AAISM · Question #123
Which of the following mitigation control strategies would BEST reduce the risk of introducing hidden backdoors during model fine-tuning via third-party components?
The correct answer is B. Performing threat modeling and integrity checks. Threat modeling identifies where in the fine-tuning pipeline a malicious third-party component could introduce a backdoor, while integrity checks (e.g., cryptographic hashes, software bill of materials verification, and code audits) confirm that components have not been tampered
Question
Which of the following mitigation control strategies would BEST reduce the risk of introducing hidden backdoors during model fine-tuning via third-party components?
Options
- ALeveraging open-source models and packages
- BPerforming threat modeling and integrity checks
- CDisabling runtime logs during model training
- DImplementing unsupervised learning methods
How the community answered
(55 responses)- A13% (7)
- B76% (42)
- C4% (2)
- D7% (4)
Explanation
Threat modeling identifies where in the fine-tuning pipeline a malicious third-party component could introduce a backdoor, while integrity checks (e.g., cryptographic hashes, software bill of materials verification, and code audits) confirm that components have not been tampered with. Together they proactively surface and block hidden backdoors before they reach production. Option A (open-source) does not prevent backdoors-open-source code can still be malicious. Option C (disabling logs) eliminates visibility rather than reducing risk. Option D (unsupervised learning) is a training methodology unrelated to supply-chain backdoor prevention.
Topics
Community Discussion
No community discussion yet for this question.