Researchers Provide Taxonomy of Gen AI Misuse

To clarify the potential risks of GenAI and provide "a concrete understanding of how GenAI models are specifically exploited or abused in practice, including the tactics employed to inflict harm," a group of researchers from Google DeepMind, Jigsaw, and Google.org recently published a paper entitled, "Generative AI Misuse: A Taxonomy of Tactics and Insights from Real-World Data."

The authors of the paper, Nahema Marchal, Rachel Xu, Rasmi Elasmar, Iason Gabriel, Beth Goldberg, and William Isaac, emphasized that, as GenAI capabilities continue to advance, understanding the specific ways in which these tools are exploited is critical for developing effective safeguards. Their "taxonomy of GenAI misuse tactics" is meant to provide a framework for identifying and addressing the potential harms associated with these technologies, they wrote, ultimately aiming to ensure their responsible and ethical use.

The researchers based their study on the qualitative analysis of approximately 200 incidents reported between January 2023 and March 2024. That analysis revealed key patterns and motivations behind the misuse of GenAI, including:

  • Manipulation of human likeness. The most prevalent tactics involve the manipulation of human likeness, such as impersonation, "sockpuppeting," and "non-consensual intimate imagery."
  • Low-tech exploitation. Most misuse cases do not involve sophisticated technological attacks, but rather exploit easily accessible GenAI capabilities requiring minimal technical expertise.
  • Emergence of new forms of misuse. The availability and accessibility of GenAI tools have introduced new forms of misuse that, although not overtly malicious or policy-violative, have concerning ethical implications, such as blurring the lines between authenticity and deception in political outreach and self-promotion.

The study also identified two categories of misuse tactics:

Exploitation of GenAI Capabilities

  • Impersonation: Creating AI-generated audio or video to mimic real people.
  • Appropriated likeness: Using or altering a person's likeness without consent.
  • Sockpuppeting: Creating synthetic online personas.
  • NCII: Generating explicit content without consent.
  • Falsification: Fabricating evidence such as reports or documents.
  • IP infringement: Using someone’s intellectual property without permission.
  • Counterfeit: Producing items that imitate original works and pass as real.
  • Scaling and amplification: Automating and amplifying content distribution.
  • Targeting & personalization: Refining outputs for targeted attacks.

Compromise of GenAI Systems

  • Adversarial inputs: Modifying inputs to cause a model to malfunction.
  • Prompt injections: Manipulating text instructions to produce harmful outputs.
  • Jailbreaking: Bypassing model restrictions and safety filters.
  • Model diversion: Repurposing models for unintended uses.
  • Steganography: Hiding messages within model outputs.
  • Data poisoning: Corrupting training datasets to introduce vulnerabilities.
  • Privacy compromise: Revealing sensitive information from training data.
  • Data exfiltration: Illicitly obtaining training data.
  • Model extraction: Stealing model architecture and parameters.

The paper provides insights for policymakers, trust and safety teams, and researchers to help them develop strategies for AI governance and mitigate real-world harms, the authors wrote. In order to protect against the diverse and growing threats posed by GenAI, they called for better technical safeguards, non-technical user-facing interventions, and ongoing monitoring of the evolving misuse landscape.

Read more here.

About the Author

John K. Waters is the editor in chief of a number of Converge360.com sites, with a focus on high-end development, AI and future tech. He's been writing about cutting-edge technologies and culture of Silicon Valley for more than two decades, and he's written more than a dozen books. He also co-scripted the documentary film Silicon Valley: A 100 Year Renaissance, which aired on PBS.  He can be reached at [email protected].

Featured

  • digital learning resources including a document, video tutorial, quiz checklist, pie chart, and AI cloud icon

    Quizizz Rebrands as Wayground, Announces New AI Features

    Learning platform Quizizz has become Wayground, in a rebranding meant to reflect "the platform's evolution from a quiz tool into a more versatile supplemental learning platform that's supported by AI," according to a news announcement.

  • stylized illustration of a desktop, laptop, tablet, and smartphone all displaying an orange AI icon

    Survey: AI Shifting from Cloud to PCs

    A recent Intel-commissioned report identifies a significant shift in AI adoption, moving away from the cloud and closer to the user. Businesses are increasingly turning to the specialized hardware of AI PCs, the survey found, recognizing their potential not just for productivity gains, but for revolutionizing IT efficiency, fortifying data security, and delivering a compelling return on investment by bringing AI capabilities directly to the edge.

  • abstract pattern of cybersecurity, ai and cloud imagery

    Report Identifies Malicious Use of AI in Cloud-Based Cyber Threats

    A recent report from OpenAI identifies the misuse of artificial intelligence in cybercrime, social engineering, and influence operations, particularly those targeting or operating through cloud infrastructure. In "Disrupting Malicious Uses of AI: June 2025," the company outlines how threat actors are weaponizing large language models for malicious ends — and how OpenAI is pushing back.

  • young educators collaborate with AI tools on laptops and tablets

    Survey: Younger Educators More Likely to Embrace AI Tools

    While educators across the United States agree that AI has enhanced classroom engagement, enthusiasm for AI's benefits is strongest among young teachers, according to a recent survey from learning technology company D2L.