Malicious Prompt

Malicious prompts exploit vulnerabilities in large language models (LLMs) and vision-language models (VLMs) by manipulating input text or images to elicit undesired or harmful outputs, such as generating phishing emails or revealing sensitive information. Current research focuses on developing robust detection methods, often employing techniques like fuzzing, embedding generation using models such as BERT, and analyzing early model outputs to identify malicious inputs before harmful generation occurs. This research is crucial for ensuring the safe and reliable deployment of LLMs and VLMs in various applications, mitigating risks associated with adversarial attacks and improving overall system security.

Papers

November 10, 2024

SequentialBreak: Large Language Models Can be Fooled by Embedding Jailbreak Prompts into Sequential Prompt Chains
Bijoy Ahmed Saiem, MD Sadik Hossain Shanto, Rakib Ahsan, Md Rafi ur Rashid
Jailbreak Attack Malicious Prompt

October 29, 2024

Embedding-based classifiers can detect prompt injection attacks
Md. Ahsan Ayub, Subhabrata Majumdar
Adversarial Attack Prompt Injection Attack Prompt Based Malicious Prompt Embedding Based

October 9, 2024

October 1, 2024

VLMGuard: Defending VLMs against Malicious Prompts via Unlabeled Data
Xuefeng Du, Reshmi Ghosh, Robert Sim, Ahmed Salem, Vitor Carvalho, Emily Lawton, Yixuan Li, Jack W. Stokes
Vision Language Model Unlabeled Data Adversarial Prompt Malicious Prompt Threat Assessment

September 23, 2024

PROMPTFUZZ: Harnessing Fuzzing Techniques for Robust Testing of Prompt Injection in LLMs
Jiahao Yu, Yangguang Shao, Hanwen Miao, Junzheng Shi, Xinyu Xing
Large Language Model Fuzz Testing Prompt Injection Attack Prompt Injection Malicious Prompt Robust Test

September 20, 2024

Applying Pre-trained Multilingual BERT in Embeddings for Improved Malicious Prompt Injection Attacks Detection
Md Abdur Rahman, Hossain Shahriar, Fan Wu, Alfredo Cuzzocrea
Jina Embeddings Multilingual BERT Prompt Injection Attack Malicious Prompt

September 1, 2024

The Dark Side of Human Feedback: Poisoning Large Language Models via User Inputs
Bocheng Chen, Hanqing Guo, Guangjing Wang, Yuanda Wang, Qiben Yan
Human Feedback Poisoning Attack Rich Input Latent Vulnerability Alignment Training Malicious Prompt

August 21, 2024

EEG-Defender: Defending against Jailbreak through Early Exit Generation of Large Language Models
Chongwen Zhao, Zhihao Dou, Kaizhu Huang
Jailbreak Attack Malicious Traffic Adversarial Suffix Malicious Prompt

August 9, 2024

A Jailbroken GenAI Model Can Cause Substantial Harm: GenAI-powered Applications are Vulnerable to PromptWares
Stav Cohen, Ron Bitton, Ben Nassi
Financial Application Potential Harm GenAI Integration GenAI Model Malicious Prompt

July 12, 2024

MaPPing Your Model: Assessing the Impact of Adversarial Attacks on LLM-based Programming Assistants
John Heibel, Daniel Lowd
Adversarial Attack Full Model Global Impact Area MaPPing LLM Agent Security Vulnerability Prompt Attack Malicious Prompt Malicious Instruction LLM Based Programming Assistant

June 20, 2024

Jailbreaking as a Reward Misspecification Problem
Zhihui Xie, Jiahui Gao, Lei Li, Zhenguo Li, Qi Liu, Lingpeng Kong
Large Language Model Adversarial Attack Jailbreak Attack Adversarial Prompt Malicious Prompt Reward Misspecification

April 19, 2024

The Instruction Hierarchy: Training LLMs to Prioritize Privileged Instructions
Eric Wallace, Kai Xiao, Reimar Leike, Lilian Weng, Johannes Heidecke, Alex Beutel
Privileged Information LLM Training Common Vulnerability Malicious Prompt Instruction Hierarchy

February 25, 2024

DrAttack: Prompt Decomposition and Reconstruction Makes Powerful LLM Jailbreakers
Xirui Li, Ruochen Wang, Minhao Cheng, Tianyi Zhou, Cho-Jui Hsieh
Full State Reconstruction Jailbreak Attack Prompt Attack Prompt Decomposition Malicious Prompt

January 19, 2024

Pruning for Protection: Increasing Jailbreak Resistance in Aligned LLMs Without Fine-Tuning
Adib Hasan, Ileana Rugina, Alex Wang
Large Language Model Domain Shift Jailbreak Attack Edge Pruning Malicious Prompt Task Encoding Token

October 29, 2023

From Chatbots to PhishBots? -- Preventing Phishing scams created using ChatGPT, Google Bard and Claude
Sayak Saha Roy, Poojitha Thota, Krishna Vamsi Naragam, Shirin Nilizadeh
ChatGPT Generated Conversation Chatbot Response Anti Phishing Malicious Prompt Malicious Content Phishing Attack Google Bard

October 11, 2023

Prompt Backdoors in Visual Prompt Learning
Hai Huang, Zhengyu Zhao, Michael Backes, Yun Shen, Yang Zhang
Vision Model Visual Prompt Backdoor Defense Prompt Attack Malicious Prompt

May 9, 2023

Generating Phishing Attacks using ChatGPT
Sayak Saha Roy, Krishna Vamsi Naragam, Shirin Nilizadeh
ChatGPT Generated Conversation Anti Phishing Malicious Prompt Malicious Content Phishing Attack

Malicious Prompt

Papers

SequentialBreak: Large Language Models Can be Fooled by Embedding Jailbreak Prompts into Sequential Prompt Chains

Embedding-based classifiers can detect prompt injection attacks

Root Defence Strategies: Ensuring Safety of LLM at the Decoding Level

Prompt Infection: LLM-to-LLM Prompt Injection within Multi-Agent Systems

VLMGuard: Defending VLMs against Malicious Prompts via Unlabeled Data

PROMPTFUZZ: Harnessing Fuzzing Techniques for Robust Testing of Prompt Injection in LLMs

Applying Pre-trained Multilingual BERT in Embeddings for Improved Malicious Prompt Injection Attacks Detection

The Dark Side of Human Feedback: Poisoning Large Language Models via User Inputs

EEG-Defender: Defending against Jailbreak through Early Exit Generation of Large Language Models

A Jailbroken GenAI Model Can Cause Substantial Harm: GenAI-powered Applications are Vulnerable to PromptWares

MaPPing Your Model: Assessing the Impact of Adversarial Attacks on LLM-based Programming Assistants

Jailbreaking as a Reward Misspecification Problem

The Instruction Hierarchy: Training LLMs to Prioritize Privileged Instructions

DrAttack: Prompt Decomposition and Reconstruction Makes Powerful LLM Jailbreakers

Pruning for Protection: Increasing Jailbreak Resistance in Aligned LLMs Without Fine-Tuning

From Chatbots to PhishBots? -- Preventing Phishing scams created using ChatGPT, Google Bard and Claude

Prompt Backdoors in Visual Prompt Learning

Generating Phishing Attacks using ChatGPT