Adversaries may insert malicious or adversarial vectors into the index through ingestion endpoints, polluting the dataset and degrading search quality, or subtly steering results toward specific outcomes.
Database / Vector / Threats / DEV
Embedding and Index Poisoning
CCC.Vector.TH02
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.Vector.CP02 | Vector Indexing | Provides creation and management of indexes optimized for similarity search, such as HNSW, IVF, or PQ. |
| CCC.Vector.CP05 | Batch Ingestion | Allows for high-throughput batch upload and deletion of vectors and associated metadata. |
| CCC.Vector.CP07 | Index Lifecycle Management | Enables automated or manual creation, optimization, and removal of vector indexes. |
Related Controls
| ID | Title | Description |
|---|---|---|
| CCC.Vector.CN01 | Validate Embeddings Before Indexing | Ensure all incoming embeddings are structurally and statistically validated before indexing to prevent poisoning or corruption. |
| CCC.Vector.CN02 | Enforce Role-Based Index Lifecycle Management | Restrict index lifecycle operations (create, delete, rollback) to privileged identities using fine-grained access controls. |
| CCC.Vector.CN04 | Enforce Ingestion Quotas and Throttling | Prevent ingestion-based DoS or index pollution by rate-limiting vector submissions and enforcing quotas. |
External Mappings
| Framework | ID | Remarks |
|---|---|---|
| FINOS-AIGF | AIR-SEC-009 | Data Poisoning |
| FINOS-AIGF | AIR-OP-014 | Inadequate System Alignment |