CCC.Vector.TH02: Embedding and Index Poisoning
Threat ID:CCC.Vector.TH02
Title:Embedding and Index Poisoning
Description:
Adversaries may insert malicious or adversarial vectors into the index through ingestion endpoints, polluting the dataset and degrading search quality, or subtly steering results toward specific outcomes.
Related Capabilities
ID | Title | Description |
---|---|---|
CCC.Vector.F02 | Vector Indexing | Provides creation and management of indexes optimized for similarity search, such as HNSW, IVF, or PQ. |
CCC.Vector.F05 | Batch Ingestion | Allows for high-throughput batch upload and deletion of vectors and associated metadata. |
CCC.Vector.F07 | Index Lifecycle Management | Enables automated or manual creation, optimization, and removal of vector indexes. |
External Mappings
Reference ID | Entry ID | Strength | Remarks |
---|---|---|---|
FINOS-AIGF | AIR-SEC-009 | 0 | Data Poisoning |
FINOS-AIGF | AIR-OP-014 | 0 | Inadequate System Alignment |
Controls
ID | Title | Objective | Control Family | Threat Mappings | Guideline Mappings | Assessment Requirements |
---|---|---|---|---|---|---|
CCC.Vector.C01 | Validate Embeddings Before Indexing | Ensure all incoming embeddings are structurally and statistically validated before indexing to prevent poisoning or corruption. | Vector Indexing | 3 | 1 | 1 |
CCC.Vector.C02 | Enforce Role-Based Index Lifecycle Management | Restrict index lifecycle operations (create, delete, rollback) to privileged identities using fine-grained access controls. | Vector Indexing | 3 | 1 | 1 |
CCC.Vector.C04 | Enforce Ingestion Quotas and Throttling | Prevent ingestion-based DoS or index pollution by rate-limiting vector submissions and enforcing quotas. | Vector Indexing | 2 | 1 | 1 |