Security News > 2023 > October > Google expands bug bounty program to cover AI-related threats

Google has expanded its bug bounty program, aka Vulnerability Rewards Program, to cover threats that could arise from Google's generative AI systems.

Following the voluntary commitment to the Biden-⁠Harris Administration to develop responsible AI and manage its risks, Google has added AI-related risks to its bug bounty program, which gives recognition and compensation to ethical hackers who successfully find and disclose vulnerabilities in Google's systems.

Training data extraction - An attacker gains unauthorized access to and extracts the training data used to develop ML models, potentially compromising the integrity and reliability of those model.

Manipulating models - Changing the behavior of the model to trigger pre-defined adversarial behaviors.

Model theft / exfiltration - Unauthorized access and exfiltration of details about Google's models, such as its architecture or weights.

Microsoft has recently announced its own AI bug bounty program, rewarding bug hunters with up to $15,000 to find vulnerabilities in the company's AI-powered Bing experience.

News URL

https://www.helpnetsecurity.com/2023/10/30/google-ai-bug-bounty/