Neural networks, large language models (LLMs) and deep learning models rely heavily on the quality and integrity of training data, which ultimately determines a model’s functions. This training data can come from various sources, such as the internet, government databases and third-party data providers. By injecting incorrect or biased data points (poisoned data) into these training datasets, malicious actors can subtly or drastically alter a model’s behavior.

For example, data manipulation through poisoning can lead to data misclassification, which reduces the efficacy and accuracy of AI and ML systems. What’s more, these attacks can introduce serious cybersecurity risks, especially in industries such as healthcare and autonomous vehicles.