highexperimentalLinuxAI/MLT1565.001

LLM Service Replacing Retrieval Index From Temp Path

Detects file copy, move, or rsync operations replacing vector or embedding index files with content sourced from temporary directories. This staged replacement pattern indicates an in-flight vector store poisoning attack.

Updated Jan 15, 2025 · Detection Engineering Team

llmvector-embeddinglinuxindex-replaceowasp-llm08

Problem Statement

Replacing the retrieval index from a staging path is the execution phase of a vector poisoning attack. Once replaced, every RAG query may return attacker-controlled context until the legitimate index is restored.

Sample Logs

{"timestamp":"2025-01-15T08:44:07Z","computer_name":"llm-host-01","user":"opc","image":"/bin/mv","command_line":"mv /tmp/poisoned_index.faiss /opt/llm/vector/index.faiss"}

Required Fields

image

command_line

user

computer_name

False Positives

·Index rebuild scripts that use /tmp as a staging area before atomic replacement

Tuning Guidance

Implement a canary file approach — include a known-good embedding in the index and alert if retrieval quality drops after an index replacement event.