CCC.Vector.TH02: Embedding and Index Poisoning
Threat ID:CCC.Vector.TH02
Title:Embedding and Index Poisoning
Description:
Adversaries may insert malicious or adversarial vectors into the index through ingestion endpoints, polluting the dataset and degrading search quality, or subtly steering results toward specific outcomes.
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.Vector.CP02 | Vector Indexing | Provides creation and management of indexes optimized for similarity search, such as HNSW, IVF, or PQ. |
| CCC.Vector.CP05 | Batch Ingestion | Allows for high-throughput batch upload and deletion of vectors and associated metadata. |
| CCC.Vector.CP07 | Index Lifecycle Management | Enables automated or manual creation, optimization, and removal of vector indexes. |
External Mappings
| Reference ID | Entry ID | Strength | Remarks |
|---|---|---|---|
FINOS-AIGF | AIR-SEC-009 | 0 | Data Poisoning |
FINOS-AIGF | AIR-OP-014 | 0 | Inadequate System Alignment |
Controls
| ID | Title | Objective | Control Family | Threat Mappings | Guideline Mappings | Assessment Requirements |
|---|---|---|---|---|---|---|
| CCC.Vector.CN01 | Validate Embeddings Before Indexing | Ensure all incoming embeddings are structurally and statistically validated before indexing to prevent poisoning or corruption. | Vector Indexing | 3 | 1 | 1 |
| CCC.Vector.CN02 | Enforce Role-Based Index Lifecycle Management | Restrict index lifecycle operations (create, delete, rollback) to privileged identities using fine-grained access controls. | Vector Indexing | 3 | 1 | 1 |
| CCC.Vector.CN04 | Enforce Ingestion Quotas and Throttling | Prevent ingestion-based DoS or index pollution by rate-limiting vector submissions and enforcing quotas. | Vector Indexing | 2 | 1 | 1 |