AI Model Poisoning with Minimal Documents
Summary
Hide ▲
Show ▼
Researchers have demonstrated that it is possible to poison AI models of varying sizes using just 250 malicious documents. This finding challenges the previous assumption that a proportionally larger amount of poisoned data is required to manipulate larger models. The study involved injecting malicious documents into the training data of models ranging from 600 million to 13 billion parameters. The implications are significant for both developers of large language models and enterprises using fine-tuned models.
Timeline
-
22.10.2025 23:33 1 articles · 19h ago
Researchers Demonstrate AI Model Poisoning with 250 Documents
In a recent study, researchers from Anthropic, the UK AI Security Institute, and the Alan Turing Institute found that 250 poisoned documents were sufficient to backdoor AI models ranging from 600 million to 13 billion parameters. This challenges the previous assumption that larger models require proportionally more poisoned data. The study highlights the vulnerability of AI models during the training phase and the need for improved data protections.
Show sources
- It Takes Only 250 Documents to Poison Any AI Model — www.darkreading.com — 22.10.2025 23:33
Information Snippets
-
Researchers from Anthropic, the UK AI Security Institute, and the Alan Turing Institute successfully backdoored AI models using 250 poisoned documents.
First reported: 22.10.2025 23:331 source, 1 articleShow sources
- It Takes Only 250 Documents to Poison Any AI Model — www.darkreading.com — 22.10.2025 23:33
-
The study involved models ranging from 600 million to 13 billion parameters.
First reported: 22.10.2025 23:331 source, 1 articleShow sources
- It Takes Only 250 Documents to Poison Any AI Model — www.darkreading.com — 22.10.2025 23:33
-
The researchers found that 250 malicious documents were sufficient to backdoor models of all sizes tested.
First reported: 22.10.2025 23:331 source, 1 articleShow sources
- It Takes Only 250 Documents to Poison Any AI Model — www.darkreading.com — 22.10.2025 23:33
-
Data poisoning attacks involve injecting malicious data into a model's training dataset to manipulate its behavior.
First reported: 22.10.2025 23:331 source, 1 articleShow sources
- It Takes Only 250 Documents to Poison Any AI Model — www.darkreading.com — 22.10.2025 23:33
-
The study challenges the assumption that larger models require proportionally more poisoned data to be manipulated.
First reported: 22.10.2025 23:331 source, 1 articleShow sources
- It Takes Only 250 Documents to Poison Any AI Model — www.darkreading.com — 22.10.2025 23:33
-
The findings have implications for developers of large language models and enterprises using fine-tuned models.
First reported: 22.10.2025 23:331 source, 1 articleShow sources
- It Takes Only 250 Documents to Poison Any AI Model — www.darkreading.com — 22.10.2025 23:33