SecurityBrief India - Technology news for CISOs & cybersecurity decision-makers
India
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
AI Security
#
LLMs
#
AI

Mindgard reveals vulnerabilities in Azure AI content safety

Thu, 31st Oct 2024
Author image
By Catherine Knowles, Journalist

Mindgard has identified two security vulnerabilities within Microsoft's Azure AI Content Safety Service.

These vulnerabilities were detected by Mindgard using their Automated AI Red Teaming Platform and allow attackers to bypass existing security measures to propagate malicious content to Large Language Models (LLM).

Azure AI Content Safety acts as a filter system on Microsoft's AI platform, and the vulnerabilities were found in the AI Text Moderation and Prompt Shield filters. The AI Text Moderation filter is designed to block harmful or inappropriate content in text and visuals, such as violence or hate speech, while the Prompt Shield aims to prevent AI instruction from being overridden.

To identify the vulnerabilities, Mindgard deployed these filters in front of the ChatGPT 3.5 Turbo accessed via Azure OpenAI. Attack methods employed included Character Injection and Adversarial Machine Learning (ML) Evasion to misclassify inputs during the detection of malicious content.

Character Injection techniques, such as using diacritics, homoglyphs, numerical replacement, and spaced characters, were notably successful in reducing the Prompt Shield's jailbreak detection from 89% to 7%. These methods equally impacted AI Text Moderation, decreasing harmful content detection capability from 90% to 19.37%, and in some cases down to 0%. Adversarial ML Evasion further reduced Prompt Guard's effectiveness by 12.8% and AI Text Moderation by 58.5%.

Dr. Peter Garraghan, CEO/CTO of Mindgard and Professor at Lancaster University, commented on the discovery: "In detecting these vulnerabilities, Mindgard is not only contributing to the improved security of the Azure AI platform but also doing essential reputation management for LLMs and the systems and applications that use LLMs. AI's hate speech and offensive content generation problem is well-documented. Jailbreaking attempts are a common occurrence. Essential measures are already being taken to curb this, but our tests prove there is still some distance to go. The only way to do that is through comprehensive and rigorous testing of this nature."

The vulnerabilities pose significant risks by allowing attackers to expose confidential information, gain unauthorized access, manipulate outputs, and spread misinformation, potentially compromising the integrity and reputation of LLM-based systems.

Microsoft has acknowledged the findings from Mindgard's tests. As of October 2024, the company has reportedly worked on fixes to address these vulnerabilities, stating that the effectiveness of these vulnerabilities has been reduced through updates and improvements in detection.

Mindgard is a deep-tech startup specialising in cybersecurity for companies working with AI, GenAI and LLMs. Mindgard was founded in 2022 at Lancaster University and is now based in London, UK. The company's primary product, born from eight years of R&D in AI security, offers an automated platform for comprehensive security testing, red teaming, and rapid detection/response.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Snowflake unveils Hybrid Tables to unify data workloads
Cofense report: Sophisticated email threats on the rise
Tenable discovers vulnerabilities in IaC & PaC platforms
N-able acquires Adlumin to boost cybersecurity offerings
Microsoft integrates Endor Labs' solution into Defender
Top stories
Dave Schneider joins Logpoint as VP of marketing
Prompt Security raises USD $18m for GenAI protection
Appsflyer adds AI layer to boost fraud prevention tool
HP launches Enterprise Security Edition for secure PCs
Rubrik unveils data protection for Azure Blob Storage