Hacker News

Yu kin rivεs εnjinia wi nyural nεtwכk?

Kɔmɛnt dɛn

19 min read Via blog.janestreet.com

Mewayz Team

Editorial Team

Hacker News

Di Growing Threat of Nyural Nɛtwɔk Rivas Ɛnjinia — Ɛn Wetin I Min fɔ Yu Biznɛs

Insay 2024, risechar dɛm na wan big yunivasiti sho se dɛn kin rikostrɔk di intanɛnt akitɛkɛt fɔ wan prɔpriet big langwej mɔdel we dɛn yuz natin pas in API rispɔns ɛn roughly $2,000 valyu fɔ kɔmpyutayt. Di ɛkspiriɛns sɛn shɔkwev tru di AI industri, bɔt di implikashɔn dɛn rich fa fawe pas Silicon Valley. Ɛni biznɛs we de diploy mashin lanin mɔdel — frɔm frod ditekshɔn sistem to kɔstɔma rɛkɛmɔndeshɔn injin — naw de fes wan kwɛstyɔn we nɔ kɔmfyut: sɔmbɔdi kin tif di intɛlijɛns we yu spɛn mɔnt fɔ bil? Nyural nɛtwɔk rivas injinɛri nɔto tiori risk igen. Na prɛktikal, atak vektɔ we de akses mɔ ɛn mɔ we ɛvri ɔganayzeshɔn we teknɔlɔji de drɛb nid fɔ ɔndastand.

Wetin Nyural Nɛtwɔk Rivas Ɛnjinia Rili Luk

Rivas injinɛri nyural nɛtwɔk nɔ nid fɔ gɛt fizik akses to di sava we de rɔn am. Bɔku tɛm, di wan dɛn we de atak kin yuz wan tɛknik we dɛn kɔl mɔdel ɛkstrakshɔn, usay dɛn kin aks wan mɔdel in API sistamatically wit input dɛn we dɛn tek tɛm mek, dɔn dɛn kin yuz di autput dɛn fɔ tren wan kɔpi we nia di sem. Wan 2023 stɔdi we dɛn pul na USENIX Security sho se atak pipul dɛn kin kɔpi di disizhɔn bɔda dɛn fɔ kɔmɛshɔnal imej klasafayda dɛn wit ɔva 95% fideliti we dɛn de yuz smɔl pas 100,000 kwɛstyɔn dɛn — wan prɔses we nɔ de kɔst less dan sɔm ɔndrɛd dɔla pan API fi.

Bifo ekstrakshɔn, mɔdel invashɔn atak dɛn de, we de wok na di ɔpɔzit dairekshɔn. Insted fo kopi di model, atak pipul dem rikonstrukt di trenin data sef. If yu nyural nɛtwɔk bin tren pan kɔstɔma rɛkɔd, prɔpriet prayz strateji, ɔ intanɛnt biznɛs mɛtrik, wan saksesful invashɔn atak nɔ jɔs de tif yu mɔdel — i de ɛksplɔz di sɛnsitiv data we dɛn bek insay in wet dɛn. Wan tɔd kategori, mɛmbaship infɔmeshɔn atak, de alaw ɛnimi dɛn fɔ no if wan patikyula data pɔynt bin de pat pan di trenin sɛt, we de mek dɛn gɛt siriɔs prɔblɛm wit prayvet pat ɔnda rigyuleshɔn dɛn lɛk GDPR ɛn CCPA.

Di kɔmɔn trɛd na dat di "blak bɔks" asɔmpshɔn — di aidia se fɔ diploy wan mɔdel biɛn wan API de kip am sef — na fondamɛnt wan brok. Ɛvri prɛdikshɔn we yu mɔdel de ritɔn na data pɔynt we atak pɔsin kin yuz agens yu.

Wetin Mek Biznɛs Dɛn Fɔ Kia Mɔ Pas wetin Dɛn De Du Naw

Mɔst ɔganayzeshɔn dɛn kin pe atɛnshɔn pan dɛn sayba sikyɔriti badjɛt pan nɛtwɔk perimita, ɛndpɔynt protɛkshɔn, ɛn data ɛnkripshɔn. Bɔt di intɛlekchual prɔpati we dɛn ɛmbas insay wan tren nyural nɛtwɔk kin ripresent mɔnt dɛn fɔ R&D ɛn bɔku bɔku divɛlɔpmɛnt kɔst. We kɔmpitishɔn ɔ bad bad aktɔ pul yu mɔdel, dɛn kin gɛt ɔl di valyu fɔ yu risach we nɔ gɛt ɛni wan pan di spɛns. Akɔdin to IBM in 2024 Kɔst ɔf wan Data Brech ripɔt, di avɛrej brech we involv AI sistɛm dɛn kɔst ɔganayzeshɔn dɛn $5.2 milyɔn — 13% ay pas brech we nɔ involv AI ɛset.

Di risk kin rili bad fɔ smɔl ɛn mid-sayz biznɛs. Ɛntaprayz kɔmni dɛn kin ebul fɔ pe fɔ dediket ML sikyɔriti tim dɛn ɛn kɔstɔm infrastukchɔ. Bɔt di nɔmba we de gro fɔ SMB dɛn we de intagret mashin lanin insay dɛn ɔpreshɔn — ilɛksɛf na fɔ lida skɔring, dimand fɔkɔs, ɔ ɔtomatik kɔstɔma sɔpɔt — bɔku tɛm de diploy mɔdel dɛn wit smɔl sikyɔriti hardening. Dɛn de abop pan tɔd-pati pletfɔm dɛn we kin impruv ɔ nɔ kin impruv di rayt protɛkshɔn.

Di asɔmpshɔn we denja pas ɔl na AI sikyɔriti na dat kɔmplisiti ikwal to protɛkshɔn. nyural nεtwכk wit 100 miliכn paramita dεm nכ inhεrentli sef pas wan we gεt 1 miliכn — wetin impɔtant na aw yu de kכntrol akses to in input εn autput dεm.

Fayv Praktikal Difens Agens Mɔdal Tif

Fɔ protɛkt yu nyural nɛtwɔk nɔ nid fɔ gɛt PhD pan advasarial mashin lanin, bɔt i nid fɔ disayd fɔ akitɔk bay wilful. Di strateji dɛn we de kam biɛn ya de sho di bɛst we aw ɔganayzeshɔn dɛn lɛk NIST ɛn OWASP dɔn rɛkɔmɛnd fɔ mek dɛn sikyurɛt di ML mɔdel dɛn we dɛn dɔn yuz.

    we dɛn kɔl
  • Rɛt limit ɛn kwɛstyɔn badjɛt: Kap di nɔmba fɔ API kɔl ɛni singl yuza ɔ ki kin mek insay wan givɛn tɛm winda. Mɔdal ɛkstrakshɔn atak dɛn nid tɛn tawzin kwɛstyɔn dɛn — agresiv rɛt limit de mek big-big ɛkstrakshɔn nɔ prɛktikal we yu nɔ rayz alam.
  • Autput perturbation: Ad kɔntrol nɔys to mɔdel prɛdikshɔn. insted fכ riton prεsis kכnfidεns skכ dεm (e.g., 0.9237), rawnd to kכs intaval (e.g., 0.92). Dis de kip yusabiliti we i de dramatikli inkrisayz di nɔmba fɔ di kwɛstyɔn dɛn we pɔsin we atak nid fɔ rikostrɔk yu mɔdel.
  • Watamak: Ɛmbad sayn dɛn we yu nɔ kin no insay yu mɔdel in bihayvya — spɛshal input-ɔtput pe dɛn we de wok lɛk finga prɛnt. If wan tif kɔpi fɔ yu mɔdel kɔmɔt, watamak dɛn de gi fɔrɛns pruf fɔ tif.
  • Difrɛns prayvet pat we yu de tren: Injɛkt mɛtemat nɔys we yu de tren insɛf. Dis provably limits aw bɔku infɔmeshɔn bɔt ɛni individyual trenin ɛgzampul de lik tru di mɔdel in prɛdikshɔn, difend agens ɔl tu invashɔn ɛn mɛmbaship infɔmeshɔn atak.
  • Monitoring ɛn anomaly detection: Trak API yus patɛn fɔ sayn dɛm fɔ sistamɛtik probing. Ekstrakshɔn atak dɛn de jenarayz difrɛn kwɛstyɔn distribyushɔn dɛn we nɔ tan lɛk natin lɛk lɛjitimɛnt yuza trafik — ɔtomatik alɛt dɛn kin flag saspek bihayvya bifo atak sakses.

We yu impruv ivin tu ɔ tri pan dɛn tin ya, i de mek di kɔst ɛn di difikulti fɔ atak go ɔp bay ɔda magnitud. Di gol nɔto pafɛkt sikyɔriti — i de mek ɛkstrakshɔn ikɔnomik irɛshɔnal kɔmpia to bil wan mɔdel frɔm skrach.

Di Rol we Opareshɔnal Infrastrakchɔ de du na AI Sikyuriti

Wan dimɛnshɔn we dɛn kin ɔverluk insay tɔk bɔt mɔdel sikyɔriti na di brayt ɔpreshɔnal ɛnvayrɔmɛnt. Nyural nɛtwɔk nɔ de insay aysolɛshɔn — i de kɔnɛkt to database, CRM sistem, bil pletfɔm, wokman rɛkɔd, ɛn kɔstɔma kɔmyunikeshɔn tul dɛn. Wan atak pɔsin we nɔ ebul fɔ rivas injinia yu mɔdel dairekt wan kin insted tɔch di data paip layn dɛn we de fid am, di API dɛn we de it in autput dɛn, ɔ di biznɛs sistɛm dɛn we de kip in prɛdikshɔn dɛn.

Dis na usay fɔ gɛt wanwɔd ɔpreshɔnal pletfɔm kin bi tru tru sikyɔriti advantej pas fɔ jɔs bi kɔvinant. We biznɛs dɛn stich togɛda dɔzɛn diskɔnekt SaaS tul dɛn, ɛni intagreshɔn pɔynt kin bi pɔtɛnɛshɛl atak sɔfays. Mewayz adrɛs dis bay we i kɔnsolidɛt 207 biznɛs mɔdyul dɛn — frɔm CRM ɛn invoys to HR ɛn analitiks — insay wan singl pletfɔm wit sɛntralayz akses kɔntrol ɛn ɔdit lɔg. Insted fɔ sikyurɛt fayvtin difrɛn tul dɛn wit fayvtin difrɛn pɔmishɔn mɔdel dɛn, tim dɛn de manej ɔltin frɔm wan dashbɔd.

Fɔ ɔganayzeshɔn dɛn we de diploy AI kapabiliti, dis kɔnsolidɛshɔn min se nɔto bɔku data handoff bitwin sistem dɛn, smɔl API ki dɛn we de flot insay kɔnfigyushɔn fayl dɛn, ɛn wan singl pɔynt fɔ ɛnfɔsmɛnt fɔ akses polisi dɛn. We yu kɔstɔma data, ɔpreshɔnal mɛtrik, ɛn biznɛs lɔjik ɔl de liv insay wan gɔvmɛnt ɛnvayrɔmɛnt, di atak sɔfa fɔ data ɛksfiltrɛshɔn — di raw matirial fɔ mɔdel invashɔn atak — de shrink bɔku.

💡 DID YOU KNOW?

Mewayz replaces 8+ business tools in one platform

CRM · Invoicing · HR · Projects · Booking · eCommerce · POS · Analytics. Free forever plan available.

Start Free →

Ral-Wɔl Insidɛnt dɛn we Chenj di Kɔnvɔshɔn

Insay 2022, wan fintek statap bin kam fɔ no se wan kɔmpitɛt bin dɔn lanch wan nia-idɛntik kredit skɔring prodak jɔs et mɔnt afta di statap in yon lanch. Intanɛt analisis sho se di kɔmpitɛta bin dɔn de aks di statap in skɔring API fɔ mɔnt, yuz di ansa dɛn fɔ tren wan riplik mɔdel. Di statap nɔ bin gɛt ɛni ret limitin, i bin de ritɔn ful prɔbabiliti distribyushɔn, ɛn i nɔ bin de mentɛn ɛni kwɛstyɔn lɔg we go ebul fɔ sɔpɔt ligal akshɔn. Di kɔmpitishɔn nɔ bin gɛt ɛni kɔnsikuns.

I nɔ tu te yet, insay let 2024, sikyɔriti risach pipul dɛn sho wan tɛknik we dɛn kɔl "sayd-chanɛl mɔdel ɛkstrakshɔn" we yuz difrɛns pan di tɛm we dɛn de yuz API ansa dɛn — aw lɔng di sava tek fɔ ritɔn rizɔlt fɔ difrɛn input dɛn — fɔ infɛr di mɔdel in intanɛnt strɔkchɔ we dɛn nɔ ivin analayz di prɛdikshɔn dɛnsɛf. Di atak bin wok agens di mɔdel dɛn we dɛn bin dɔn diploy pan ɔl di tri men klawd prɔvayda dɛn ɛn i nɔ bin nid spɛshal akses pas wan standad API ki.

Dɛn tin ya we de apin de ɔndaskayn wan impɔtant pɔynt: di trɛt de evolv fast pas bɔku ɔganayzeshɔn dɛn difens. Di teknik dɛm we dɛn bin de tek as kɔt-ɛj risach tri ia bifo naw de as opin-sɔs tulkit na GitHub. Biznɛs dɛm we de trit mɔdal sikyɔriti as fiuja kɔnsyans dɔn ɔlrɛdi biɛn.

Bil wan Sikyuriti-Fɔs AI Kalchar

Teknɔlɔji nɔmɔ nɔ de sɔlv dis prɔblɛm. Ɔganayzeshɔn dɛn nid fɔ bil wan kɔlchɔ usay dɛn de trit AI ɛset dɛn wit di sem siriɔs tin lɛk sɔs kɔd, tred sikrit, ɛn kɔstɔma database. Dis kin stat wit invɛntari — bɔku kɔmni dɛn nɔ kin ivin kip wan kɔmplit list fɔ us mɔdel dɛn de diploy, usay dɛn kin akses, ɛn udat gɛt API akses. Yu nɔ go ebul fɔ protɛkt wetin yu nɔ no se de.

Krɔs-fɔnshɔnal kɔlabɔreshɔn impɔtant. Data sayɛnsman dɛn nid fɔ ɔndastand advasarial trɛt. Di sikyɔriti tim dɛn nid fɔ ɔndastand aw mashin lanin paip dɛn de wok. Prodakt manija dɛn nid fɔ mek di disizhɔn dɛn we dɛn no bɔt wetin infɔmeshɔn mɔdel API dɛn de ɛksplɔz. Rɛgyula "rɛd tim" ɛgzampul — usay intanɛnt tim dɛn kin tray fɔ pul ɔ invayt yu yon mɔdel dɛn — de sho di vulnerabilities bifo ɛksternal atak pipul dɛn du am. Kɔmni dɛn lɛk Google ɛn Microsoft de rul dɛn ɛgzampul ya ɛvri tri mɔnt; no rizin nɔ de fɔ mek smɔl ɔganayzeshɔn dɛn nɔ ebul fɔ adopt simpul vɛshɔn dɛn.

Platfɔm dɛn lɛk Mewayz we de briŋ ɔpreshɔnal data ɔnda wan ruf de mek am izi bak fɔ ɛnfɔs data gɔvmɛnt polisi dɛn we de impɔk AI sikyɔriti dairekt wan. We yu kin trak udat akses us kɔstɔma sɛgmɛnt, ustɛm dɛn bin jenarayz analitik ripɔt, ɛn aw data de flɔ bitwin mɔdyul dɛn, yu bil di kayn ɔbshɔbibiliti we de mek ɔl tu di data ɛkstrakshɔn we dɛn nɔ alaw ɛn di tif we dɛn de tif di mɔdel rili at fɔ ɛksɛkutiv we dɛn nɔ detekt.

Wetin De Kam Nɛks: Rigyuleshɔn, Stɛndad, ɛn Pripia

Di rigyuletɔri land skay de kech ɔp. Di EU AI Akt, we bin ɛnta ɛnfɔsmɛnt insay stej dɛn we bigin insay 2025, inklud prɔvishɔn dɛn we de arawnd mɔdal transparency ɛn sikyɔriti we go mek ɔganayzeshɔn dɛn sho se dɛn dɔn tek rizin step fɔ protɛkt AI sistɛm dɛn frɔm tampering ɛn tif. Insay Amɛrika, NIST in AI Risk Manejmɛnt Framwɔk (AI RMF) naw de tɔk klia wan bɔt mɔdel ɛkstrakshɔn as trɛt kategori. Biznɛs dɛm we proaktiv fɔ adopt dɛn fremwɔk ya go si se fɔ fala di lɔ izi — ɛn dɛn go bɛtɛ pozishɔn fɔ difend dɛn AI invɛstmɛnt dɛm.

Di bottom layn na stret: nyural nɛtwɔk rivas injinɛri nɔto haypɔtɛtik trɛt we dɛn kip fɔ neshɔn-stet aktɔ dɛn. Na wan aksesbul, wɛl-dɔkyumɛnt tɛknik we ɛni kɔmpitishɔn ɔ malis aktɔ we gɛt maynd kin ɛksɛkutiv agens sistɛm dɛn we dɛn nɔ de difend fayn. Di biznɛs dɛn we de go bifo na di AI tɛm nɔ go jɔs bi di wan dɛn we de bil di bɛst mɔdel dɛn — dɛn go bi di wan dɛn we de protɛkt dɛn. Start wit akses kɔntrol, ɔtput pɔrtɔbishɔn, ɛn yuz monitarin. Bil pan wan yunifayd ɔpreshɔnal fawndeshɔn we de minimiz data sprawl. Ɛn trit yu tren mɔdel dɛn lɛk di ay-valyu ɛset dɛn we dɛn bi, bikɔs yu kɔmpitɛt dɛn go mɔs du am.

Kwɛshɔn dɛn we dɛn kin aks bɔku tɛm

Wetin na nyural nɛtwɔk rivas injinɛri?

Nyural nɛtwɔk rivas injinɛri na di prɔses fɔ analayz wan mashin lanin mɔdel in autput, API rispɔns, ɔ bihayvya patɛn fɔ rikostrɔk in intanɛnt akitɛkɛt, wet, ɔ trenin data. Atak pipul dɛn kin yuz tɛknik dɛn lɛk mɔdel ɛkstrakshɔn, mɛmbaship infɔmeshɔn, ɛn advasarial probing fɔ tif prɔpriet algɔritm dɛn. Fɔ biznɛs dɛn we de abop pan AI-driven tul dɛn, dis de mek siriɔs intɛlekchual prɔpati ɛn kɔmpitishɔn risk dɛn we de aks fɔ proaktiv sikyɔriti mɛsej.

Aw biznɛs dɛn go protɛkt dɛn AI mɔdel dɛn fɔ mek dɛn nɔ mek dɛn rivas injinɛri?

Ki difens inklud ret-limitin API kweshon, ad kontrכl noys to mכdel autput, monitar fכ suspicious akses patεn, εn yuz difrεnt prayvesi we yu de tren. Plɛtfɔm dɛn lɛk Mewayz, we na 207-mɔdyul biznɛs OS, de ɛp kɔmni dɛn fɔ sɛntralayz ɔpreshɔn ɛn ridyus ɛksplɔshɔn bay we dɛn de kip sɛnsitiv AI wokflɔ dɛn insay wan sikrit, yunifayd ɛnvayrɔmɛnt pas fɔ skata akɔdin to vulnerable tɔd-pati intagreshɔn dɛn.

Smɔl biznɛs dɛn de pan denja fɔ tif AI mɔdel?

Na so i bi. Risach pipul dεn dכn sho se mכdel εkstrakshכn atak dεm we de kכst lεk $2,000 insay kכmpyuta, we de mek i kכlכsכl εnibodi ebul fכ akses am. Smɔl biznɛs dɛn we de yuz kɔstɔm rɛkɔmɛndishɔn injin, prayz algɔritm, ɔ frod ditekshɔn mɔdel na atraktiv target dɛn jɔs bikɔs bɔku tɛm dɛn nɔ gɛt ɛntapraiz-grɛd sikyɔriti. Afɔdabul pletfɔm dɛn lɛk Mewayz, we de stat na $19/mo na app.mewayz.com, de ɛp smɔl tim dɛn fɔ impruv strɔng ɔpreshɔnal sikyɔriti.

Wetin a fɔ du if a sɔspɛkt se dɛn dɔn kɔmprɔmis mi AI mɔdel?

Start bay we yu de ɔdi API akses lɔg fɔ ɔnusual kwɛstyɔn volyum ɔ sistamɛtik input patɛn we de sho se yu fɔ tray fɔ pul am. Rotate API ki dɛn wantɛm wantɛm ɛn impruv strikt rɛt limit. Asɛs if di mɔdel autput dɛn dɔn apia na kɔmpitɛt prɔdak dɛn. Tink bɔt fɔ watamak di fiuja mɔdel vɛshɔn dɛn fɔ tray fɔ yuz we dɛn nɔ alaw, ɛn kɔl wan sayba sikyɔriti spɛshal pɔsin fɔ evalyu di ful skɔp fɔ di brech ɛn mek yu difens dɛn at.

Try Mewayz Free

All-in-one platform for CRM, invoicing, projects, HR & more. No credit card required.

Start Free Try Demo

Start managing your business smarter today

Join 30,000+ businesses. Free forever plan · No credit card required.

Start Free → Watch Demo
Found this useful? Share it.
X / Twitter LinkedIn Facebook WhatsApp

Ready to put this into practice?

Join 30,000+ businesses using Mewayz. Free forever plan — no credit card required.

Start Free Trial →

Related articles

Hacker News

The Raft Consensus Algorithm Explained Through "Mean Girls"

Apr 10, 2026

Hacker News

I still prefer MCP over skills

Apr 10, 2026

Hacker News

We've raised $17M to build what comes after Git

Apr 10, 2026

Hacker News

Microsoft PhotoDNA scanning problem

Apr 10, 2026

Hacker News

Apple's New iPhone Update Is Restricting Internet Freedom in the UK

Apr 10, 2026

Hacker News

How the Trivy supply chain attack harvested credentials from secrets managers

Apr 9, 2026

Ready to take action?

Start your free Mewayz trial today

All-in-one business platform. No credit card required.

Start Free →

14-day free trial · No credit card · Cancel anytime