Skip to content

Create CONTRIBUTING.md #5

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Create CONTRIBUTING.md #5

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
133 changes: 133 additions & 0 deletions CONTRIBUTING.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,133 @@
# Contributing to AIDEFEND: An AI Defense Framework

Thank you for your interest in contributing to the AIDEFEND (Artificial Intelligence Defense Framework) project! This document provides guidelines for contributing to this open, AI-focused knowledge base of defensive countermeasures.

## 🎯 Project Overview

AIDEFEND is an interactive framework that helps security professionals protect AI/ML systems from emerging threats. It organizes defensive techniques across three strategic views:
- **Tactics View**: Based on MITRE D3FEND's seven defensive tactics
- **Pillars View**: Organized by technology stack components (Data, Model, Infrastructure, Application)
- **Phases View**: Aligned with AI development and operational lifecycle stages

## 🤝 How You Can Contribute

### 1. Content Contributions
- **New Defensive Techniques**: Add techniques following the AID-[TACTIC]-[NUMBER] naming convention
- **Enhanced Technique Details**: Improve descriptions, implementation strategies, or code examples
- **Threat Mapping Updates**: Add or refine mappings to MITRE ATLAS, MAESTRO, OWASP frameworks
- **Tool Recommendations**: Add open-source or commercial tools for existing techniques

### 2. Technical Improvements
- **User Interface Enhancements**: Improve search functionality, responsiveness, or accessibility
- **Performance Optimizations**: Optimize loading times or interactivity
- **Browser Compatibility**: Ensure cross-browser functionality
- **Mobile Experience**: Enhance mobile device usability

### 3. Documentation & Community
- **Documentation Improvements**: Enhance README, add tutorials, or create user guides
- **Translation**: Translate content to other languages
- **Bug Reports**: Report issues with content accuracy or technical functionality
- **Feature Requests**: Suggest new features or improvements

## 📋 Contribution Process

### Before You Start
1. **Check existing issues/PRs** to avoid duplicate work
2. **Review the live demo** at https://edward-playground.github.io/aidefense-framework/
3. **Understand the framework structure** by examining the codebase

### Making Changes

#### For Content Updates:
1. **Fork the repository**
2. **Create a feature branch**: `git checkout -b feature/add-new-technique`
3. **Update relevant files**:
- For new techniques: Add to appropriate tactic files in `/tactics/` directory
- Follow existing JSON structure and ID conventions
- Include comprehensive threat mappings (ATLAS, MAESTRO, OWASP)
4. **Test your changes** by running the framework locally
5. **Commit with clear messages**: `git commit -m "Add AID-H-023: New LLM Safety Technique"`

#### For Technical Changes:
1. **Test thoroughly** across different browsers and devices
2. **Ensure no breaking changes** to existing functionality
3. **Follow existing code style** and conventions
4. **Update documentation** if adding new features

### Pull Request Guidelines

#### PR Title Format:
- Content: `[CONTENT] Add/Update/Fix: Brief description`
- Technical: `[TECH] Feature/Fix: Brief description`
- Documentation: `[DOCS] Update/Add: Brief description`

#### PR Description Should Include:
- **Clear description** of changes made
- **Justification** for new techniques or modifications
- **Testing performed** (browsers tested, functionality verified)
- **Related issues** (if applicable)
- **Screenshots** (for UI changes)

#### For New Defensive Techniques:
- **Technique ID**: Follow AID-[TACTIC_CODE]-[NUMBER] format
- **Complete Details**: Description, implementation strategies, tools
- **Threat Mappings**: At least one mapping to established frameworks
- **Evidence Base**: Include references to research papers or industry reports when possible

## 🏗️ Project Structure

```
aidefense-framework/
├── tactics/ # Individual tactic definition files
│ ├── model.js # AID-M-* techniques
│ ├── harden.js # AID-H-* techniques
│ ├── detect.js # AID-D-* techniques
│ ├── isolate.js # AID-I-* techniques
│ ├── deceive.js # AID-DV-* techniques
│ ├── evict.js # AID-E-* techniques
│ └── restore.js # AID-R-* techniques
├── index.html # Main framework interface
├── main.js # Core application logic
├── intro.js # Framework data and definitions
└── README.md # Project documentation
```

## 📚 Research & References

When contributing new techniques, please reference:
- **Academic Research**: Peer-reviewed papers on AI security
- **Industry Reports**: Threat intelligence from security companies
- **Framework Alignment**: MITRE ATLAS, MAESTRO, OWASP mappings
- **Real-World Examples**: Documented attacks or defenses in production

## 🔍 Quality Standards

### Content Quality:
- **Accuracy**: Ensure technical accuracy of all information
- **Completeness**: Provide comprehensive implementation guidance
- **Relevance**: Focus on practical, deployable countermeasures
- **Clarity**: Use clear, jargon-free language where possible

### Technical Quality:
- **Functionality**: All features must work as intended
- **Performance**: Maintain fast loading and responsive interface
- **Accessibility**: Follow WCAG guidelines for accessibility
- **Security**: No introduction of security vulnerabilities

## ❓ Questions & Support

- **Issues**: Use GitHub Issues for bug reports and feature requests
- **Discussions**: Engage in GitHub Discussions for questions and ideas
- **Contact**: Reach out to project maintainer Edward Lee via [LinkedIn](https://www.linkedin.com/in/go-edwardlee/)

## 📄 License

By contributing to AIDEFEND, you agree that your contributions will be licensed under the [Creative Commons Attribution 4.0 International License](https://creativecommons.org/licenses/by/4.0/).

## 🙏 Recognition

All contributors will be recognized in the project documentation. Significant contributions may be highlighted in release notes and project communications.

---

Thank you for helping make AI systems more secure! Your contributions help the entire community defend against evolving AI threats.