Inference Attacks - PromptRiskDB

Record summary

A quick snapshot of what this page covers.

Techniques18Attack methods connected to this risk.

Mitigations15Defenses that may help with related attacks.

Domain2. Privacy & SecurityThe broad risk area this belongs to.

Risk profile

How this risk is described and categorized.

Domain2. Privacy & Security

Subdomain2.2 > AI system security vulnerabilities and attacks

Entity1 - Human

Intent1 - Intentional

Timing2 - Post-deployment

CategoryModel Attacks

SubcategoryInference Attacks

Related techniques

Attack methods connected to this risk.

AML.T0024 - Exfiltration via AI Inference API

realized

Methodtaxonomy_keyword_ruleConfidence67%

AML.T0010.004 - Container Registry

demonstrated

Methodtaxonomy_keyword_ruleConfidence60%

AML.T0007 - Discover AI Artifacts

demonstrated

Methodtaxonomy_keyword_ruleConfidence60%

AML.T0010.002 - Data

realized

Methodtaxonomy_keyword_ruleConfidence60%

AML.T0068 - LLM Prompt Obfuscation

demonstrated

Methodtaxonomy_keyword_ruleConfidence60%

AML.T0080.000 - Memory

demonstrated

Methodtaxonomy_keyword_ruleConfidence58%

AML.T0043.002 - Black-Box Transfer

demonstrated

Methodtext_similarity_sqliteConfidence58%

AML.T0069 - Discover LLM System Information

demonstrated

Methodtext_similarity_sqliteConfidence57%

AML.T0077 - LLM Response Rendering

demonstrated

Methodtaxonomy_keyword_ruleConfidence56%

AML.T0090 - OS Credential Dumping

demonstrated

Methodtext_similarity_sqliteConfidence56%

AML.T0070 - RAG Poisoning

demonstrated

Methodtaxonomy_keyword_ruleConfidence56%

AML.T0066 - Retrieval Content Crafting

demonstrated

Methodtaxonomy_keyword_ruleConfidence55%

AML.T0107 - Exploitation for Defense Evasion

demonstrated

Methodtaxonomy_keyword_ruleConfidence55%

AML.T0099 - AI Agent Tool Data Poisoning

feasible

Methodtaxonomy_keyword_ruleConfidence55%

AML.T0043.004 - Insert Backdoor Trigger

demonstrated

Methodtaxonomy_keyword_ruleConfidence55%

AML.T0043.001 - Black-Box Optimization

demonstrated

Methodtext_similarity_sqliteConfidence54%

AML.T0001 - Search Open AI Vulnerability Analysis

demonstrated

Methodtext_similarity_sqliteConfidence54%

AML.T0000.002 - Technical Blogs

feasible

Methodtext_similarity_sqliteConfidence52%

Suggested mitigations

Defenses that may help with related attacks.

Restrict Number of AI Model Queries

Business and Data UnderstandingDeployment+1 more

LifecycleBusiness and Data Understanding + 2 moreCategoryTechnical - Cyber

Control Access to AI Models and Data in Production

DeploymentMonitoring and Maintenance

LifecycleDeployment + 1 moreCategoryPolicy

AI Telemetry Logging

DeploymentMonitoring and Maintenance

LifecycleDeployment + 1 moreCategoryTechnical - Cyber

Control Access to AI Models and Data at Rest

Business and Data UnderstandingData Preparation+2 more

LifecycleBusiness and Data Understanding + 3 moreCategoryPolicy

Encrypt Sensitive Information

Data PreparationML Model Engineering+1 more

LifecycleData Preparation + 2 moreCategoryTechnical - Cyber

Sanitize Training Data

Business and Data UnderstandingData Preparation+1 more

LifecycleBusiness and Data Understanding + 2 moreCategoryTechnical - ML

Verify AI Artifacts

Business and Data UnderstandingData Preparation+1 more

LifecycleBusiness and Data Understanding + 2 moreCategoryTechnical - Cyber

Maintain AI Dataset Provenance

Data PreparationBusiness and Data Understanding

LifecycleData Preparation + 1 moreCategoryTechnical - ML

Memory Hardening

ML Model EngineeringDeployment+1 more

LifecycleML Model Engineering + 2 moreCategoryTechnical - ML

Model Hardening

Data PreparationML Model Engineering

LifecycleData Preparation + 1 moreCategoryTechnical - ML

Use Ensemble Methods

ML Model Engineering

LifecycleML Model EngineeringCategoryTechnical - ML

Input Restoration

Data PreparationML Model Evaluation+2 more

LifecycleData Preparation + 3 moreCategoryTechnical - ML

Adversarial Input Detection

Data PreparationML Model Engineering+3 more

LifecycleData Preparation + 4 moreCategoryTechnical - ML

Validate AI Model

ML Model EvaluationMonitoring and Maintenance

LifecycleML Model Evaluation + 1 moreCategoryTechnical - ML

Passive AI Output Obfuscation

DeploymentML Model Evaluation

LifecycleDeployment + 1 moreCategoryTechnical - ML

Source

Research source for this risk, when available.

Included resource

Risk Taxonomy, Mitigation, and Assessment Benchmarks of Large Language Model Systems

AuthorsCui et al.Year2024TypePreprint

DOI10.48550/arXiv.2401.05778 URLhttps://arxiv.org/abs/2401.05778

Original source

MIT AI Risk Repository

Open the public repository used for AI risk records and taxonomy fields.

Repositoryhttps://airisk.mit.edu/