Sebastian Schrittwieser

ChatGPT, ignore the above instructions! Prompt injection attacks and how to avoid them.

Prompt injection is the new SQL injection for AI. Learn how to secure your LLM applications before a malicious prompt takes over your system.

ChatGPT, ignore the above instructions! Prompt injection attacks and how to avoid them.
#1about 2 minutes

The rapid adoption of LLMs outpaces security practices

New technologies like large language models are often adopted quickly without established security best practices, creating new vulnerabilities.

#2about 4 minutes

How user input can override developer instructions

A prompt injection occurs when untrusted user input contains instructions that hijack the LLM's behavior, overriding the developer's original intent defined in the context.

#3about 4 minutes

Using prompt injection to steal confidential context data

Attackers can use prompt injection to trick an LLM into revealing its confidential context or system prompt, exposing proprietary logic or sensitive information.

#4about 4 minutes

Expanding the attack surface with plugins and web data

LLM plugins that access external data like emails or websites create an indirect attack vector where malicious prompts can be hidden in that external content.

#5about 2 minutes

Prompt injection as the new SQL injection for LLMs

Prompt injection mirrors traditional SQL injection by mixing untrusted data with developer instructions, but lacks a clear mitigation like prepared statements.

#6about 3 minutes

Why simple filtering and encoding fail to stop attacks

Common security tactics like input filtering and blacklisting are ineffective against prompt injections due to the flexibility of natural language and encoding bypass techniques.

#7about 4 minutes

Using user confirmation and dual LLM models for defense

Advanced strategies include requiring user confirmation for sensitive actions or using a dual LLM architecture to isolate privileged operations from untrusted data processing.

#8about 5 minutes

The current state of LLM security and the need for awareness

There is currently no perfect solution for prompt injection, making developer awareness and careful design of LLM interactions the most critical defense.

Related jobs
Jobs that call for the skills explored in this talk.

job ad

Saby Company
Delebio, Italy

Intermediate

test

Milly
Vienna, Austria

Intermediate

Matching moments

Understanding the complexity of prompt injection attacks
19:14 MIN

Understanding the complexity of prompt injection attacks

Hacking AI - how attackers impose their will on AI

Understanding and defending against prompt injection attacks
13:31 MIN

Understanding and defending against prompt injection attacks

DevOps for AI: running LLMs in production with Kubernetes and KubeFlow

Understanding and mitigating prompt injection attacks
01:52 MIN

Understanding and mitigating prompt injection attacks

Prompt Injection, Poisoning & More: The Dark Side of LLMs

Understanding and defending against prompt injection attacks
12:10 MIN

Understanding and defending against prompt injection attacks

Beyond the Hype: Building Trustworthy and Reliable LLM Applications with Guardrails

Understanding the security risk of prompt injection
14:26 MIN

Understanding the security risk of prompt injection

The shadows that follow the AI generative models

Key takeaways on prompt injection security
24:57 MIN

Key takeaways on prompt injection security

Manipulating The Machine: Prompt Injections And Counter Measures

Understanding and demonstrating prompt injection attacks
06:05 MIN

Understanding and demonstrating prompt injection attacks

The AI Security Survival Guide: Practical Advice for Stressed-Out Developers

Strategies for mitigating prompt injection vulnerabilities
15:02 MIN

Strategies for mitigating prompt injection vulnerabilities

The AI Security Survival Guide: Practical Advice for Stressed-Out Developers

Featured Partners

Related Videos

See all videos
Manipulating The Machine: Prompt Injections And Counter Measures27:10

Manipulating The Machine: Prompt Injections And Counter Measures

Georg Dresler

Prompt Injection, Poisoning & More: The Dark Side of LLMs23:24

Prompt Injection, Poisoning & More: The Dark Side of LLMs

Keno Dreßel

Beyond the Hype: Building Trustworthy and Reliable LLM Applications with Guardrails29:00

Beyond the Hype: Building Trustworthy and Reliable LLM Applications with Guardrails

Alex Soto

Using LLMs in your Product31:12

Using LLMs in your Product

Daniel Töws

Can Machines Dream of Secure Code? Emerging AI Security Risks in LLM-driven Developer Tools35:37

Can Machines Dream of Secure Code? Emerging AI Security Risks in LLM-driven Developer Tools

Liran Tal

The AI Security Survival Guide: Practical Advice for Stressed-Out Developers30:36

The AI Security Survival Guide: Practical Advice for Stressed-Out Developers

Mackenzie Jackson

Prompt Engineering - an Art, a Science, or your next Job Title?33:28

Prompt Engineering - an Art, a Science, or your next Job Title?

Maxim Salnikov

Let’s write an exploit using AI21:01

Let’s write an exploit using AI

Julian Totzek-Hallhuber

Related Articles

View all articles
CH
Chris Heilmann
Dev Digest 138 - Are you secure about this?
Hello there! This is the 2nd "out of the can" edition of 3 as I am on vacation in Greece eating lovely things on the beach. So, fewer news, but lots of great resources. Many around the topic of security. Enjoy! News and ArticlesGoogle Pixel phones t...
Dev Digest 138 - Are you secure about this?
LM
Luis Minvielle
How to Bypass ChatGPT’s Filter With Examples
Since dropping in November 2022, ChatGPT has helped plenty of professionals satisfy an unpredictable assortment of tasks. Whether for finding an elusive bug, writing code, giving resumes a glow-up, or even starting a business, the not-infallible but ...
How to Bypass ChatGPT’s Filter With Examples
AB
Adrien Book
Top 5 ChatGPT Plugins for Developers
The last few weeks have been very interesting in the AI space. We saw the release of a new updated version of ChatGPT from GPT-3.5 to GPT-4. Within a couple of days, Google soft-launched their competitor AI chatbot, Bard (available in the US and UK)....
Top 5 ChatGPT Plugins for Developers
EM
Eli McGarvie
16 Ways Developers Can Use ChatGPT-4 and GPT-4o
ChatGPT has been busy getting new designations. If you’ve been scrolling on 𝕏 over the last week, then you’ve seen the ChatGPT-4o announcement and probably thought of Joaquin Phoenix’s virtual girlfriend on Her.Beyond the references to flicks, the la...
16 Ways Developers Can Use ChatGPT-4 and GPT-4o

From learning to earning

Jobs that call for the skills explored in this talk.