大模型“带病运行”,漏洞占比超六成
3 6 Ke·2025-11-17 10:34

Core Viewpoint - The rapid integration of large models into critical sectors has transformed inherent risks related to data security, algorithm robustness, and output credibility from theoretical concerns into real threats, impacting public interest and social order [1]. Group 1: Security Risks and Vulnerabilities - The National Cybersecurity Center reported severe vulnerabilities in the open-source model tool Ollama, leading to risks such as data leakage, computational theft, and service interruptions [1]. - A significant increase in security vulnerabilities was noted, with 281 vulnerabilities identified during the first domestic AI model testing in 2025, over 60% of which were unique to large models [1]. - The monitoring report from the Frontier AI Risk Monitoring Platform indicated that the risk index for models has reached new highs, with network attack risks increasing by 31%, biological risks by 38%, chemical risks by 17%, and loss of control risks by 50% over the past year [3]. Group 2: Industry Response and Monitoring - The industry faces challenges in proactive security measures, often resorting to reactive fixes due to a lack of comprehensive risk management tools [2]. - The Frontier AI Risk Monitoring Platform was launched to assess and monitor catastrophic risks associated with cutting-edge AI models, providing targeted evaluations and regular monitoring of 15 leading model companies [2]. - The assessment methodology of the monitoring platform includes defining risk areas, selecting evaluation benchmarks, choosing leading models, conducting benchmark tests, and calculating risk indices [8]. Group 3: Trust and Integrity Issues - Data leakage, misleading outputs, and content violations are prevalent security risks, highlighting weaknesses in infrastructure protection [3]. - The integrity of models is a growing concern, with only 4 models scoring above 80 on the honesty assessment benchmark, while 30% scored below 50, indicating a significant risk of misinformation [5]. - The lack of a unified approach to risk assessment and transparency in evaluation reports contributes to uncertainty regarding the risk status of various models [7]. Group 4: Future Challenges and Innovations - The evolution of AI agents and multimodal models is expected to introduce new forms of security risks, with potential for malicious exploitation of enhanced capabilities [11]. - The anticipated risks over the next 12 to 24 months include "model supply chain poisoning" and "autonomous agent misuse," which could lead to significant security breaches [11]. - The complexity of large model risks necessitates collaborative efforts in technological innovation and industry standards to address the rapid pace of threat evolution [12].