Asrg — Algorithmic Sabotage Research Group

The group has published (in whitepapers, not peer-reviewed journals, to avoid giving roadmaps to script kiddies) an internal taxonomy:

| Attack Surface | Target | ASRG Research Focus | |----------------|--------|----------------------| | Training Data Supply Chain | Labeling services (e.g., Mechanical Turk) | Subversion of annotators: paying workers to systematically mislabel a specific class (e.g., all "pedestrian" as "street sign"). | | Model Registry | Hugging Face, internal model stores | Trojan model uploads: publishing a "helpful" fine-tuned model that contains a logic bomb. | | Inference API | Public-facing ML endpoints (GPT, Claude, Gemini) | Extraction via sabotage: crafting queries that force the model into a repetitive, resource-exhaustive loop (a new form of algorithmic DoS). | | Continuous Learning Pipeline | Online retail, fraud detection | Drift injection: feeding a slow, plausible shift in input distribution so the model gradually becomes racist, sexist, or financially reckless without triggering alarms. | | Human-in-the-Loop | Content moderation systems | Overwhelming the human: generating millions of borderline-violating posts to cause moderator burnout and policy drift. | algorithmic sabotage research group asrg

After years of sabotage research, the ASRG has also developed a defensive playbook: The group has published (in whitepapers, not peer-reviewed

While version 1.0 was academic, version 2.1 added "dynamic payloads"—the poison sample changes its adversarial noise based on the model architecture attempting to read it. It analyzes the model's activation functions in real-time. | | Continuous Learning Pipeline | Online retail,