highexperimentalLinuxAI/MLT1565.001

LLM Service Modifying Vector Database Files

Detects LLM service processes writing to vector database files (FAISS, SQLite, Parquet, JSONL) in vector or embedding directories. Direct modification of vector stores can inject poisoned embeddings that corrupt RAG retrieval results.

Updated Jan 15, 2025 · Detection Engineering Team

llmvector-embeddinglinuxvector-dbowasp-llm08

Problem Statement

Modifying vector database files can inject embeddings that cause the RAG system to retrieve attacker-controlled content, poisoning model responses without changing the model weights themselves.

Sample Logs

{"timestamp":"2025-01-15T06:15:22Z","computer_name":"llm-host-01","user":"llm_svc","image":"/opt/llm/app/rag_updater.py","target_filename":"/opt/llm/vector/chroma/embeddings.sqlite","event_type":"file_modify"}

Required Fields

image

target_filename

event_type

user

computer_name

False Positives

·Approved RAG indexing pipelines that periodically update the vector store with new documents

Tuning Guidance

Establish a schedule for approved vector store updates. Alert on modifications outside this window or from unexpected process paths.