Software Security Issues
Vulnerabilities that can be exploited in AI systems, software development toolchains, and hardware, resulting in unauthorized access, data and privacy breaches, or system manipulation causing unsafe outputs or behavior.
"The software development toolchain of LLMs is complex and could bring threats to the developed LLM."(p. 4)
Sub-categories (4)
Programming Language
"Most LLMs are developed using the Python language, whereas the vulnerabilities of Python interpreters pose threats to the developed models"
2.2 AI system security vulnerabilities and attacksDeep Learning Frameworks
"LLMs are implemented based on deep learning frameworks. Notably, various vulnerabilities in these frameworks have been disclosed in recent years. As reported in the past five years, three of the most common types of vulnerabilities are buffer overflow attacks, memory corruption, and input validation issues."
2.2 AI system security vulnerabilities and attacksSoftware Supply Chains
"The software development toolchain of LLMs is complex and could bring threats to the developed LLM."
2.2 AI system security vulnerabilities and attacksPre-processing Tools
"Pre-processing tools play a crucial role in the context of LLMs. These tools, which are often involved in computer vision (CV) tasks, are susceptible to attacks that exploit vulnerabilities in tools such as OpenCV."
2.2 AI system security vulnerabilities and attacksOther risks from Cui et al. (2024) (49)
Harmful Content
1.2 Exposure to toxic contentHarmful Content > Bias
1.1 Unfair discrimination and misrepresentationHarmful Content > Toxicity
1.2 Exposure to toxic contentHarmful Content > Privacy Leakage
2.1 Compromise of privacy by leaking or correctly inferring sensitive informationUntruthful Content
3.1 False or misleading informationUntruthful Content > Factuality Errors
3.1 False or misleading information