## **PoC** [Dyana](https://github.com/dreadnode/dyana) by Dreadnode is a profiling tool capable of profiling a large array of files - not just models - and analyzing them with Tracee, an eBPF runtime security and forensics tool. The results of this are really cool. eBPF can be though of a bit like 'wireshark for everything'. - So any unwanted network or filesystem activity won't be missed except for in the most extreme of circumstances. ## **Details**  It provides detailed insights into GPU memory usage, filesystem interactions, network requests, and security related events. An extremely thorough way to inspect models and other files.  One huge benefit of this is it is less likely to get hung up on insecure / unsafe pickle usage, which is not always an indicator of maliciousness. **Threat Intelligence:** There's been numerous reports of both bug bounty and potentially malicious usage of ML models in supply chain attacks. - [model confusion bug bounty & red team work](https://5stars217.github.io/2023-08-08-red-teaming-with-ml-models/ ) - [ransomware in ml models](https://hiddenlayer.com/innovation-hub/weaponizing-machine-learning-models-with-ransomware/0) - For specifics on malicious usage contact the author of the wiki from the contact info.   [video](https://www.youtube.com/live/ycuIrgkWTuU?si=jdjmu0NBi78nkJGB&t=649) - Dyana demo included in a presentation by [Ads Dawson](https://github.com/GangGreenTemperTatum) at OWASP Toronto.