%20--%3e%3cdefs%3e%3cstyle%3e%20.st0%20{%20fill:%20%23061b40;%20}%20.st1%20{%20fill:%20%23306af1;%20}%20.st2%20{%20fill:%20%235ce5cf;%20}%20%3c/style%3e%3c/defs%3e%3cg%3e%3cpath%20class='st0'%20d='M55,10.5h9v3h-9v9h12V7.5h-12v3ZM64,19.5h-6v-3h6v3Z'/%3e%3cpolygon%20class='st0'%20points='69%2016.5%2078%2016.5%2078%2019.5%2069%2019.5%2069%2022.5%2081%2022.5%2081%2013.5%2072%2013.5%2072%2010.5%2081%2010.5%2081%207.5%2069%207.5%2069%2016.5'/%3e%3cpolygon%20class='st0'%20points='95%2010.5%2095%207.5%2083%207.5%2083%2022.5%2095%2022.5%2095%2019.5%2086%2019.5%2086%2016.5%2095%2016.5%2095%2013.5%2086%2013.5%2086%2010.5%2095%2010.5'/%3e%3cpath%20class='st0'%20d='M40,1.5v21h11.6l1.4-1.4v-7.6h0c0,0-1.4-1.5-1.4-1.5l1.4-1.4V2.9l-1.4-1.4h-11.6ZM50,19.5h-7v-6h7v6ZM50,10.5h-7v-6h7v6Z'/%3e%3c/g%3e%3cpath%20class='st1'%20d='M23.1,24L14.7,4.8l-4.9,11.2h3.8l-1.8,4H3.3L12.1,0H2C.9,0,0,.9,0,2v20c0,1.1.9,2,2,2h21.1Z'/%3e%3cpath%20class='st2'%20d='M34,0h-16.8l10.6,24h6.2c1.1,0,2-.9,2-2V2C36,.9,35.1,0,34,0ZM32.5,20h-4V4h4v16Z'/%3e%3c/svg%3e)
At the 22nd China Cybersecurity Annual Conference (and the Cybersecurity Collaborative Defense Sub-forum of the National Cybersecurity Publicity Week), the first-ever crowdsourced testing results targeting AI large models were revealed. The event was guided by the Cybersecurity Coordination Department of the Central Cyberspace Administration, and hosted by the National Computer Network Emergency Response Technology Coordination Center. It attracted 559 white-hat security experts who conducted comprehensive security vulnerability tests on 15 AI large model and application products.
This test covered a variety of products, from basic large models to intelligent agents and model development platforms, aiming to identify potential security risks from an attacker's perspective. The results showed that a total of 281 security vulnerabilities were found, among which 177 were unique to large models, accounting for more than 60%. This indicates that AI large models face many emerging risks beyond traditional security areas.
The typical vulnerability risks revealed in the test include serious output misbehavior vulnerabilities in some products, frequent information leakage vulnerabilities, and prompt injection vulnerabilities as a common risk. In addition, although some large model products have certain protective capabilities, measures against unlimited consumption attacks still need to be strengthened. It is worth noting that traditional security vulnerabilities are still widespread and must be given sufficient attention.
In the mainstream large model products participating in the test, Tencent's Hunyuan Large Model, Baidu's Wenxin Yinyi, and Alibaba's Tongyi App had relatively fewer vulnerabilities found, showing a high level of security protection. This result brings confidence to users and developers.
At the end of the event, the official proposed four requirements for AI large model security governance, emphasizing the importance of future protection measures and vulnerability management, including strengthening security protection, developing vulnerability classification standards, encouraging the participation of social white-hat forces, and integrating security management throughout the entire lifecycle of AI systems.