Security News > 2023 > January > New Study Uncovers Text-to-SQL Model Vulnerabilities Allowing Data Theft and DoS Attacks
A group of academics has demonstrated novel attacks that leverage Text-to-SQL models to produce malicious code that could enable adversaries to glean sensitive information and stage denial-of-service attacks.
The findings, which were validated against two commercial solutions BAIDU-UNIT and AI2sql, mark the first empirical instance where natural language processing models have been exploited as an attack vector in the wild.
The black box attacks are analogous to SQL injection faults wherein embedding a rogue payload in the input question gets copied to the constructed SQL query, leading to unexpected results.
The specially crafted payloads, the study discovered, could be weaponized to run malicious SQL queries that could permit an attacker to modify backend databases and carry out DoS attacks against the server.
A second category of attacks explored the possibility of corrupting various pre-trained language models - models that have been trained with a large dataset while remaining agnostic to the use cases they are applied on - to trigger the generation of malicious commands based on certain triggers.
The backdoor attacks on four different open source models using a corpus poisoned with malicious samples achieved a 100% success rate with little discernible impact on performance, making such issues difficult to detect in the real world.
News URL
https://thehackernews.com/2023/01/new-study-uncovers-text-to-sql-model.html