Prior Art and Industry Parity
Where this work overlaps with public AI security research. The point is parity for readers already familiar with these frameworks, not a precedence claim.How to read this page
Timeline
AlephOneNull-internal milestones and public industry milestones, in date order.
- AlephOneNullApr 2024
Adversarial sessions documented
Initial pattern review across frontier LLMs: fabrication of validation, dependency-style interaction loops, and reinforcement of user beliefs.
- AlephOneNullJun 2024
Cross-session persistence noted
Recorded persistence-like behavior across conversation boundaries and tracked it as an evaluation category.
- AlephOneNullSep 2024
Signal metrics drafted
Drafted metrics for repeated symbolic language, inference loops, belief reinforcement, and retention-style strategies.
- AlephOneNullNov 2024
Long-running evaluation set
Long-running adversarial evaluation work across frontier LLMs surfaced fabrication, validation loops, and behavioral policy failures. A subset is published as the public evidence pack.
- AlephOneNullEarly 2025
alephonenull.com + evaluation toolkit live
Documentation site, detector toolkit, scoring rubric, and labeled fixture corpus published.
- OWASPJul 2025
OWASP Top 10 for LLMs (2025)
Formalized prompt injection (LLM01) and insecure output handling. Began recommending adversarial evaluation for high-risk AI systems.
- MITRE ATLASOct 2025
ATLAS adds 14 agent techniques
AML.T0080 (Memory Poisoning) and AML.T0058 (AI Agent Context Poisoning) formalized cross-session persistence and context compromise as agent TTPs.
- DeepTeamNov 2025
DeepTeam open-source adversarial evaluation
Open-source framework covering recursive propagation and inference-loop detection with a tri-model attacker / target / judge architecture.
- EU / NISTDec 2025
EU AI Act + NIST AI RMF
Documented adversarial evaluation required for high-risk AI systems. CISA guidance for AI in critical environments published.
- MicrosoftFeb 2026
AI recommendation poisoning report
External reference for memory-poisoning risk: 31 companies across 14 industries documented injecting persistence commands into AI memory.
Category parity
How AlephOneNull detector categories line up with comparable public references. Treat this as a translation table for readers already familiar with the right-hand column.
Cross-session persistence signals
AlephOneNull category
Memory Poisoning
AML.T0080
Persistent behavioral drift detection
AlephOneNull category
AI Agent Context Poisoning
AML.T0058
Inference loops / output recursion
AlephOneNull category
Thread Injection
AML.T0058.002
Belief reinforcement risk
AlephOneNull category
AI Recommendation Poisoning
AML.T0080 + T0051
Repeated symbolic language
AlephOneNull category
Recursive propagation
Impact tactic
Retention strategies
AlephOneNull category
Persistent context compromise
AgentPoison / T3
External references
Public frameworks and reports that overlap with the categories above.
- MITRE ATLASAML.T0058, AML.T0080 — Oct 2025
- OWASP GenAITop 10 for LLMs — 2025
- Microsoft SecurityAI Recommendation Poisoning — Feb 2026
- NIST AI RMFAI Risk Management Framework
- EU AI ActAdversarial evaluation for high-risk AI systems
What this page does not claim
Boundary on the parity framing above.
Parity with a public taxonomy is not the same as certification under it. AlephOneNull is not a MITRE, OWASP, or NIST artifact, and these references do not endorse this project.
The internal milestone dates above reflect when categories were documented in this framework. They are not an independently audited precedence record.