Explanation:
Prompt injection (Option B) is the correct AI system input vulnerability that must be addressed before deploying the chatbot. This vulnerability occurs when malicious users craft inputs designed to manipulate or subvert the AI model's intended behavior.
Direct Input Manipulation Risk: Since the chatbot is publicly accessible 24/7 on an ecommerce website, it's exposed to potentially malicious users who could attempt to inject prompts that override the chatbot's original instructions.
Ecommerce-Specific Threats: In an order submission context, prompt injection could lead to:
Immediate Deployment Concern: Unlike other vulnerabilities that might develop over time, prompt injection is an inherent risk that exists from the moment the chatbot goes live and must be mitigated proactively.
A: Data Leakage: While important, this is typically a broader data security concern rather than a specific AI system input vulnerability. It involves unauthorized access to data, not manipulation of the AI's behavior through crafted inputs.
C: LLM Hallucinations: This refers to the model generating incorrect or nonsensical information. While relevant to AI quality, it's not specifically an "input vulnerability" that attackers exploit through malicious inputs.
D: Concept Drift: This occurs when the statistical properties of the target variable change over time, causing model performance degradation. It's a maintenance issue that develops gradually, not an immediate input vulnerability that needs resolution before deployment.
Before deployment, the company should implement:
Prompt injection represents the most direct and immediate threat to the chatbot's security and functionality in this public-facing ecommerce scenario.
Ultimate access to all questions.
Which AI system input vulnerability must the ecommerce company address before deploying its 24/7 customer order chatbot on the website?
A
Data leakage
B
Prompt injection
C
Large language model (LLM) hallucinations
D
Concept drift
No comments yet.