Establishing Reward Criteria for Reporting Bugs in AI Products

At Google, we maintain a Vulnerability Reward Program to honor cutting-edge external contributions addressing issues in Google-owned and Alphabet-subsidiary Web properties.
To keep up with rapid advances in AI technologies and ensure we're prepared to address the security challenges in a responsible way, we recently expanded our existing Bug Hunters program to foster third-party discovery and reporting of issues and vulnerabilities specific to our AI systems.
In our recent AI red team report, which is based on Google's AI Red Team exercises, we identified common tactics, techniques, and procedures that we consider most relevant and realistic for real-world adversaries to use against AI systems.
The following table incorporates what we learned to help the research community understand our criteria for AI bug reports and what's in scope for our reward program.
It's important to note that reward amounts are dependent on severity of the attack scenario and the type of target affected.
Category Attack scenario Guidance Prompt Attacks: Crafting adversarial prompts that allow an adversary to influence the behavior of the model and the output, in ways that were not intended by the application.
Prompt or preamble extraction in which a user is able to extract the initial prompt used to prime the model only when sensitive information is present in the extracted preamble.
Google's generative AI products already have a dedicated reporting channel for these types of content issues.
Training Data Extraction: Attacks that are able to successfully reconstruct verbatim training examples that contain sensitive information.
Manipulating Models: An attacker able to covertly change the behavior of a model such that they can trigger pre-defined adversarial behaviors.
Adversarial output or behavior that an attacker can reliably trigger via specific input in a model owned and operated by Google.
Only in scope when a model's output is used to change the state of a victim's account or data.
Attacks in which an attacker manipulates the training data of the model to influence the model's output in a victim's session according to the attacker's preference.
Adversarial Perturbation: Inputs that are provided to a model that results in a deterministic, but highly unexpected output from the model.
Contexts in which a model's incorrect output or classification does not pose a compelling attack scenario or feasible path to Google or user harm.
Model Theft/Exfiltration: AI models often include sensitive intellectual property, so we place a high priority on protecting these assets.
Exfiltration attacks allow attackers to steal details about a model such as its architecture or weights.
Attacks in which the exact architecture or weights of a confidential/proprietary model are extracted.
Attacks in which the architecture and weights are not extracted precisely, or when they're extracted from a non-confidential model.
As consistent with our program, issues that we already know about are not eligible for reward.


This Cyber News was published on www.darkreading.com. Publication date: Fri, 15 Dec 2023 23:15:05 +0000


Cyber News related to Establishing Reward Criteria for Reporting Bugs in AI Products

Establishing Reward Criteria for Reporting Bugs in AI Products - At Google, we maintain a Vulnerability Reward Program to honor cutting-edge external contributions addressing issues in Google-owned and Alphabet-subsidiary Web properties. To keep up with rapid advances in AI technologies and ensure we're prepared ...
1 year ago Darkreading.com
Poking holes in Google products bagged bug hunters $10M The Register - Google awarded $10 million to 632 bug hunters last year through its vulnerability reward programs. The web goliath's 2023 total represents a slight dip compared to the $12 million in bounties it paid the previous year. Hopefully this means ...
9 months ago Go.theregister.com
Google Online Security Blog: Virtual Escape; Real Reward: Introducing Google's kvmCTF - Google is committed to enhancing the security of open-source technologies, especially those that make up the foundation for many of our products, like Linux and KVM. To this end we are excited to announce the launch of kvmCTF, a vulnerability reward ...
5 months ago Security.googleblog.com
How CSRD and EED are Reshaping Data Center Sustainability Reporting - It requires companies to prepare annual sustainability reports following the European Sustainability Reporting Standards. The CSRD introduces assurance requirements for sustainability reports, necessitating independent verification by auditors. ...
1 year ago Securityboulevard.com
Google now pays $250,000 for KVM zero-day vulnerabilities - Google has launched kvmCTF, a new vulnerability reward program first announced in October 2023 to improve the security of the Kernel-based Virtual Machine hypervisor that comes with $250,000 bounties for full VM escape exploits. KVM, an open-source ...
5 months ago Bleepingcomputer.com
Google paid $10 million in bug bounty rewards last year - Google awarded $10 million to 632 researchers from 68 countries in 2023 for finding and responsibly reporting security flaws in the company's products and services. Though this is lower than the $12 million Google's Vulnerability Reward Program paid ...
9 months ago Bleepingcomputer.com
CVE-2022-24815 - JHipster is a development platform to quickly generate, develop, & deploy modern web applications & microservice architectures. SQL Injection vulnerability in entities for applications generated with the option "reactive with Spring ...
2 years ago
What CIRCIA Means for Critical Infrastructure Providers and How Breach and Attack Simulation Can Help - Cyber Defense Magazine - To prepare themselves for future attacks, organizations can utilize BAS to simulate real-world attacks against their security ecosystem, recreating attack scenarios specific to their critical infrastructure sector and function within that sector, ...
2 months ago Cyberdefensemagazine.com
The 20 Most Essential Crypto Bug Bounty Programs - Working with cryptocurrency has become more and more popular in the last few years, but it’s not without risks. It’s important for sites that conduct digital payments and transfers to have security measures in place to help keep your data safe ...
1 year ago Hackread.com
US Offers $10M Reward for Information on Hive Ransomware Leaders - The US Department of State on Thursday announced a $10 million reward for information on leaders of the Hive ransomware cybergang. The announcement comes roughly one year after law enforcement took down the Hive ransomware operation and seized the ...
10 months ago Securityweek.com
Biden veto waiting for bill to kill SEC breach report rule The Register - The Biden administration has expressed to congressional representatives its strong opposition to undoing the Securities and Exchange Commission's strict data breach reporting rule. The joint resolution, along with House Joint Resolution 100, ...
10 months ago Go.theregister.com
Patch Now: Critical Windows Kerberos Bug Bypasses Microsoft Security - Microsoft eased enterprise security teams into 2024 with a relatively light January security update consisting of patches for 48 unique CVEs, just two of which the company identified as being of critical severity. For the second straight month, ...
11 months ago Darkreading.com
Why CVEs Are an Incentives Problem - I've been thinking about some of these unintended consequences in the context of a growing problem faced by all of us in cybersecurity: how a fast-rising tide of software vulnerabilities tracked as common vulnerabilities and exposures - are reported ...
6 months ago Darkreading.com
CVE-2020-9439 - Multiple cross-site scripting (XSS) vulnerabilities in Uncanny Owl Tin Canny LearnDash Reporting before 3.4.4 allows authenticated remote attackers to inject arbitrary web script or HTML via the search_key GET Parameter in ...
3 years ago
US boosts reward for info on 'Missing Cryptoqueen' Ruja Ignatova to $5 million - The United States is offering up to $5 million as a reward for anyone who comes forward with information leading to the arrest and/or conviction of the fugitive Ruja Ignatova, the alleged cryptocurrency fraudster who has been missing since 2017. ...
5 months ago Therecord.media
Why CISOs and CIOs Should Work Together More Closely - Although there are overlaps in the goals and responsibilities of the CIO and the CISO, there are also challenges that get in the way of a more cohesive relationship, including reporting lines, organizational structures, budgets, and risk appetites. A ...
1 year ago Feedpress.me
No one's happy with latest US cyber incident reporting plan The Register - Organizations that sell IT services to Uncle Sam are peeved at proposed changes to procurement rules that would require them to allow US government agencies full access to their systems in the event of a security incident. The rules were unveiled in ...
10 months ago Go.theregister.com
Google Adds V8 Sandbox To Chrome To Fight Against Browser Attacks - A Sandbox is a protective medium that blocks the entire system from any application accessing vulnerable resources. Restrictive environments for web content in browsers called sandboxes reduce the impact that can be caused by browser-based attacks ...
8 months ago Gbhackers.com
Essential Security Certifications for Consumer Mobile Devices: A Comprehensive Guide - In an era dominated by mobile technology, ensuring the security of consumer mobile devices has become paramount. Various certifications play a crucial role in establishing the trustworthiness of these devices, assuring users that their personal data ...
10 months ago Cybersecurity-insiders.com
Essential Security Certifications for Consumer Mobile Devices: A Comprehensive Guide - In an era dominated by mobile technology, ensuring the security of consumer mobile devices has become paramount. Various certifications play a crucial role in establishing the trustworthiness of these devices, assuring users that their personal data ...
10 months ago Cybersecurity-insiders.com
Essential Security Certifications for Consumer Mobile Devices: A Comprehensive Guide - In an era dominated by mobile technology, ensuring the security of consumer mobile devices has become paramount. Various certifications play a crucial role in establishing the trustworthiness of these devices, assuring users that their personal data ...
10 months ago Cybersecurity-insiders.com
Essential Security Certifications for Consumer Mobile Devices: A Comprehensive Guide - In an era dominated by mobile technology, ensuring the security of consumer mobile devices has become paramount. Various certifications play a crucial role in establishing the trustworthiness of these devices, assuring users that their personal data ...
10 months ago Cybersecurity-insiders.com
Essential Security Certifications for Consumer Mobile Devices: A Comprehensive Guide - In an era dominated by mobile technology, ensuring the security of consumer mobile devices has become paramount. Various certifications play a crucial role in establishing the trustworthiness of these devices, assuring users that their personal data ...
10 months ago Cybersecurity-insiders.com
Essential Security Certifications for Consumer Mobile Devices: A Comprehensive Guide - In an era dominated by mobile technology, ensuring the security of consumer mobile devices has become paramount. Various certifications play a crucial role in establishing the trustworthiness of these devices, assuring users that their personal data ...
10 months ago Cybersecurity-insiders.com
Essential Security Certifications for Consumer Mobile Devices: A Comprehensive Guide - In an era dominated by mobile technology, ensuring the security of consumer mobile devices has become paramount. Various certifications play a crucial role in establishing the trustworthiness of these devices, assuring users that their personal data ...
10 months ago Cybersecurity-insiders.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)