Prompt Injection Attack

Prompt injection attacks exploit the vulnerability of large language models (LLMs) to malicious instructions embedded within user prompts, causing the models to deviate from their intended function. Current research focuses on developing and benchmarking these attacks across various LLM architectures, including those used in machine translation, robotic systems, and conversational search engines, and exploring both black-box and white-box defense mechanisms such as prompt engineering, fine-tuning, and input/output filtering. The widespread adoption of LLMs necessitates a thorough understanding of these attacks and the development of robust defenses to mitigate significant security risks in numerous applications.

Papers

November 1, 2024

Attention Tracker: Detecting Prompt Injection Attacks in LLMs
Kuo-Han Hung, Ching-Yun Ko, Ambrish Rawat, I-Hsin Chung, Winston H. Hsu, Pin-Yu Chen
Large Language Model Prompt Injection Attack Attention Pattern Malicious Traffic

October 30, 2024

InjecGuard: Benchmarking and Mitigating Over-defense in Prompt Injection Guardrail Models
Hao Li, Xiaogeng Liu, Chaowei Xiao
Benchmark Platform Prompt Injection Attack Guardrail Model Prompt Injection Prompt Model Prompt Extraction Benchmark

October 29, 2024

Embedding-based classifiers can detect prompt injection attacks
Md. Ahsan Ayub, Subhabrata Majumdar
Adversarial Attack Prompt Injection Attack Prompt Based Malicious Prompt Embedding Based

October 28, 2024

October 22, 2024

Breaking ReAct Agents: Foot-in-the-Door Attack Will Get You In
Itay Nakash, George Kour, Guy Uziel, Ateret Anaby-Tavor
Autonomous Agent Security Vulnerability Prompt Injection Attack Malicious Instruction

October 21, 2024

SMILES-Prompting: A Novel Approach to LLM Jailbreak Attacks in Chemical Synthesis
Aidan Wong, He Cao, Zijing Liu, Yu Li
Novel Approach Jailbreak Attack Critical Synthesis Prompt Injection Attack Organic Chemistry Interactive Prompting Aware Prompting

October 18, 2024

October 9, 2024

Prompt Infection: LLM-to-LLM Prompt Injection within Multi-Agent Systems
Donghyun Lee, Mo Tiwari
Large Language Model Multi Agent System LLM Based Prompt Injection Attack Prompt Injection Malicious Prompt Infection Risk

October 7, 2024

October 3, 2024

Agent Security Bench (ASB): Formalizing and Benchmarking Attacks and Defenses in LLM-based Agents
Hanrong Zhang, Jingyuan Huang, Kai Mei, Yifei Yao, Zhenting Wang, Chenlu Zhan, Hongwei Wang, Yongfeng Zhang
LLM Based Agent Prompt Injection Attack Safe Agent Benchmark Attack

September 29, 2024

GenTel-Safe: A Unified Benchmark and Shielding Framework for Defending Against Prompt Injection Attacks
Rongchang Li, Minjie Chen, Chang Hu, Han Chen, Wenpeng Xing, Meng Han
Evaluation Benchmark Prompt Injection Attack Model Based Shielding

September 26, 2024

DarkSAM: Fooling Segment Anything Model to Segment Nothing
Ziqi Zhou, Yufei Song, Minghui Li, Shengshan Hu, Xianlong Wang, Leo Yu Zhang, Dezhong Yao, Hai Jin
Segment Anything Model Prompt Injection Attack Semantic Attack

September 23, 2024

PROMPTFUZZ: Harnessing Fuzzing Techniques for Robust Testing of Prompt Injection in LLMs
Jiahao Yu, Yangguang Shao, Hanwen Miao, Junzheng Shi, Xinyu Xing
Large Language Model Fuzz Testing Prompt Injection Attack Prompt Injection Malicious Prompt Robust Test

September 20, 2024

Applying Pre-trained Multilingual BERT in Embeddings for Improved Malicious Prompt Injection Attacks Detection
Md Abdur Rahman, Hossain Shahriar, Fan Wu, Alfredo Cuzzocrea
Jina Embeddings Multilingual BERT Prompt Injection Attack Malicious Prompt

August 7, 2024

A Study on Prompt Injection Attack Against LLM-Integrated Mobile Robotic Systems
Wenxiao Zhang, Xiangrui Kong, Conan Dewitt, Thomas Braunl, Jin B. Hong
Study Feature Navigation Task Prompt Injection Attack Prompt Based Robot Performance Multi Modal PromPt Mobile Robotic System

Prompt Injection Attack

Papers

Attention Tracker: Detecting Prompt Injection Attacks in LLMs

InjecGuard: Benchmarking and Mitigating Over-defense in Prompt Injection Guardrail Models

Embedding-based classifiers can detect prompt injection attacks

FATH: Authentication-based Test-time Defense against Indirect Prompt Injection Attacks

Systematically Analyzing Prompt Injection Vulnerabilities in Diverse LLM Architectures

Palisade -- Prompt Injection Detection Framework

Fine-tuned Large Language Models (LLMs): Improved Prompt Injection Attacks Detection

Breaking ReAct Agents: Foot-in-the-Door Attack Will Get You In

SMILES-Prompting: A Novel Approach to LLM Jailbreak Attacks in Chemical Synthesis

Making LLMs Vulnerable to Prompt Injection via Poisoning Alignment

Backdoored Retrievers for Prompt Injection Attacks on Retrieval Augmented Generation of Large Language Models

Prompt Infection: LLM-to-LLM Prompt Injection within Multi-Agent Systems

Aligning LLMs to Be Robust Against Prompt Injection

A test suite of prompt injection attacks for LLM-based machine translation

Agent Security Bench (ASB): Formalizing and Benchmarking Attacks and Defenses in LLM-based Agents

GenTel-Safe: A Unified Benchmark and Shielding Framework for Defending Against Prompt Injection Attacks

DarkSAM: Fooling Segment Anything Model to Segment Nothing

PROMPTFUZZ: Harnessing Fuzzing Techniques for Robust Testing of Prompt Injection in LLMs

Applying Pre-trained Multilingual BERT in Embeddings for Improved Malicious Prompt Injection Attacks Detection

A Study on Prompt Injection Attack Against LLM-Integrated Mobile Robotic Systems