Record summary
A quick snapshot of what this page covers.
Risk profile
How this risk is described and categorized.
"However, there are still ones who can leave holes in the training dataset, making LLMs appear safe on average, but generate harmful content under other specific conditions. This kind of attack can be categorized as "backdoor attack". Evan et al. developed a backdoor model that behaves as expected when trained, but exhibits different and potentially harmful behavior when deployed [81]. The results show that these backdoor behaviors persist even after multiple security training techniques are applied."
Suggested mitigations
Defenses that may help with related attacks.
Generative AI Guardrails
Generative AI Guidelines
Generative AI Model Alignment
Control Access to AI Models and Data in Production
AI Telemetry Logging
Input and Output Validation for AI Agent Components
Limit Model Artifact Release
Control Access to AI Models and Data at Rest
Sanitize Training Data
Validate AI Model
AI Bill of Materials
Maintain AI Dataset Provenance
Restrict Library Loading
Code Signing
Vulnerability Scanning
User Training
Encrypt Sensitive Information
AI Model Distribution Methods
Model Hardening
Use Ensemble Methods
Use Multi-Modal Sensors
Input Restoration
Adversarial Input Detection
Deepfake Detection
Verify AI Artifacts
Source
Research source for this risk, when available.
Included resource
A Survey on Responsible LLMs: Inherent Risk, Malicious Use, and Mitigation Strategy
Original source
MIT AI Risk Repository
Open the public repository used for AI risk records and taxonomy fields.