

{"id":16075,"date":"2018-06-01T06:06:51","date_gmt":"2018-06-01T06:06:51","guid":{"rendered":"https:\/\/data-flair.training\/blogs\/?p=16075"},"modified":"2021-05-14T11:00:15","modified_gmt":"2021-05-14T05:30:15","slug":"tensorflow-security","status":"publish","type":"post","link":"https:\/\/data-flair.training\/blogs\/tensorflow-security\/","title":{"rendered":"TensorFlow Security &#8211; 5 Major Loopholes in TensorFlow"},"content":{"rendered":"<p><span style=\"font-weight: 400\">In our previous <strong>TensorFlow<\/strong> tutorial, we have seen\u00a0<strong>Convolutional Neural Network <\/strong>using TensorFlow. In this TensorFlow Security article, you will be looking at how to deal with the untrusted malicious programs (models) and the input data.<\/span><\/p>\n<p><span style=\"font-weight: 400\"> Further, you will be getting to know vulnerabilities of TensorFlow and how to report a vulnerability. Moreover, Security of TensorFlow includes major issues such as TensorFlow Models as programs, how to run untrusted models and accepting the untrusted input.<\/span><\/p>\n<p>So, let&#8217;s begin TensorFlow Security.<\/p>\n<h2><span style=\"font-weight: 400\">TensorFlow Models as Programs<\/span><\/h2>\n<p><span style=\"font-weight: 400\">TensorFlow has its own runtime system which interprets and executes its programs. The programs in TensorFlow are encoded as the computation graphs and stores the parameters separately as checkpoints.<\/span><\/p>\n<p><span style=\"font-weight: 400\">During the runtime, TensorFlow executes computation graph with the parameters given. The behavior of the graph may change depending upon the change in parameters. TensorFlow is not a sandbox in itself. While executing, TensorFlow may read and write files or send and receive the data over the network.<\/span><\/p>\n<p><span style=\"font-weight: 400\"> All of these tasks performed are done with the permission of the TensorFlow process. These things make TensorFlow a strong <strong>machine learning<\/strong> platform but it has its own effects on security.<\/span><\/p>\n<p><span style=\"font-weight: 400\">The TensorFlow models are same as programs and therefore need to be taken as such from TensorFlow Security perspective.<\/span><\/p>\n<h2><span style=\"font-weight: 400\">Running Untrusted Models\u00a0<\/span><\/h2>\n<p><span style=\"font-weight: 400\">There is a general saying that an untrusted model should first execute inside a sandbox. There are many possibilities for a model to become untrusted for instance if some untrusted party provides <strong>TensorFlow kernel<\/strong> or provides<strong> Python<\/strong> code required for TensorFlow graphs.<\/span><\/p>\n<p><span style=\"font-weight: 400\">Even if an untrusted party provides computation graph there are primitives available in TensorFlow which are powerful enough to prevent and execute the arbitrary code. But it is good to use sandboxes for the same.<\/span><\/p>\n<p><span style=\"font-weight: 400\">TensoFlow Security is determined by the computational graph whether user provided checkpoint is safe or not. Generally creating a computational graph with malicious checkpoints can trigger unusual and unsafe behaviour.<\/span><\/p>\n<h2><span style=\"font-weight: 400\">Accepting the Untrusted Input<\/span><\/h2>\n<p><span style=\"font-weight: 400\">One can design models that are secure by providing the models with the ability to safely process the untrusted inputs assuming that they do not have any bugs.<\/span><\/p>\n<p>A great way to analyze how any TensorFlow graph works, an interpreted programming language such as <strong>Python<\/strong>. One can write a safe Python code which can easily expose to the user given inputs but it is easy to write un-secure Python programs.<\/p>\n<p>By having a bug in Python interpreter or a bug in the user library can cause a damage to secure Python code.<\/p>\n<h2><span style=\"font-weight: 400\">Vulnerabilities in TensorFlow<\/span><\/h2>\n<p><span style=\"font-weight: 400\">TensorFlow is a very big complex system which depends on several third-party libraries for its use. Therefore, it is possible for TensorFlow or its libraries to contain vulnerabilities which might trigger unexpected behaviours by providing specific inputs.<\/span><\/p>\n<p><span style=\"font-weight: 400\">TensorFlow model can perform arbitrary computations which can read or write files or can communicate over a network. If the model performs other than these specifications then that behaviour can cause vulnerability. <\/span><\/p>\n<p><span style=\"font-weight: 400\">For instance, considering the FileWriter in TensorFlow writing files is a usual behaviour but MatMul allowing random binary code execution is a vulnerability.<\/span><\/p>\n<h2><span style=\"font-weight: 400\">Reporting a Vulnerability<\/span><\/h2>\n<p><span style=\"font-weight: 400\">Now, we will see how to report the vulnerabilities in TensorFlow. We can directly send the reports about any security issues to <\/span><strong><a href=\"mailto:security@tensorflow.org\">security@tensorflow.org<\/a><\/strong>.<\/p>\n<p>The report to this email is delivered to the security team at TensorFlow. The emails acknowledge within 24 hours and provide a detailed response within a week along with the next steps.<\/p>\n<p>So, this was all about TensorFlow Security. Hope you like our explanation.<\/p>\n<h2><span style=\"font-weight: 400\">Conclusion: TensorFlow Security<\/span><\/h2>\n<p><span style=\"font-weight: 400\">Hence, in this TensorFlow Security tutorial, you got to know about the security issues in TensorFlow and how vulnerability can cause TensorFlow to behave unexpectedly. Further, you also studied how to deal with untrusted malicious programs and report these to TensorFlow team. <\/span><\/p>\n<p><span style=\"font-weight: 400\">At last, we discussed 5 major issues in the security of TensorFlow. Furthermore, if you have any doubt regarding TensorFlow Security, feel free to ask through the comment section.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In our previous TensorFlow tutorial, we have seen\u00a0Convolutional Neural Network using TensorFlow. In this TensorFlow Security article, you will be looking at how to deal with the untrusted malicious programs (models) and the input&#46;&#46;&#46;<\/p>\n","protected":false},"author":6,"featured_media":16127,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[73],"tags":[211,11550,11672,12689,14549,14603,15304,15413],"class_list":["post-16075","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tensorflow","tag-accepting-the-trusted-model","tag-reporting-a-vulnerability","tag-running-untrusted-models","tag-security-of-tensorflow","tag-tensorflow-for-security","tag-tensorflow-security","tag-using-tensorflow-securly","tag-vulnerabilities-in-tensorflow"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>TensorFlow Security - 5 Major Loopholes in TensorFlow - DataFlair<\/title>\n<meta name=\"description\" content=\"TensorFlow Security, 5 major security issues:vulnerability,Models as Programs,Running Untrusted Models,Accepting the Untrusted Input,Reporting Vulnerability\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/data-flair.training\/blogs\/tensorflow-security\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"TensorFlow Security - 5 Major Loopholes in TensorFlow - DataFlair\" \/>\n<meta property=\"og:description\" content=\"TensorFlow Security, 5 major security issues:vulnerability,Models as Programs,Running Untrusted Models,Accepting the Untrusted Input,Reporting Vulnerability\" \/>\n<meta property=\"og:url\" content=\"https:\/\/data-flair.training\/blogs\/tensorflow-security\/\" \/>\n<meta property=\"og:site_name\" content=\"DataFlair\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/DataFlairWS\/\" \/>\n<meta property=\"article:published_time\" content=\"2018-06-01T06:06:51+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-05-14T05:30:15+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/data-flair.training\/blogs\/wp-content\/uploads\/sites\/2\/2018\/05\/Tensorflow-Security-01.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"628\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"DataFlair Team\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@DataFlairWS\" \/>\n<meta name=\"twitter:site\" content=\"@DataFlairWS\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"DataFlair Team\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"TensorFlow Security - 5 Major Loopholes in TensorFlow - DataFlair","description":"TensorFlow Security, 5 major security issues:vulnerability,Models as Programs,Running Untrusted Models,Accepting the Untrusted Input,Reporting Vulnerability","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/data-flair.training\/blogs\/tensorflow-security\/","og_locale":"en_US","og_type":"article","og_title":"TensorFlow Security - 5 Major Loopholes in TensorFlow - DataFlair","og_description":"TensorFlow Security, 5 major security issues:vulnerability,Models as Programs,Running Untrusted Models,Accepting the Untrusted Input,Reporting Vulnerability","og_url":"https:\/\/data-flair.training\/blogs\/tensorflow-security\/","og_site_name":"DataFlair","article_publisher":"https:\/\/www.facebook.com\/DataFlairWS\/","article_published_time":"2018-06-01T06:06:51+00:00","article_modified_time":"2021-05-14T05:30:15+00:00","og_image":[{"width":1200,"height":628,"url":"https:\/\/data-flair.training\/blogs\/wp-content\/uploads\/sites\/2\/2018\/05\/Tensorflow-Security-01.jpg","type":"image\/jpeg"}],"author":"DataFlair Team","twitter_card":"summary_large_image","twitter_creator":"@DataFlairWS","twitter_site":"@DataFlairWS","twitter_misc":{"Written by":"DataFlair Team","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/data-flair.training\/blogs\/tensorflow-security\/#article","isPartOf":{"@id":"https:\/\/data-flair.training\/blogs\/tensorflow-security\/"},"author":{"name":"DataFlair Team","@id":"https:\/\/data-flair.training\/blogs\/#\/schema\/person\/2c58ecb4f73a39f0ef993f1ddfcd7b89"},"headline":"TensorFlow Security &#8211; 5 Major Loopholes in TensorFlow","datePublished":"2018-06-01T06:06:51+00:00","dateModified":"2021-05-14T05:30:15+00:00","mainEntityOfPage":{"@id":"https:\/\/data-flair.training\/blogs\/tensorflow-security\/"},"wordCount":664,"commentCount":0,"publisher":{"@id":"https:\/\/data-flair.training\/blogs\/#organization"},"image":{"@id":"https:\/\/data-flair.training\/blogs\/tensorflow-security\/#primaryimage"},"thumbnailUrl":"https:\/\/data-flair.training\/blogs\/wp-content\/uploads\/sites\/2\/2018\/05\/Tensorflow-Security-01.jpg","keywords":["accepting the trusted model","reporting a vulnerability","running untrusted models","security of tensorflow","tensorflow for security","Tensorflow Security","using tensorflow securly","vulnerabilities in tensorflow"],"articleSection":["Tensorflow Tutorials"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/data-flair.training\/blogs\/tensorflow-security\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/data-flair.training\/blogs\/tensorflow-security\/","url":"https:\/\/data-flair.training\/blogs\/tensorflow-security\/","name":"TensorFlow Security - 5 Major Loopholes in TensorFlow - DataFlair","isPartOf":{"@id":"https:\/\/data-flair.training\/blogs\/#website"},"primaryImageOfPage":{"@id":"https:\/\/data-flair.training\/blogs\/tensorflow-security\/#primaryimage"},"image":{"@id":"https:\/\/data-flair.training\/blogs\/tensorflow-security\/#primaryimage"},"thumbnailUrl":"https:\/\/data-flair.training\/blogs\/wp-content\/uploads\/sites\/2\/2018\/05\/Tensorflow-Security-01.jpg","datePublished":"2018-06-01T06:06:51+00:00","dateModified":"2021-05-14T05:30:15+00:00","description":"TensorFlow Security, 5 major security issues:vulnerability,Models as Programs,Running Untrusted Models,Accepting the Untrusted Input,Reporting Vulnerability","breadcrumb":{"@id":"https:\/\/data-flair.training\/blogs\/tensorflow-security\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/data-flair.training\/blogs\/tensorflow-security\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/data-flair.training\/blogs\/tensorflow-security\/#primaryimage","url":"https:\/\/data-flair.training\/blogs\/wp-content\/uploads\/sites\/2\/2018\/05\/Tensorflow-Security-01.jpg","contentUrl":"https:\/\/data-flair.training\/blogs\/wp-content\/uploads\/sites\/2\/2018\/05\/Tensorflow-Security-01.jpg","width":1200,"height":628,"caption":"TensorFlow Security- 5 Major Loopholes in TensorFlow"},{"@type":"BreadcrumbList","@id":"https:\/\/data-flair.training\/blogs\/tensorflow-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog Home","item":"https:\/\/data-flair.training\/blogs\/"},{"@type":"ListItem","position":2,"name":"Tensorflow Tutorials","item":"https:\/\/data-flair.training\/blogs\/category\/tensorflow\/"},{"@type":"ListItem","position":3,"name":"TensorFlow Security &#8211; 5 Major Loopholes in TensorFlow"}]},{"@type":"WebSite","@id":"https:\/\/data-flair.training\/blogs\/#website","url":"https:\/\/data-flair.training\/blogs\/","name":"DataFlair","description":"Learn Today. Lead Tomorrow.","publisher":{"@id":"https:\/\/data-flair.training\/blogs\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/data-flair.training\/blogs\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/data-flair.training\/blogs\/#organization","name":"DataFlair","url":"https:\/\/data-flair.training\/blogs\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/data-flair.training\/blogs\/#\/schema\/logo\/image\/","url":"https:\/\/data-flair.training\/blogs\/wp-content\/uploads\/sites\/2\/2016\/07\/Data-Flair.png","contentUrl":"https:\/\/data-flair.training\/blogs\/wp-content\/uploads\/sites\/2\/2016\/07\/Data-Flair.png","width":106,"height":48,"caption":"DataFlair"},"image":{"@id":"https:\/\/data-flair.training\/blogs\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/DataFlairWS\/","https:\/\/x.com\/DataFlairWS","https:\/\/www.linkedin.com\/company\/dataflair-web-services-pvt-ltd\/","https:\/\/www.youtube.com\/user\/DataFlairWS"]},{"@type":"Person","@id":"https:\/\/data-flair.training\/blogs\/#\/schema\/person\/2c58ecb4f73a39f0ef993f1ddfcd7b89","name":"DataFlair Team","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/1ce4a0e3e542444fc73bbebf83e89e8b73e2d95ccb1fcee64da9945f078b97c5?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/1ce4a0e3e542444fc73bbebf83e89e8b73e2d95ccb1fcee64da9945f078b97c5?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/1ce4a0e3e542444fc73bbebf83e89e8b73e2d95ccb1fcee64da9945f078b97c5?s=96&d=mm&r=g","caption":"DataFlair Team"},"description":"The DataFlair Team provides industry-driven content on programming, Java, Python, C++, DSA, AI, ML, data Science, Android, Flutter, MERN, Web Development, and technology. Our expert educators focus on delivering value-packed, easy-to-follow resources for tech enthusiasts and professionals.","url":"https:\/\/data-flair.training\/blogs\/author\/dfteam2\/"}]}},"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/data-flair.training\/blogs\/wp-json\/wp\/v2\/posts\/16075","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/data-flair.training\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/data-flair.training\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/data-flair.training\/blogs\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/data-flair.training\/blogs\/wp-json\/wp\/v2\/comments?post=16075"}],"version-history":[{"count":6,"href":"https:\/\/data-flair.training\/blogs\/wp-json\/wp\/v2\/posts\/16075\/revisions"}],"predecessor-version":[{"id":94962,"href":"https:\/\/data-flair.training\/blogs\/wp-json\/wp\/v2\/posts\/16075\/revisions\/94962"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/data-flair.training\/blogs\/wp-json\/wp\/v2\/media\/16127"}],"wp:attachment":[{"href":"https:\/\/data-flair.training\/blogs\/wp-json\/wp\/v2\/media?parent=16075"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/data-flair.training\/blogs\/wp-json\/wp\/v2\/categories?post=16075"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/data-flair.training\/blogs\/wp-json\/wp\/v2\/tags?post=16075"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}