS #LLMsecurity #AIthreats

----------------------------------------------------------------------------------------------

Joff Thyer - https://blackhillsinfosec.com/team/joff-thyer/

Derek Banks - https://www.blackhillsinfosec.com/team/derek-banks/

Brian Fehrman - https://www.blackhillsinfosec.com/team/brian-fehrman/

Bronwen Aker - http://blackhillsinfosec.com/team/bronwen-aker/

Ben Bowman - https://www.blackhillsinfosec.com/team/ben-bowman/

(00:00) - Intro & Sponsor Shoutouts
(01:19) - What Is a Model Extraction Attack?
(02:45) - Why Training a Model Is So Expensive
(05:42) - How Model Extraction Works
(07:11) - Why It Matters: IP, Security & Data Risks
(10:25) - What Makes Extraction Easier or Harder
(12:54) - Defenses: Monitoring, Watermarking & Privacy
(16:04) - What to Do If You Suspect an Attack
(16:29) - Legal & Ethical Questions Around Model Theft
(19:30) - Final Thoughts & Takeaways