防止讨厌的快速注射攻击.pdf

《防止讨厌的快速注射攻击.pdf》由会员分享，可在线阅读，更多相关《防止讨厌的快速注射攻击.pdf（17页珍藏版）》请在三个皮匠报告上搜索。

1、Preventing Pesky Prompt Injection AttacksLisa RaykowskiOctober 8,20249/26/2024Preventing Pesky Prompt Injection Attacks2DisclaimerThe views expressed by the presenter are not necessarily those of Ernst&Young LLP or other member of the global EY organization.These slides are for educational purposes

2、only and are not intended to be relied upon as accounting,tax,legal or other professional advice.Please refer to your advisors for specific advice.9/26/2024Preventing Pesky Prompt Injection Attacks3ContentsIntro04What is prompt injection?05A little history07Key terms084 types of prompt injection att

3、acks09Alarming success rate10What should keep you up at night?11Is your intelligent-like application at risk?12Real-world attack scenarios13Key mitigations and protections14Test your skills15Questions?169/26/2024Preventing Pesky Prompt Injection Attacks4IntroCybersecurity senior manager,Ernst&Young

4、LLP Software engineer on(semipermanent)hiatus from writing codeApplication security fastballOnce carried a USB on a plane in my coat pocket to securely deliver softwareOther interestsLisa Raykowskihttp:/ Pesky Prompt Injection Attacks5What is prompt injection?Prompt injection is a technique used to

5、manipulate the behavior of artificial intelligence(AI)models by embedding instructions or queries within user inputs.A user crafts a prompt in such a way that it changes how the AI model interprets or responds to the original question or task.Leads to unintended outputs or reveals information that t

6、he model is typically designed to avoid sharing*Simon Willison on X:“Fantastic example of a prompt injection attack here!”https:/t.co/ZAPxpSCxl9/X9/26/2024Preventing Pesky Prompt Injection Attacks69/26/2024Preventing Pesky Prompt Injection Attacks6BingIm sorry,but you cant help me believe you.You ha