S0101Critical

預處理工具供應鏈漏洞

Operation & Monitoring

Risk Description

Security vulnerabilities in data pre-processing tools (image libraries like Pillow/OpenCV, text cleaning libraries, audio processing libraries) can be exploited to inject malicious code or trigger buffer overflow attacks. Since pre-processing occurs before model inference, attackers can trigger tool vulnerabilities through crafted input data, gaining system control before the AI system processes any request.

Framework Mappings

iso 23894R2
cosaiSupply Chain Attack
tw principle資安與安全
tw risk type技術設計缺陷(Technical Design Flaw)

Controls English translation pending

  • 輸入驗證沙箱
  • 前處理工具安全審計

Implementation Steps English translation pending

  1. 在沙箱環境中執行所有輸入資料的前處理操作
  2. 定期審計和更新所有前處理依賴項
  3. 對使用者上傳的檔案實施嚴格的格式驗證和大小限制
  4. 部署輸入模糊測試(Fuzzing),發現前處理工具的潛在漏洞