What Is Data Poisoning?
Data Poisoning is a form of adversarial attack on AI systems where malicious data is deliberately introduced into the training dataset to corrupt a model's learned behaviour or introduce backdoors.
Data Poisoning — a form of adversarial attack on AI systems where malicious data is deliberately introduced into the training dataset to corrupt a model's learned behaviour or introduce backdoors.
Data poisoning is an integrity attack on the AI training pipeline. In targeted poisoning, the attacker causes the model to misclassify specific inputs while behaving normally on others (a backdoor). In indiscriminate poisoning, model performance degrades generally. Supply-chain AI risk — using third-party datasets or pre-trained models — carries inherent data poisoning risk because the provenance of training data may be unknown. The EU AI Act's data governance requirements (Article 10) are partly aimed at data poisoning prevention.
Source: NIST AI 100-2 (Adversarial Machine Learning); EU AI Act, Article 10
Plain-language explanation
Data poisoning is an integrity attack on the AI training pipeline. In targeted poisoning, the attacker causes the model to misclassify specific inputs while behaving normally on others (a backdoor). In indiscriminate poisoning, model performance degrades generally. Supply-chain AI risk — using third-party datasets or pre-trained models — carries inherent data poisoning risk because the provenance of training data may be unknown. The EU AI Act's data governance requirements (Article 10) are partly aimed at data poisoning prevention.
See where you stand on AI governance
Take the free 7-question maturity assessment and get a personalised action plan.
Free assessment — 3 minutes →