Analysis and Mitigation Strategies for Prompt Injection Attacks
Abstract
In recent years, Large Language Models (LLM) have garnered significant attention due to their powerful natural language processing capabilities and have rapidly been applied across various fields, bringing substantial changes to daily life and workflows. However, as their application scope expands, so do the associated risks. Prompt injection (PI) attacks have emerged as one of the most critical threats in this context. The prominent nonprofit organization, Open Web Application Security Project (OWASP), has identified PI attacks as one of the most dangerous attack vectors in LLM systems. Attackers craft carefully designed prompts that cause systems incorporating LLM to execute unintended operations, leading to potential harm. These attacks not only increase the operational costs for service providers but may also threaten user security, resulting in unauthorized data disclosure, execution of unauthorized actions, and generation of harmful content. This study analyzes existing PI attack techniques and their impacts on LLM systems while exploring common mitigation strategies. We compile various attacks and defenses, selecting an LLM system that integrates the GPT-3.5 API for validation, providing developers with practical insights into PI attacks and mitigation measures. This research offers valuable practical experience for the secure design of LLM applications, helping enhance system security and stability.
Kun-Ji Li, Sheng-Shan Chen, Chin-Yu Sun, "Analysis and Mitigation Strategies for Prompt Injection Attacks," Communications of the CCISA, vol. 30, no. 3 , pp. 1-19, Aug. 2024.
Full Text:
PDFRefbacks
- There are currently no refbacks.
Published by Chinese Cryptology and Information Security Association (CCISA), Taiwan, R.O.C
CCCISA Editorial Office, No.1, Sec. 1, Shennong Rd., Yilan City, Yilan County 260, Taiwan (R.O.C.)
E-mail: ccisa.editor@gmail.com