LLM04:2025Data & Model Poisoning
Slide 24 of 27
Part 4 · PreventionSlide 24
Slide 24 · Mitigation 6 of 6
Watch training, and ground answers at inference.
📄 OWASP LLM Top 10:2025 · LLM04 Prevention — Monitoring & Grounding
OWASP — Monitoring & Grounding
Monitor Training + Retrieval Grounding
What OWASP Says

“Monitor training loss and analyze model behavior for signs of poisoning, using thresholds to detect anomalous responses.” Use RAG and grounding during inference to reduce risk.

Where a Real Case Shows the Gap

Poisoning often shows up as anomalies in training loss or a sudden behavior shift — completely invisible if nobody is watching the metrics.

How to Do This Right

→ Monitor training loss and model behavior against defined thresholds
→ Alert on anomalous responses in production
→ Ground outputs in retrieved, verified sources (RAG) so a poisoned weight is checked against real data

How to Validate

Can you see your model's training-loss curve and a behavior baseline? If a backdoor spiked the loss during training, would anyone have noticed?

← BackNext → The matrix
📄 View sources for this lesson