Just 250 Documents Can Poison AI Models, Study Finds

AI models can acquire backdoors from surprisingly few malicious documents

Scraping the open web for AI training data can have its drawbacks. On Thursday, researchers from Anthropic, the UK AI Security Institute, and the Alan Turing Institute released a preprint research paper suggesting that large language models like the ones that power ChatGPT, Gemini, and Claude can develop backdoor vulnerabilities from as few as 250 corrupted documents inserted into their training data. That means someone tucking certain documents…

Data quantity doesn't matter when poisoning an LLM

: Just 250 malicious training documents can poison a 13B parameter model - that's 0.00016% of a whole dataset

Researchers find just 250 malicious documents can leave LLMs vulnerable to backdoors

New research has found that a small and fairly constant number of malicious documents can poison an LLM and create a backdoor.

Size doesn't matter: Just a small number of malicious files can corrupt LLMs of any size

Large language models (LLMs), which power sophisticated AI chatbots, are more vulnerable than previously thought. According to research by Anthropic, the UK AI Security Institute and the Alan Turing Institute, it only takes ...

Medical large language models are vulnerable to data-poisoning attacks - Nature Medicine

The adoption of large language models (LLMs) in healthcare demands a careful analysis of their potential to spread false medical knowledge. Because LLMs ingest massive volumes of data from the open Internet during training, they are potentially exposed to unverified medical knowledge that may include deliberately planted misinformation. Here, we perform a threat assessment that simulates a data-poisoning attack against The Pile, a popular datase…