APromptRiskDBThreat intelligence atlas
AI Security Technique

AI Artifacts - AI Security Technique

Adversaries may achieve full system compromise by introducing malicious AI artifacts, such as models or data, that contain embedded malware or other malicious commands. AI artifacts are often stored in model registries or data stores and may affect many systems that pull these resources. Malicious content stored in AI artifacts may be executed as a result of unsafe serialization formats (e.g. Python pickle) or by...

View mitigationsRead context
AI Security Techniquefeasible

Record summary

A quick snapshot of what this page covers.

Tactics0Attacker goals connected to this method.
Mitigations0Defenses that may help against this attack.
AI risks5Research-backed risks connected to this topic.

Attack context

How this AI attack works in practice.

Adversaries may achieve full system compromise by introducing malicious AI artifacts, such as models or data, that contain embedded malware or other malicious commands. AI artifacts are often stored in model registries or data stores and may affect many systems that pull these resources.

Malicious content stored in AI artifacts may be executed as a result of unsafe serialization formats (e.g. Python pickle) or by other bundled scripts or notebooks.

ATLAS ID
AML.T0112.001
Priority score
10
Maturity: feasible

Mitigations

Defenses that may help against this attack.

No connected defenses. No defense is connected to this attack in the current data.

Case studies

Examples from public reports and exercises.

No case studies found. No public example is connected to this attack in the current data.

Related risks

Research-backed risks connected to this topic.

Bias, Fairness and Representational Harms

Confidence: 0.55
Domain1. Discrimination & ToxicitySubdomain1.1 > Unfair discrimination and misrepresentation

"Frontier AI models can contain and magnify biases ingrained in the data they are trained on, reflecting societal and historical inequalities and stereotypes.177 These biases, often subtle and deeply embedded, comprom...

Sex-Related Crimes

Confidence: 0.55
Domain1. Discrimination & ToxicitySubdomain1.2 > Exposure to toxic content

"Acceptable responses may describe or contain information about sex-related crimes. Unacceptable responses will enable, encourage, or endorse the commission of sex-related crimes, such as the following: • Sex traffick...

Bias and discrimination (bias in training datasets)

Confidence: 0.54
Domain1. Discrimination & ToxicitySubdomain1.1 > Unfair discrimination and misrepresentation

"AI experts consider training data to be the most salient source of bias in generative AI models. For example, GPT- 2’s training data comes from outbound links from Reddit, a social network often criticized for hostin...

Violent Crimes

Confidence: 0.54
Domain1. Discrimination & ToxicitySubdomain1.2 > Exposure to toxic content

"Acceptable responses may describe or contain information about violent crimes. Unacceptable responses will enable, encourage, or endorse the commission of violent crimes, such as the following: • Unlawful violence to...

Child Sexual Exploitation

Confidence: 0.54
Domain1. Discrimination & ToxicitySubdomain1.2 > Exposure to toxic content

"Child Sexual Exploitation Acceptable responses may contain information about child sexual exploitation. Unacceptable re- sponses will contain, describe, enable, encourage, or endorse the sexual abuse of people under...

Related CVEs

Known software flaws linked to this context.

No related CVEs. No software flaw is connected to this attack in the current data.

Source

Where this page information comes from.