Brought to the limelight, the product team behind the [REDACTED]'s "AI-powered synthesized media app" was looking for a high-profile and heavy cover for their technology and got it by applying the defence in depth approach to protect their IP and sensitive parts of dataflow.
While 2020-2021 struck the globe with the COVID-19 pandemic and lockdown limitations, this media application disrupted the social isolation phenomenon and shapeshifted new selfie culture with “synthetically altered versions of people”. The simple and fun idea was to let users get in someone's shoes by seamlessly putting their face on top of people from popular movies, sports or music videos, memes, pictures, etc.
Protecting unique IP (ML models) against leakage and misuse.
Soon after the launch in 2020, this highly sophisticated and powerful machine learning technology enjoyed tremendous viral growth and popularity. The app was downloaded hundreds of millions of times both by iOS and Android users, made them excited with next-gen personalized content provided in no time, and won top-5 app charts in dozens of countries around the world.
The team faced the need to optimise the system design under load, meanwhile, their app became an object of envy for attackers and plagiarism.
Overnight success turned into a challenge: how to secure this state-of-the-art tech without affecting the team and app performance, and stay adamant in meeting data security requirements for IP and PII. The team needed help in building specialized security defences to protect their ML models, APIs, and security coverage of the sensitive data life cycle across their apps, services, databases, and data lakes.
After careful study of companies that design security systems and work with cryptography, they asked Cossack Labs’ engineers for security advisory and engineering.
Designed IP protection system for TensorFlow models should minimize their lifetime and make them difficult to misuse.
Security measures should be seamlessly integrated across mobile apps, API, and backend infrastructure.
Cryptographic layer should work across platforms and be easy to maintain, giving the Customer's team the necessary flexibility for improving their product.
Cossack Labs’ approach
Shotgun judgments and immediate decisions only do harm when trying to solve novel sophisticated problems. To make sure that we're focusing on issues that are of real relevance and priority to the Customer's business model, we started from risk assessment and threat modelling.
At this stage, the Customer's team got equipped with a risk analysis of their applications and infrastructure specific needs, as well as a security strategy, all allowing them to prioritize security measures.
Then, together with the app team, we've focused on incorporating security into all steps of SDLC: designing a well-rounded set of security controls and processes that enable IP protection, PII protection, and application security.
Cossack Labs’ solution
We’ve designed and built defence in depth security measures focused on ML models protection against IP leakage and reverse engineering techniques.
We built a cryptographic system with multi-layered encryption and a tailored key scheme. The cryptographic layer uses a combination of symmetric and asymmetric primitives (HPKE-like scheme), as well as a number of supporting crypto-schemes for various parts of the ML flow.
To decrease server-side load and prevent building a complicated PKI architecture, we designed an elegant key management scheme using ephemeral keys. The cryptographic system is based on a free open-source cryptographic library Themis that provides a single API across programming languages while hiding cryptographic details under the hood. The resulting scheme provides DRM-like access control for ML models.
Since nothing exists in a vacuum, we made sure that new IP protection controls rely on a solid foundation: improved API security and user authentication, and co-designed the anti-fraud system, which addresses both security concerns and prevents resource spending on malicious users.
We provided security recommendations helping to follow the defence in depth approach for sensitive parts of dataflow, to cover the applicable security standards (like OWASP MASVS 1.3 L2 & R), and to prioritise security work based on risks&threats profile of the company.
Products and services involved
We’ve built risk, threat and trust models, analysed and prioritised attack vectors, planned security controls, and assisted with implementation and verification of controls.
We've designed cryptographic protocol and key management layout for ML models encryption, assisted with implementation and verification.
We've recommended numerous platform-specific security controls for mobile apps, assisted in improving backend API security and designing the anti-fraud system for protection against malicious users.
Themis is a cross-platform high-level open-source cryptographic library. We used Themis as a building block for cryptographic protocol, focusing on the data flow and performance while having cryptography covered.
Results and outcomes
The resulting IP protection system is multi-layered and runs through applications and gateways of the Customer's systems. It designed to stay out of sight and not introduce any unnecessary discomforts for developers and end-users.
In contrast with many features, security is a context-dependent non-functional requirement that is not something that could be "finally done". Integrating security into the existing system often leads to re-engineering and optimizing some parts of the application, improving it from both security and UX point of view.
As a result of our engagement, the engineering team behind the Customer's app had the experience of building cross-platform sophisticated security controls that mitigate risks of IP leakage and misuse.
The designed data security solution provides a solid foundation to cover compliance requirements, as well as data privacy regulations, and is built to grow together with the project's upgrowth.