当前位置:首页 > 报告详情

安全港湾还是险恶水域:揭示 PyTorch 中 TorchScript 引擎的隐藏风险(预录制).pdf

上传人: 竿*** 编号:981923 2025-11-29 125页 18.42MB

1、#BHUSA BlackHatEventsSafe Harbor or Hostile Waters:Unveiling the Hidden Perils of the TorchScriptEngine in PyTorchJian Zhou,Lishuo Song1#BHUSA BlackHatEventsJian ZhouSecurity Engineer from Alibaba CloudTwitter:azraelxuemoLishuo SongSecurity Engineer from Alibaba CloudTwitter:ret2ddmeAbout Us2#BHUSA

2、BlackHatEventsIntroduction&BackgroundWhere It All BeganTorchScript 101How weights_only WorksDefense&SummaryThe ImpactAgenda3#BHUSA BlackHatEventsIntroduction to PyTorch4#BHUSA BlackHatEventsWhat Is PyTorch?5#BHUSA BlackHatEventsPyTorch Key Use Cases6#BHUSA BlackHatEventsML Frameworks7#BHUSA BlackHat

3、EventsMarket Sharehttps:/ BlackHatEventsWhere It All Began9#BHUSA BlackHatEventsInitially,Use Pickle to Save Model10#BHUSA BlackHatEventsPickle Is Not Safehttps:/docs.python.org/3/library/pickle.htmlhttps:/docs.python.org/3/library/pickle.html11#BHUSA BlackHatEventsCommunity Discussionhttps:/ BlackH

4、atEventsIntroducing weights_only Parameterhttps:/ BlackHatEventsImplementation14#BHUSA BlackHatEventsTry It Out:weights_only=False15#BHUSA BlackHatEventsTry It Out:weights_only=True16#BHUSA BlackHatEventshttps:/ Security Statement17#BHUSA BlackHatEventsCommunity Trust in weights_only:A Case Studyhtt

5、ps:/ BlackHatEventshttps:/ BlackHatEventsFollow the Crowd?20#BHUSA BlackHatEventsHow weights_only Works21#BHUSA BlackHatEvents Before we analyze how weights_only is implemented,we need to understand how pickle works.22#BHUSA BlackHatEventsload_global23#BHUSA BlackHatEventsload_unicode&load_tuple124#

6、BHUSA BlackHatEventsload_reduce25#BHUSA BlackHatEvents How does weights_only address this issue?26#BHUSA BlackHatEventsRestricted load_global27#BHUSA BlackHatEventsRestricted load_reduce28#BHUSA BlackHatEventsHow to Bypass?29#BHUSA BlackHatEventsNo Useful Results from Whitelist Analysis30#BHUSA Blac

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
根据《Safe Harbor or Hostile Waters: Unveiling the Hidden Perils of the TorchScript Engine in PyTorch》一文,以下是全文关键点: 1. **PyTorch模型安全问题**:文章揭示了PyTorch中TorchScript引擎的安全隐患,特别是通过pickle加载模型时可能存在的安全风险。 2. **weights_only参数**:介绍了weights_only参数的引入及其在防御模型安全风险中的作用。 3. **TorchScript工作原理**:详细解释了TorchScript如何将PyTorch代码转换为可执行格式,以及其中的安全机制和潜在漏洞。 4. **CVE-2025-32434**:提到了一个具体的漏洞CVE-2025-32434,该漏洞允许攻击者通过特定的模型加载方式执行任意代码。 5. **防御建议**:提出了从模型格式、模型社区和用户角度出发的安全加固建议,包括使用更安全的格式、扫描恶意模型以及避免加载不可信模型等。
安全港还是险滩?" "TorchScript引擎风险大揭秘!" 如何防范未知威胁?"
客服
商务合作
小程序
服务号
折叠