Model Poisoning and AI Drift: How Adversarial Inputs degrade AI Systems over time

Model poisoning is explicitly identified in leading AI security frameworks as a critical risk for machine-learning systems. It occurs when adversarial inputs are introduced into training or learning pipelines, altering a model’s expected behavior rather than causing immediate failure. In practice, this vulnerability often manifests as “AI drift”, a gradual change in model behavior, reliability, or performance over time.

This session examines the causal link between adversarial model poisoning and different forms of AI drift, illustrating how malicious influence can accelerate otherwise subtle degradation. Attendees will explore common drift types observed in AI/ML systems, including feature drift and performance degradation, and how adversarial inputs can influence these patterns over time. Mapping these risks to OWASP ML02 (Data Poisoning), ML10 (Model Poisoning), and the MITRE ATLAS framework, the session presents identification and detection steps, with a short demonstration using open-source tools.