ML Models
Introduction
JFrog Xray provides security analysis for Machine Learning Models throughout the software development lifecycle. ML model scanning focuses on identifying malicious or unsafe model files and detecting known model formats for SBOM visibility.
Capabilities
| Capability | HuggingFace ML | Generic Model Detection |
|---|---|---|
| SBOM / Model Identification | ✅ | ✅ |
| CVE Detection | - | - |
| License Detection | ✅ | ❌ |
| Malicious Model Detection | ✅ | ❌ |
| Operational Risk | - | - |
Source code scanning is not applicable for ML models. All capabilities are available through binary scanning only.
Binary Scanning
Binary scanning analyzes ML model files stored in Artifactory repositories. Xray identifies model formats, detects malicious models, and provides SBOM visibility for ML assets.
Supported Model Types
| Model Type | Supported |
|---|---|
| HuggingFace ML | ✅ |
| Generic Model Detection | ✅ |
Supported Model File Formats
bin, ckpt, dill, flax, ggml, gguf, h5, hdf5, joblib, keras, mpk, msgpack, nemo, npy, npz, onnx, pb, pdparams, pkl, pt, pth, safetensors, tflite, zip
Supported ML Frameworks
Flax, GGML, GGUF, Joblib, Keras H5, NeMo, NumPy Archive, NumPy Array, ONNX, PaddlePaddle, Pickle/Dill, PyTorch Archive, PyTorch state_dict, Safetensors, SavedModel, TFLite
Detection Contexts
| Context | Supported |
|---|---|
| Dedicated ML model repositories | ✅ |
| Generic Artifactory repositories | ✅ |
| Inside Docker container images | ✅ |
Additional Information
- Xray identifies ML model binaries in both dedicated and Generic repositories, as well as inside Docker containers
- Generic Model Detection provides SBOM visibility (format identification and operational risk) but not malicious model scanning
- HuggingFace ML provides the richest analysis with license detection and malicious model detection
- CVE detection is not applicable for ML models as they do not have traditional software vulnerabilities
Updated 14 days ago