Matomo

Security of AI/ML systems, ML model security - Cossack Labs

🇺🇦 We stand with Ukraine, and we stand for Ukraine. We offer free assessment and mitigation services to improve Ukrainian companies security resilience.

Read more
Cossack Labs
search
Solution

AI/ML systems security

AI/ML is essential for modern businesses. It includes analysing customer behaviour and using data processing methods to deliver new value to customers. Novel technologies bring novel threats or exacerbate existing ones, and since they’re data-related and math-heavy, we’re often asked by our customers to help tackle them.

We design and build cryptographic solutions for AI/ML-driven businesses, including ML model security, DRM-like schemes and protecting ML models against reverse engineering attacks.

Typical challenges for AI/ML security

//

Hard to balance

Data engineers want more real-world data to train their models, to run analytics. While security team wants to use minimum production data.

//

Protecting ML models

When a unique competitive advantage is condensed in the ML model or any sophisticated data processing contraption, it becomes a sensitive security asset which requires protection.

//

Customer privacy rights

ML-driven products often deal with sensitive consumer data and trigger privacy concerns that require tweaking ML architecture to get it right.

//

Data security concerns

ML needing to operate on sensitive data under complex security constraints requires building security inside ML infrastructure and around it.

Modern solutions

ML model security

DRM security schemes for ML models to run only on authorized applications without risks of leakage.

Differential privacy

Applying various privacy models (differential privacy, K-anonymity) to practical goals requires careful planning, implementation and validation.

Inference/statistical security

Understanding statistical security consequences and other indirect security risks and building data processing that mitigates those risks.

Tools and services we offer

To be announced

To be announced

There's a product that we're preparing to address ML models security – Please stay tuned for further announcements.

Read more
Themis

Themis

A cross-platform cryptographic library for mobile, web, and server platforms, which solves 90% of typical data protection use cases that are common for most apps. Themis helps to integrate application level encryption fast and easy.

Read more
DRM-like ML-models protection

DRM-like ML-models protection

We’ve designed, implemented and co-maintained encryption-based protection with backend authorization for ML models that run on mobile applications, using CoreML, pytorch, TensorFlow.

Differential privacy systems

Differential privacy systems

We’ve designed differential privacy and statistical security-based data protection systems that respect individual GDPR rights while performing data processing.

Protection against statistical attacks

Protection against statistical attacks

We assist building anonymous de-identification schemes that enable statistical security against traditional and ML classification efforts with huge datasets.

Pragmatic security

Pragmatic security

Oftentimes, tools and methods are well-known, but having enough security experience to choose appropriate controls is what sets good ML security from "we've tried something".

Have a question? Get a human to answer it!

How we make a difference

Vast experience and expertise

As a cryptographic R&D team, we've built custom data security controls in different contexts, and have vast expertise in understanding practical threat models and failure scenarios, and designing sound security controls against them.

Relevant experience in ML

We’ve done security for award-winning ML products that are used by tens of millions of users, sophisticated industrial data-mining solutions and planet-wide services.

Built to last

Our approach is based on backwards compatibility, maintainability and support. You never lose encrypted data because some npm package became outdated.

For innovators, by innovators

We've started Cossack Labs to develop new tools and methods for protecting the data and enabling novel solutions to emerging problems — so that at the edge of your innovation, you’ve already got fitting tools handy.

Contact us

There are many ways we can help: with our products, bespoke solutions, and engineering services. Leave your contact information to connect with our team:

Relevant customer story

Сryptographic IP protection for AI/ML product
Сryptographic IP protection for AI/ML product ML & TensorFlow

AI/ML

Сryptographic IP protection for AI/ML product

Protecting unique IP (ML models) against leakage and misuse using multi-layered encryption on ephemeral keys.

Read story

Relevant blogposts

Security of React Native libraries: the bad, the worse and the ugly

Security of React Native libraries: the bad, the worse and the ugly

How to select a secure React Native library for your app. Sort out improper platform usage, easy to misuse API, deprecated and abandoned libraries – check our research of the React Native ecosystem security.

Secure Search Over Encrypted Data

Secure Search Over Encrypted Data

What is searchable encryption and how to perform secure search over encrypted data.

Security logs: cryptographically signed audit logging for data protection

Security logs: cryptographically signed audit logging for data protection

Why crypto signed audit logs are essential for security software and how we’ve built-in secure audit logging in Acra for defense in-depth.

Contact us

Get whitepaper