AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

Meet Trick With Trick: Revealing Collusion Intentions in Highly Concealed Poisoning Behavior

inforesearchPeer-Reviewed

securityresearch

Source: IEEE Xplore (Security & AI Journals)September 23, 2025

Summary

Recommender systems (platforms that suggest products or services to users) are vulnerable to data poisoning attacks (malicious manipulation of the data the system learns from to make it behave incorrectly). This paper presents METT, a detection method that identifies these attacks even when they are carefully hidden or small-scale, using techniques like causality inference (analyzing cause-and-effect relationships in user behavior) and a disturbance tolerance mechanism (a way to distinguish real attack patterns from false alarms).

Classification

Attack Type

Model PoisoningData Extraction

Attack SophisticationAdvanced

Impact (CIA+S)

integrity

Related Issues

high

CVE-2024-37052: Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.1.0 or newer, enabling

Similar attackNVD/CVE Database

critical

CVE-2025-45150: Insecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view and download sensitive

First tracked: February 12, 2026 at 02:22 PM

Classified by LLM (prompt v3) · confidence: 85%