"Researchers have developed a tool that they say can make stolen high-value proprietary data used in AI systems useless, a solution that CSOs may have to adopt to protect their sophisticated large language models (LLMs). The technique, created by researchers from universities in China and Singapore, is to inject plausible but false data into what's known as a knowledge graph (KG) created by an AI operator. A knowledge graph holds the proprietary data used by the LLM."
"What's new in this tool - dubbed AURA (Active Utility Reduction via Adulteration)- is that authorized users have a secret key that filters out the fake data so the LLM's answer to a query is usable. If the knowledge graph is stolen, however, it's unusable by the attacker unless they know the key, because the adulterants will be retrieved as context, causing deterioration in the LLM's reasoning and leading to factually incorrect responses."
"The researchers say AURA degrades the performance of unauthorized systems to an accuracy of just 5.3%, while maintaining 100% fidelity for authorized users, with "negligible overhead," defined as a maximum query latency increase of under 14%. They also say AURA is robust against various sanitization attempts by an attacker, retaining 80.2% of the adulterants injected for defense, and the fake data it creates is hard to detect."
AURA injects plausible but false entries into a knowledge graph so stolen data becomes unusable to attackers while authorized users employ a secret key to filter adulterants. Authorized queries return accurate LLM responses despite poisoned inputs. AURA reduces unauthorized system accuracy to about 5.3% and preserves 100% fidelity for authorized users with under 14% maximum added query latency. The technique retains roughly 80.2% of injected adulterants after sanitization attempts and produces fake data that is difficult to detect. Knowledge graphs commonly contain sensitive intellectual property and thus represent high-value targets; some experts express skepticism or caution.
Read at InfoWorld
Unable to calculate read time
Collection
[
|
...
]