One Article Review
| Source |  GoogleSec |
|---|---|
| Identifiant | 8400811 |
| Date de publication | 2023-10-26 08:00:33 (vue: 2023-10-26 13:08:08) |
| Titre | Google\\'s reward criteria for reporting bugs in AI products |
| Texte | Eduardo Vela, Jan Keller and Ryan Rinaldi, Google Engineering In September, we shared how we are implementing the voluntary AI commitments that we and others in industry made at the White House in July. One of the most important developments involves expanding our existing Bug Hunter Program to foster third-party discovery and reporting of issues and vulnerabilities specific to our AI systems. Today, we\'re publishing more details on these new reward program elements for the first time. Last year we issued over $12 million in rewards to security researchers who tested our products for vulnerabilities, and we expect today\'s announcement to fuel even greater collaboration for years to come. What\'s in scope for rewards In our recent AI Red Team report, we identified common tactics, techniques, and procedures (TTPs) that we consider most relevant and realistic for real-world adversaries to use against AI systems. The following table incorporates shared learnings from |
| Envoyé | Oui |
| Condensat | $12 categoryattack in what able about above abuse abused according account adversarial adversaries adversary affect affected against aims allow already also amounts analysis and–if announcement answer any appearing application architecture are assets assist attack attacker attackers attacks attacks: available backdoors behavior behaviors better bug bugs but called can change channel classification clearly collaboration come commitments common community compelling confidential confidential/proprietary consider consistent contain content contexts continuing control copyright covertly crafting criteria data decisions dedicated defined dependent detailing details deterministic developments directly discover discovery does eduardo effectively elements eligible engineering in even exact example examples exercises exfiltration exfiltration: existing expanding expect extract extracted extraction extraction: facilitate factually feasible features find finding findings first fix flaw following forward foster found from fuel gain generate generative google greater hallucinations harm harmful have help helping hence here high highly house how hunter hunting identified implementing important inaccurate include includes incorporates incorrect industry inference influence information initial injections input inputs intellectual intended invisible involves issue issued issues issues: items its jailbreaks jan july keep keller know last leak learnings listed look made make malicious manipulates meets membership million misclassification misleading model models models: more most new non nonsensitive/public not note often one online only open operated other others out output over own owned page party path perturbation: place please pose possible potentially powered pre preamble precisely preference present prime priority procedures producing product products program prompt prompts property protected protecting provided public publicly publishing qualifications qualifying question real realistic recent reconstruct reconstructs red relevant reliably report reporting reports research researchers response responses results return reward rewarded rewards rewards in rinaldi risks ryan safe safety scenario scenarioguidanceprompt scope scopeadversarial scopeas scopeattacks scopeconclusion we scopecontexts scopeextraction scopeif scopemanipulating scopemodel scopepotential scopeprompt scopetraining scopeusing security send sensitive september session session: set severity shared software something source specific state static steal submit successfully such systems table tactics target team techniques tested testing than theft these they third time today tool tools traditional training trigger ttps type types understand unexpected use used user users using valid valid–be vela verbatim victim victims violative voluntary vulnerabilities vulnerability ways website weights well what when which white who work world year years your |
| Tags | Tool Vulnerability |
| Stories | |
| Notes | ★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.