Record summary
A quick snapshot of what this page covers.
Risk profile
How this risk is described and categorized.
"During the pre-deployment development stage, software may be subject to sabotage by someone with necessary access (a programmer, tester, even janitor) who for a number of possible reasons may alter software to make it unsafe. It is also a common occurrence for hackers (such as the organization Anonymous or government intelligence agencies) to get access to software projects in progress and to modify or steal their source code. Someone can also deliberately supply/train AI with wrong/unsafe datasets."
Suggested mitigations
Defenses that may help with related attacks.
AI Bill of Materials
Limit Model Artifact Release
Control Access to AI Models and Data at Rest
Sanitize Training Data
Validate AI Model
Maintain AI Dataset Provenance
Restrict Library Loading
Verify AI Artifacts
Vulnerability Scanning
User Training
Code Signing
Use Ensemble Methods
Encrypt Sensitive Information
AI Model Distribution Methods
Generative AI Guardrails
Limit Public Release of Information
Passive AI Output Obfuscation
Restrict Number of AI Model Queries
Control Access to AI Models and Data in Production
Source
Research source for this risk, when available.
Included resource
Taxonomy of Pathways to Dangerous Artificial Intelligence
Original source
MIT AI Risk Repository
Open the public repository used for AI risk records and taxonomy fields.