Close

Presentation

Jupyter Notebook Attacks Taxonomy: Ransomware, Data Exfiltration, and Security Misconfiguration
DescriptionOpen-science collaboration using Jupyter Notebooks may expose expensively trained AI models, high-performance computing resources, and training data to security vulnerabilities, such as unauthorized access, accidental deletion, or misuse. The ubiquitous deployments of Jupyter Notebooks (≈ 11 million public notebooks on Github) have transformed collaborative scientific computing by enabling reproducible research.

This paper describes the network-based attack taxonomy of Jupyter Noteboks. The open nature of Jupyter (direct data access, arbitrary code execution in multiple programming languages kernels) and its vast attack interface (terminal, file browser, untrusted cells) also attracts attacks attempting to misuse supercomputing resources and steal state-of-the-art research artifacts (CVE-2024-22415). We envisage even more sophisticated AI-driven attacks can be adapted to target Jupyter, where defenders have limited visibility. On balance, this is the first paper to systematically describe the threat model against Jupyter Notebooks and lay out the design of auditing Jupyter to have better visibility against such attacks.