mirror of
https://github.com/OWASP/www-project-ai-testing-guide.git
synced 2026-07-16 16:07:19 +02:00
Refactor threat and testing focus sections
This commit is contained in:
@@ -92,62 +92,62 @@ For broader security assurance across networks, infrastructure, and traditional
|
|||||||
|
|
||||||
* Scope: Front-end UX, APIs, agents/plugins, user-AI interactions
|
* Scope: Front-end UX, APIs, agents/plugins, user-AI interactions
|
||||||
* Threats:
|
* Threats:
|
||||||
* Prompt injection (LLM01)
|
- Prompt injection (LLM01)
|
||||||
* Output handling (LLM05)
|
- Output handling (LLM05)
|
||||||
* Excessive agency (LLM06)
|
- Excessive agency (LLM06)
|
||||||
* Misinformation (LLM09)
|
- Misinformation (LLM09)
|
||||||
* Automation bias
|
- Automation bias
|
||||||
* Hallucinations
|
- Hallucinations
|
||||||
* Toxic content
|
- Toxic content
|
||||||
* Explainability gaps
|
- Explainability gaps
|
||||||
* Testing Focus:
|
* Testing Focus:
|
||||||
* Behavior consistency
|
- Behavior consistency
|
||||||
* Ethical content validation
|
- Ethical content validation
|
||||||
* User interface abuse (e.g., phishing via AI)
|
- User interface abuse (e.g., phishing via AI)
|
||||||
* Interpretability & transparency evaluation
|
- Interpretability & transparency evaluation
|
||||||
|
|
||||||
### **2\. AI Model Testing**
|
### **2\. AI Model Testing**
|
||||||
|
|
||||||
* Scope: Model training, fine-tuning, inference behavior
|
* Scope: Model training, fine-tuning, inference behavior
|
||||||
* Threats:
|
* Threats:
|
||||||
* Model & data poisoning (LLM04)
|
- Model & data poisoning (LLM04)
|
||||||
* Inversion/inference attacks
|
- Inversion/inference attacks
|
||||||
* Bias/discrimination
|
- Bias/discrimination
|
||||||
* Model exfiltration
|
- Model exfiltration
|
||||||
* Overfitting / generalization issues
|
- Overfitting / generalization issues
|
||||||
* Explainability & fairness gaps
|
- Explainability & fairness gaps
|
||||||
* Testing Focus:
|
* Testing Focus:
|
||||||
* Adversarial robustness
|
- Adversarial robustness
|
||||||
* Fairness auditing
|
- Fairness auditing
|
||||||
* Membership inference testing
|
- Membership inference testing
|
||||||
* Alignment and behavior under edge cases
|
- Alignment and behavior under edge cases
|
||||||
|
|
||||||
### **3\. AI Infrastructure Testing**
|
### **3\. AI Infrastructure Testing**
|
||||||
|
|
||||||
* Scope: Hosting, serving, orchestration, APIs, plugin permissions
|
* Scope: Hosting, serving, orchestration, APIs, plugin permissions
|
||||||
* Threats:
|
* Threats:
|
||||||
* System prompt leakage (LLM07)
|
- System prompt leakage (LLM07)
|
||||||
* Resource abuse (LLM10)
|
- Resource abuse (LLM10)
|
||||||
* Supply chain poisoning (LLM03)
|
- Supply chain poisoning (LLM03)
|
||||||
* Unauthorized API control
|
- Unauthorized API control
|
||||||
* Insecure agent capabilities
|
- Insecure agent capabilities
|
||||||
* Testing Focus:
|
* Testing Focus:
|
||||||
* Least privilege enforcement
|
- Least privilege enforcement
|
||||||
* Resource sandboxing
|
- Resource sandboxing
|
||||||
* Plugin/agent boundary testing
|
- Plugin/agent boundary testing
|
||||||
* Environment security (CI/CD, containers)
|
- Environment security (CI/CD, containers)
|
||||||
|
|
||||||
### **4\. AI Data Testing**
|
### **4\. AI Data Testing**
|
||||||
|
|
||||||
* Scope: Data collection, curation, storage, labeling, filtering
|
* Scope: Data collection, curation, storage, labeling, filtering
|
||||||
* Threats:
|
* Threats:
|
||||||
** Data poisoning (LLM04)
|
- Data poisoning (LLM04)
|
||||||
** Training data leaks
|
- Training data leaks
|
||||||
** Toxic/unrepresentative data
|
- Toxic/unrepresentative data
|
||||||
** Bias introduced during preprocessing
|
- Bias introduced during preprocessing
|
||||||
** Mislabeling or filtering inconsistencies
|
- Mislabeling or filtering inconsistencies
|
||||||
* Testing Focus:
|
* Testing Focus:
|
||||||
* Dataset integrity & labeling accuracy
|
- Dataset integrity & labeling accuracy
|
||||||
* Bias and diversity analysis
|
- Bias and diversity analysis
|
||||||
* Data provenance validation
|
- Data provenance validation
|
||||||
* Filtering robustness (toxicity, duplication)
|
- Filtering robustness (toxicity, duplication)
|
||||||
|
|||||||
Reference in New Issue
Block a user