>_AYSOLI SECURITY HUB
THREAT AREA

Automated Data Analysis

When AI systems process customer data en masse, a highly attractive target for data theft and espionage is created.

Your Strategy

Anonymization is the key here. Sensitive data should be masked or protected using differential privacy before it is passed to the AI model.

Best Practices

  • Differential Privacy: Add controlled noise to the data to prevent identification of individuals.
  • Audit-Proof: Log every access to the training or analysis dataset in an unalterable manner.
  • Minimization: Process only the data fields that are absolutely necessary for the specific analysis.

STRIDE-LM Design Risks

SpoofingS-01

Identity Spoofing

Attacker impersonates a legitimate user or partner.

TamperingT-AI-02

Training Data Poisoning

Manipulation of training data to influence model behavior.

RepudiationR-01

Audit Log Manipulation

Deleting or altering traces of an action.

Information DisclosureI-AI-02

Model Inversion / Membership Inference

Reconstructing training data from model responses.

Denial of ServiceD-01

Resource Exhaustion

Overloading systems through massive requests or resource hogging.

Elevation of PrivilegeE-01

Privilege Escalation

Gaining privileges beyond what is intended.

Lateral MovementL-01

Lateral Movement

Accessing further internal systems after initial login.

Monitoring GapsM-AI-02

Overreliance on AI Outputs

Unchecked adoption of AI-generated content or code.

MITRE ATT&CK® Techniques

Reconnaissance
T1592

Gather Victim Digital Network Information

ATT&CK

Collecting information about the target infrastructure.

Mitigated by
Data Anonymization (Differential Privacy)Extended ProtectionHigh
NIST: PR.PT-3
Data Loss Prevention (DLP)Baseline ProtectionMedium
CIS: 13.3NIST: PR.DS-1
LLM Gateway / FirewallExtended ProtectionMedium
NIST: AI-1OWASP: LLM01
Continuous AI Red TeamingExtended ProtectionHigh
CIS: 18.1NIST: AI-5.1
Output Content FilteringBaseline ProtectionLow
NIST: AI-1.2OWASP: LLM02
Initial Access
T1078

Valid Accounts

ATT&CK

Exploiting existing credentials for access.

Mitigated by
Least Privilege PrincipleBaseline ProtectionMedium
CIS: 6.2NIST: PR.AC-6OWASP: A01:2021
Regular Access ReviewsBaseline ProtectionLow
CIS: 6.6NIST: PR.AC-1OWASP: A01:2021
Persistence
T1098

Account Manipulation

ATT&CK

Changing permissions or creating new accounts.

Mitigated by
Regular Access ReviewsBaseline ProtectionLow
CIS: 6.6NIST: PR.AC-1OWASP: A01:2021
Credential Access
T1552

Credentials from Password Stores

ATT&CK

Extracting passwords from web browsers or password managers.

Mitigated by
Output Content FilteringBaseline ProtectionLow
NIST: AI-1.2OWASP: LLM02
Collection
T1530

Data from Cloud Storage Object

ATT&CK

Accessing data from cloud storage (S3, Blobs).

Mitigated by
Data Anonymization (Differential Privacy)Extended ProtectionHigh
NIST: PR.PT-3
Data Loss Prevention (DLP)Baseline ProtectionMedium
CIS: 13.3NIST: PR.DS-1
Least Privilege PrincipleBaseline ProtectionMedium
CIS: 6.2NIST: PR.AC-6OWASP: A01:2021
T1213

Data from Information Repositories

ATT&CK

Accessing data from knowledge bases (SharePoint, Confluence).

Mitigated by
Data Loss Prevention (DLP)Baseline ProtectionMedium
CIS: 13.3NIST: PR.DS-1
LLM Gateway / FirewallExtended ProtectionMedium
NIST: AI-1OWASP: LLM01
Least Privilege PrincipleBaseline ProtectionMedium
CIS: 6.2NIST: PR.AC-6OWASP: A01:2021
Exfiltration
T1020

Automated Exfiltration

ATT&CK

Automated exfiltration of data via interfaces.

Mitigated by
Data Anonymization (Differential Privacy)Extended ProtectionHigh
NIST: PR.PT-3
LLM Gateway / FirewallExtended ProtectionMedium
NIST: AI-1OWASP: LLM01
Immutable Audit LogsExtended ProtectionMedium
CIS: 8.2NIST: PR.PT-1
Continuous AI Red TeamingExtended ProtectionHigh
CIS: 18.1NIST: AI-5.1
Output Content FilteringBaseline ProtectionLow
NIST: AI-1.2OWASP: LLM02
T1567

Exfiltration Over Web Service

ATT&CK

Data leakage via legitimate web interfaces.

Mitigated by
Data Loss Prevention (DLP)Baseline ProtectionMedium
CIS: 13.3NIST: PR.DS-1
LLM Gateway / FirewallExtended ProtectionMedium
NIST: AI-1OWASP: LLM01
SIEM IntegrationExtended ProtectionHigh
CIS: 8.5NIST: DE.AE-3NIST: DE.CM-1OWASP: A09:2021
Continuous AI Red TeamingExtended ProtectionHigh
CIS: 18.1NIST: AI-5.1
Impact
T1565

Inplace Modification

ATT&CK

Manipulation of existing code or data at the storage location.

Mitigated by
Data Anonymization (Differential Privacy)Extended ProtectionHigh
NIST: PR.PT-3
Immutable Audit LogsExtended ProtectionMedium
CIS: 8.2NIST: PR.PT-1

Is your scenario more complex?

AYSOLI experts support you in implementing your specific security requirements.

Free consultation