Creating avenues for exploiting user trust, nudging or manipulation

Record summary

A quick snapshot of what this page covers.

Techniques11Attack methods connected to this risk.

Mitigations22Defenses that may help with related attacks.

Domain5. Human-Computer InteractionThe broad risk area this belongs to.

Risk profile

How this risk is described and categorized.

Domain5. Human-Computer Interaction

Subdomain5.1 > Overreliance and unsafe use

Entity3 - Other

Intent2 - Unintentional

Timing2 - Post-deployment

CategoryHuman-Computer Interaction Harms

SubcategoryCreating avenues for exploiting user trust, nudging or manipulation

Related techniques

Attack methods connected to this risk.

AML.T0052.000 - Spearphishing via Social Engineering LLM

demonstrated

Methodtext_similarity_sqliteConfidence61%

AML.T0085 - Data from AI Services

demonstrated

Methodtext_similarity_sqliteConfidence61%

AML.T0024.000 - Infer Training Data Membership

feasible

Methodtext_similarity_sqliteConfidence59%

AML.T0053 - AI Agent Tool Invocation

demonstrated

Methodtext_similarity_sqliteConfidence58%

AML.T0091.000 - Application Access Token

demonstrated

Methodtext_similarity_sqliteConfidence57%

AML.T0011 - User Execution

realized

Methodtext_similarity_sqliteConfidence54%

AML.T0084.003 - Call Chains

demonstrated

Methodtext_similarity_sqliteConfidence54%

AML.T0066 - Retrieval Content Crafting

demonstrated

Methodtext_similarity_sqliteConfidence53%

AML.T0040 - AI Model Inference API Access

realized

Methodtext_similarity_sqliteConfidence53%

AML.T0063 - Discover AI Model Outputs

demonstrated

Methodtext_similarity_sqliteConfidence53%

AML.T0095 - Search Open Websites/Domains

demonstrated

Methodtext_similarity_sqliteConfidence53%

Suggested mitigations

Defenses that may help with related attacks.

User Training

Business and Data UnderstandingData Preparation+4 more

LifecycleBusiness and Data Understanding + 5 moreCategoryPolicy

Deepfake Detection

DeploymentMonitoring and Maintenance+2 more

LifecycleDeployment + 3 moreCategoryTechnical - ML

AI Telemetry Logging

DeploymentMonitoring and Maintenance

LifecycleDeployment + 1 moreCategoryTechnical - Cyber

Privileged AI Agent Permissions Configuration

Deployment

LifecycleDeploymentCategoryTechnical - Cyber

Single-User AI Agent Permissions Configuration

Deployment

LifecycleDeploymentCategoryTechnical - Cyber

AI Agent Tools Permissions Configuration

Deployment

LifecycleDeploymentCategoryTechnical - Cyber

Segmentation of AI Agent Components

DeploymentBusiness and Data Understanding

LifecycleDeployment + 1 moreCategoryTechnical - Cyber

Passive AI Output Obfuscation

DeploymentML Model Evaluation

LifecycleDeployment + 1 moreCategoryTechnical - ML

Restrict Number of AI Model Queries

Business and Data UnderstandingDeployment+1 more

LifecycleBusiness and Data Understanding + 2 moreCategoryTechnical - Cyber

Generative AI Guardrails

ML Model EngineeringML Model Evaluation+1 more

LifecycleML Model Engineering + 2 moreCategoryTechnical - ML

Generative AI Guidelines

ML Model EngineeringML Model Evaluation+1 more

LifecycleML Model Engineering + 2 moreCategoryTechnical - ML

Generative AI Model Alignment

ML Model EngineeringML Model Evaluation+1 more

LifecycleML Model Engineering + 2 moreCategoryTechnical - ML

Human In-the-Loop for AI Agent Actions

Deployment

LifecycleDeploymentCategoryTechnical - ML

Restrict AI Agent Tool Invocation on Untrusted Data

Deployment

LifecycleDeploymentCategoryTechnical - ML

Input and Output Validation for AI Agent Components

Business and Data UnderstandingData Preparation+1 more

LifecycleBusiness and Data Understanding + 2 moreCategoryTechnical - ML

Restrict Library Loading

Deployment

LifecycleDeploymentCategoryTechnical - Cyber

Verify AI Artifacts

Business and Data UnderstandingData Preparation+1 more

LifecycleBusiness and Data Understanding + 2 moreCategoryTechnical - Cyber

Vulnerability Scanning

ML Model EngineeringData Preparation

LifecycleML Model Engineering + 1 moreCategoryTechnical - Cyber

AI Bill of Materials

Business and Data UnderstandingData Preparation+1 more

LifecycleBusiness and Data Understanding + 2 moreCategoryPolicy

Control Access to AI Models and Data in Production

DeploymentMonitoring and Maintenance

LifecycleDeployment + 1 moreCategoryPolicy

Encrypt Sensitive Information

Data PreparationML Model Engineering+1 more

LifecycleData Preparation + 2 moreCategoryTechnical - Cyber

AI Model Distribution Methods

Deployment

LifecycleDeploymentCategoryPolicy

Source

Research source for this risk, when available.

Included resource

Ethical and social risks of harm from language models

AuthorsWeidinger et al.Year2021TypePreprint

DOI10.48550/arXiv.2112.04359 URLhttps://arxiv.org/abs/2112.04359

Original source

MIT AI Risk Repository

Open the public repository used for AI risk records and taxonomy fields.

Repositoryhttps://airisk.mit.edu/