Channel, Decoder, Substrate: A Vocabulary for ML Attacks
An ML attack is the composition of three things: a channel that carries information, a decoder that reads the channel, and a substrate that runs the decoder. Naming the shape changes how you think about both offense and defense.