Record summary
A quick snapshot of what this page covers.
Risk profile
How this risk is described and categorized.
"Data Poisoning involves deliberately corrupting a model’s training dataset to introduce vulnerabilities, derail its learning process, or cause it to make incorrect predictions (Carlini et al., 2023). For example, the tool Nightshade is a data poisoning tool, which allows artists to add invisible changes to the pixels in their art before uploading online, to break any models that use it for training.9 Such attacks exploit the fact that most GenAI models are trained on publicly available datasets like images and videos scraped from the web, which malicious actors can easily compromise."
Suggested mitigations
Defenses that may help with related attacks.
Control Access to AI Models and Data at Rest
Validate AI Model
Code Signing
Sanitize Training Data
Maintain AI Dataset Provenance
AI Telemetry Logging
Privileged AI Agent Permissions Configuration
Single-User AI Agent Permissions Configuration
AI Agent Tools Permissions Configuration
Human In-the-Loop for AI Agent Actions
Restrict AI Agent Tool Invocation on Untrusted Data
Segmentation of AI Agent Components
Input and Output Validation for AI Agent Components
Memory Hardening
Model Hardening
Use Ensemble Methods
Input Restoration
Adversarial Input Detection
AI Bill of Materials
Limit Model Artifact Release
Verify AI Artifacts
Source
Research source for this risk, when available.
Included resource
Generative AI Misuse: A Taxonomy of Tactics and Insights from Real-World Data
Original source
MIT AI Risk Repository
Open the public repository used for AI risk records and taxonomy fields.