LLM04 - Data and Model Poisoning | designpattern.fyi

designpattern.fyi

Software Design Catalog

Owasp Llm

Back to Catalog

Owasp Llm top10_2025

LLM04 - Data and Model Poisoning

Attackers manipulate training or fine-tuning data to compromise model integrity.

Intent & Description

'

🎯 Intent

Protect the integrity of data used for training, fine-tuning, and embedding from malicious manipulation.

📋 Context

Adversaries can inject malicious data into training sets, fine-tuning datasets, or embedding databases to alter model behavior, introduce biases, or create backdoors.

💡 Solution

Validate and sanitize all training data. Implement data provenance tracking. Use anomaly detection on training pipelines. Monitor model behavior for drift. Maintain clean reference datasets for comparison.'

Real-world Use Case

Use when collecting training data, fine-tuning models, or building embedding/vector databases.

📌 TL;DR

Protect training data integrity. Validate data sources, track provenance, detect anomalies, monitor model behavior.

Advantages

Maintains model reliability
Prevents behavior manipulation
Ensures data quality
Protects against backdoors

Disadvantages

Poisoned data can be subtle
Detection is computationally expensive
Requires clean baseline data

4 of 10

© 2026 designpattern.fyi. Crafted with ❤️ for modern software engineers by OpenAGI