Skip to main content

CCC.Vector.TH02: Embedding and Index Poisoning

Threat ID:CCC.Vector.TH02
Title:Embedding and Index Poisoning
Description:

Adversaries may insert malicious or adversarial vectors into the index through ingestion endpoints, polluting the dataset and degrading search quality, or subtly steering results toward specific outcomes.

Related Capabilities

IDTitleDescription
CCC.Vector.F02Vector IndexingProvides creation and management of indexes optimized for similarity search, such as HNSW, IVF, or PQ.
CCC.Vector.F05Batch IngestionAllows for high-throughput batch upload and deletion of vectors and associated metadata.
CCC.Vector.F07Index Lifecycle ManagementEnables automated or manual creation, optimization, and removal of vector indexes.

External Mappings

Reference IDEntry IDStrengthRemarks
FINOS-AIGF
AIR-SEC-009
0
Data Poisoning
FINOS-AIGF
AIR-OP-014
0
Inadequate System Alignment

Controls

IDTitleObjectiveControl FamilyThreat MappingsGuideline MappingsAssessment Requirements
CCC.Vector.C01Validate Embeddings Before IndexingEnsure all incoming embeddings are structurally and statistically validated before indexing to prevent poisoning or corruption. Vector Indexing
3
1
1
CCC.Vector.C02Enforce Role-Based Index Lifecycle ManagementRestrict index lifecycle operations (create, delete, rollback) to privileged identities using fine-grained access controls. Vector Indexing
3
1
1
CCC.Vector.C04Enforce Ingestion Quotas and ThrottlingPrevent ingestion-based DoS or index pollution by rate-limiting vector submissions and enforcing quotas. Vector Indexing
2
1
1