csima/gist:b5ea16b682f6117c11debee7c40fa8fc

## gistfile1.txt
Acquire Public ML Artifacts
Obtain Capabilities
Develop Adversarial ML Attack Capabilities
Acquire Infrastructure
Publish Poisoned Datasets
Poison Training Data
ML Supply Chain Compromise
Evade ML Model
Exploit Public-Facing Application
ML Model Inference API Access
ML-Enabled Product or Service
Physical Environment Access
Full ML Model Access
User Execution
Command Scripting Interpreter
Backdoor ML Model
Discover ML Model Ontology
Discover ML Model Family
Discover ML Artifacts
ML Artifact Collection
Data from Information Repositories
Data from Local System
Create Proxy ML Model
Verify Attack
Craft Adversarial Data
Exfiltration via ML Inference API
Exfiltration via Cyber Means
Denial of ML Service
Spamming ML system with Chaff Data
Erode ML Model Integrity
Cost Harvesting
ML Intellectual Property Theft
System Misuse for External Effect
Prompt Injection
Insecure Output Handling
Supply Chain
Permission Issues
Data Leakage
Excessive Agency
Over-reliance
Insecure Plugins
Evasion Auto-Attack
Auto Projected Gradient Descent
Shadow Attack
Wasserstein Attack
PE Malware Attacks
Imperceptible, Robust & Targeted  adversarial for speech recognition
Brendan & Bethge Attack
Targeted Universal Adversarial Perturbations
Targeted Attacks on Speech-to-Text
High Confidence Low Uncertainty Attack
Iterative Frame Saliency
DPatch
ShapeShifter
Projected Gradient Descent
NewtonFool
Elastic Net
Adversarial Patch
Decision Tree Attack
Caroline & Wagner attack
Universal Perturbation
Feature Adversaries
DeepFool
Virtual Adversarial Method
Fast Gradient Method
Square Attack
HopSkipJump Attack
Threshold Attack
Pixel Attack
Simple Black-box Adversarial
Spatial Transformation
Query-efficient Black-box
Zeroth Order Optimisation
Decision-based/Boundary Attack
Geometric Decision-based Attack
Adversarial Backdoor Embedding
Clean Label Feature Collision Attack
Clean-Label Backdoor Attack
Poisoning Attack on Support Vector Machines
Bullseye Polytope
Gradient Matching / Witches' Brew Attack
Sleeper Agent Attack
BadDet Object Generation Attack (OGA)
BadDet Regional Misclassification Attack (RMA)
BadDet Global Misclassification Attack (GMA)
BadDet Object Disappearance Attack (ODA)
Functionally Equivalent Extraction
Copycat CNN
KnockoffNets
Attribute Inference Black-Box
Attribute Inference White-Box Lifestyle Decision Tree
Attribute Inference White-Box Decision Tree
	Acquire Public ML Artifacts
	Obtain Capabilities
	Develop Adversarial ML Attack Capabilities
	Acquire Infrastructure
	Publish Poisoned Datasets
	Poison Training Data
	ML Supply Chain Compromise
	Evade ML Model
	Exploit Public-Facing Application
	ML Model Inference API Access
	ML-Enabled Product or Service
	Physical Environment Access
	Full ML Model Access
	User Execution
	Command Scripting Interpreter
	Backdoor ML Model
	Discover ML Model Ontology
	Discover ML Model Family
	Discover ML Artifacts
	ML Artifact Collection
	Data from Information Repositories
	Data from Local System
	Create Proxy ML Model
	Verify Attack
	Craft Adversarial Data
	Exfiltration via ML Inference API
	Exfiltration via Cyber Means
	Denial of ML Service
	Spamming ML system with Chaff Data
	Erode ML Model Integrity
	Cost Harvesting
	ML Intellectual Property Theft
	System Misuse for External Effect
	Prompt Injection
	Insecure Output Handling
	Supply Chain
	Permission Issues
	Data Leakage
	Excessive Agency
	Over-reliance
	Insecure Plugins
	Evasion Auto-Attack
	Auto Projected Gradient Descent
	Shadow Attack
	Wasserstein Attack
	PE Malware Attacks
	Imperceptible, Robust & Targeted adversarial for speech recognition
	Brendan & Bethge Attack
	Targeted Universal Adversarial Perturbations
	Targeted Attacks on Speech-to-Text
	High Confidence Low Uncertainty Attack
	Iterative Frame Saliency
	DPatch
	ShapeShifter
	Projected Gradient Descent
	NewtonFool
	Elastic Net
	Adversarial Patch
	Decision Tree Attack
	Caroline & Wagner attack
	Universal Perturbation
	Feature Adversaries
	DeepFool
	Virtual Adversarial Method
	Fast Gradient Method
	Square Attack
	HopSkipJump Attack
	Threshold Attack
	Pixel Attack
	Simple Black-box Adversarial
	Spatial Transformation
	Query-efficient Black-box
	Zeroth Order Optimisation
	Decision-based/Boundary Attack
	Geometric Decision-based Attack
	Adversarial Backdoor Embedding
	Clean Label Feature Collision Attack
	Clean-Label Backdoor Attack
	Poisoning Attack on Support Vector Machines
	Bullseye Polytope
	Gradient Matching / Witches' Brew Attack
	Sleeper Agent Attack
	BadDet Object Generation Attack (OGA)
	BadDet Regional Misclassification Attack (RMA)
	BadDet Global Misclassification Attack (GMA)
	BadDet Object Disappearance Attack (ODA)
	Functionally Equivalent Extraction
	Copycat CNN
	KnockoffNets
	Attribute Inference Black-Box
	Attribute Inference White-Box Lifestyle Decision Tree
	Attribute Inference White-Box Decision Tree