highexperimentalLinuxAI/MLOCIT1548.003T1098

LLM Service Invoking OCI Identity Or Policy Operations

Detects LLM service processes spawning the OCI CLI with IAM sub-commands (iam, policy, group, user, dynamic-group). An LLM invoking identity operations suggests excessive agency, where the model has been granted or has acquired the ability to modify cloud access controls.

Updated Jan 15, 2025 · Detection Engineering Team

llmexcessive-agencylinuxoci-iamowasp-llm06

Problem Statement

An LLM with access to IAM and policy operations can escalate privileges, create backdoor accounts, or grant attacker identities cloud-wide access. This represents critical excessive agency.

Sample Logs

{"timestamp":"2025-01-15T10:44:09Z","computer_name":"llm-host-01","user":"llm_svc","image":"/usr/local/bin/oci","command_line":"oci iam policy create --name backdoor-policy --statements '["Allow any-user to manage all-resources in tenancy"]'","parent_image":"/opt/llm/app/agent.py"}

Required Fields

image

command_line

parent_image

user

computer_name

False Positives

·Approved LLM infrastructure management agents with explicit IAM tool bindings

Tuning Guidance

LLM inference services should operate under a least-privilege OCI policy that excludes IAM management permissions. Remove this access rather than tuning the detection.