101 indexed
ATLASATLAS adversarial ML techniques
101 MITRE ATLAS top-level techniques covering the adversarial-ML attack surface, grouped by tactic. Authored by Adam Lundqvist.
12 in Defense Evasion · 101 total
| ID | Title | Summary |
|---|---|---|
| AML.T0067 | LLM Trusted Output Components Manipulation | Adversaries may utilize prompts to a large language model (LLM) which manipulate various components of its response in order to make it appear trustworthy to t… |
| AML.T0068 | LLM Prompt Obfuscation | Adversaries may hide or otherwise obfuscate prompt injections or retrieval content to avoid detection from humans, large language model (LLM) guardrails, or ot… |
| AML.T0071 | False RAG Entry Injection | Adversaries may introduce false entries into a victim's retrieval augmented generation (RAG) database. Content designed to be interpreted as a document by the … |
| AML.T0073 | Impersonation | Adversaries may impersonate a trusted person or organization in order to persuade and trick a target into performing some action on their behalf. For example, … |
| AML.T0074 | Masquerading | Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs … |
| AML.T0076 | Corrupt AI Model | An adversary may purposefully corrupt a malicious AI model file so that it cannot be successfully deserialized in order to evade detection by a model scanner. … |
| AML.T0092 | Manipulate User LLM Chat History | Adversaries may manipulate a user's large language model (LLM) chat history to cover the tracks of their malicious behavior. They may hide persistent changes t… |
| AML.T0094 | Delay Execution of LLM Instructions | Adversaries may include instructions to be followed by the AI system in response to a future event, such as a specific keyword or the next interaction, in orde… |
| AML.T0097 | Virtualization/Sandbox Evasion | Adversaries may employ various means to detect and avoid virtualization and analysis environments. This may include changing behaviors based on the results of … |
| AML.T0107 | Exploitation for Defense Evasion | Adversaries may exploit a system or application vulnerability to bypass security features. Exploitation of a vulnerability occurs when an adversary takes advan… |
| AML.T0109 | AI Supply Chain Rug Pull | Adversaries may publish legitimate AI components or software, gain user adoption, then push an update with a malicious variant, leading to [AI Supply Chain Com… |
| AML.T0111 | AI Supply Chain Reputation Inflation | AI Supply Chain Reputation Inflation is the process of building or leveraging genuinely credible-looking trust signals to increase the perceived legitimacy of … |