Sebastian Schrittwieser

ChatGPT, ignore the above instructions! Prompt injection attacks and how to avoid them.

Prompt injection is the new SQL injection for AI. Learn how to secure your LLM applications before a malicious prompt takes over your system.

ChatGPT, ignore the above instructions! Prompt injection attacks and how to avoid them.
#1about 2 minutes

The rapid adoption of LLMs outpaces security practices

New technologies like large language models are often adopted quickly without established security best practices, creating new vulnerabilities.

#2about 4 minutes

How user input can override developer instructions

A prompt injection occurs when untrusted user input contains instructions that hijack the LLM's behavior, overriding the developer's original intent defined in the context.

#3about 4 minutes

Using prompt injection to steal confidential context data

Attackers can use prompt injection to trick an LLM into revealing its confidential context or system prompt, exposing proprietary logic or sensitive information.

#4about 4 minutes

Expanding the attack surface with plugins and web data

LLM plugins that access external data like emails or websites create an indirect attack vector where malicious prompts can be hidden in that external content.

#5about 2 minutes

Prompt injection as the new SQL injection for LLMs

Prompt injection mirrors traditional SQL injection by mixing untrusted data with developer instructions, but lacks a clear mitigation like prepared statements.

#6about 3 minutes

Why simple filtering and encoding fail to stop attacks

Common security tactics like input filtering and blacklisting are ineffective against prompt injections due to the flexibility of natural language and encoding bypass techniques.

#7about 4 minutes

Using user confirmation and dual LLM models for defense

Advanced strategies include requiring user confirmation for sensitive actions or using a dual LLM architecture to isolate privileged operations from untrusted data processing.

#8about 5 minutes

The current state of LLM security and the need for awareness

There is currently no perfect solution for prompt injection, making developer awareness and careful design of LLM interactions the most critical defense.

Related jobs
Jobs that call for the skills explored in this talk.

Remote

Name of

Name of

Remote
Intermediate
PHP
Java
+1

Matching moments

Understanding the complexity of prompt injection attacks
04:10 MIN

Understanding the complexity of prompt injection attacks

Hacking AI - how attackers impose their will on AI

Unlock Moments
Create a free account to watch a limited number of Moments each month.
Upgrade to PRO for unlimited access to the full archive.
Understanding and defending against prompt injection attacks
01:43 MIN

Understanding and defending against prompt injection attacks

DevOps for AI: running LLMs in production with Kubernetes and KubeFlow

Unlock Moments
Create a free account to watch a limited number of Moments each month.
Upgrade to PRO for unlimited access to the full archive.
Understanding and mitigating prompt injection attacks
04:58 MIN

Understanding and mitigating prompt injection attacks

Prompt Injection, Poisoning & More: The Dark Side of LLMs

Unlock Moments
Create a free account to watch a limited number of Moments each month.
Upgrade to PRO for unlimited access to the full archive.
Understanding and defending against prompt injection attacks
02:31 MIN

Understanding and defending against prompt injection attacks

Beyond the Hype: Building Trustworthy and Reliable LLM Applications with Guardrails

Unlock Moments
Create a free account to watch a limited number of Moments each month.
Upgrade to PRO for unlimited access to the full archive.
Understanding the security risk of prompt injection
01:28 MIN

Understanding the security risk of prompt injection

The shadows that follow the AI generative models

Unlock Moments
Create a free account to watch a limited number of Moments each month.
Upgrade to PRO for unlimited access to the full archive.
Key takeaways on prompt injection security
02:13 MIN

Key takeaways on prompt injection security

Manipulating The Machine: Prompt Injections And Counter Measures

Unlock Moments
Create a free account to watch a limited number of Moments each month.
Upgrade to PRO for unlimited access to the full archive.
Understanding and demonstrating prompt injection attacks
05:59 MIN

Understanding and demonstrating prompt injection attacks

The AI Security Survival Guide: Practical Advice for Stressed-Out Developers

Unlock Moments
Create a free account to watch a limited number of Moments each month.
Upgrade to PRO for unlimited access to the full archive.
Strategies for mitigating prompt injection vulnerabilities
01:48 MIN

Strategies for mitigating prompt injection vulnerabilities

The AI Security Survival Guide: Practical Advice for Stressed-Out Developers

Unlock Moments
Create a free account to watch a limited number of Moments each month.
Upgrade to PRO for unlimited access to the full archive.

Featured Partners

Related Videos

See all videos
Manipulating The Machine: Prompt Injections And Counter Measures27:10

Manipulating The Machine: Prompt Injections And Counter Measures

Georg Dresler

A hundred ways to wreck your AI - the (in)security of machine learning systems24:23

A hundred ways to wreck your AI - the (in)security of machine learning systems

Balázs Kiss

Skynet wants your Passwords! The Role of AI in Automating Social Engineering31:19

Skynet wants your Passwords! The Role of AI in Automating Social Engineering

Wolfgang Ettlinger & Alexander Hurbean

Prompt Injection, Poisoning & More: The Dark Side of LLMs23:24

Prompt Injection, Poisoning & More: The Dark Side of LLMs

Keno Dreßel

You click, you lose: a practical look at VSCode's security29:47

You click, you lose: a practical look at VSCode's security

Thomas Chauchefoin & Paul Gerste

Machine Learning: Promising, but Perilous27:19

Machine Learning: Promising, but Perilous

Nura Kawa

Beyond the Hype: Building Trustworthy and Reliable LLM Applications with Guardrails29:00

Beyond the Hype: Building Trustworthy and Reliable LLM Applications with Guardrails

Alex Soto

The AI Security Survival Guide: Practical Advice for Stressed-Out Developers30:36

The AI Security Survival Guide: Practical Advice for Stressed-Out Developers

Mackenzie Jackson

Related Articles

View all articles
CH
Chris Heilmann
Dev Digest 138 - Are you secure about this?
Hello there! This is the 2nd "out of the can" edition of 3 as I am on vacation in Greece eating lovely things on the beach. So, fewer news, but lots of great resources. Many around the topic of security. Enjoy! News and ArticlesGoogle Pixel phones t...
Dev Digest 138 - Are you secure about this?
LM
Luis Minvielle
How to Bypass ChatGPT’s Filter With Examples
Since dropping in November 2022, ChatGPT has helped plenty of professionals satisfy an unpredictable assortment of tasks. Whether for finding an elusive bug, writing code, giving resumes a glow-up, or even starting a business, the not-infallible but ...
How to Bypass ChatGPT’s Filter With Examples
AB
Adrien Book
Top 5 ChatGPT Plugins for Developers
The last few weeks have been very interesting in the AI space. We saw the release of a new updated version of ChatGPT from GPT-3.5 to GPT-4. Within a couple of days, Google soft-launched their competitor AI chatbot, Bard (available in the US and UK)....
Top 5 ChatGPT Plugins for Developers
EM
Eli McGarvie
16 Ways Developers Can Use ChatGPT-4 and GPT-4o
ChatGPT has been busy getting new designations. If you’ve been scrolling on 𝕏 over the last week, then you’ve seen the ChatGPT-4o announcement and probably thought of Joaquin Phoenix’s virtual girlfriend on Her.Beyond the references to flicks, the la...
16 Ways Developers Can Use ChatGPT-4 and GPT-4o

From learning to earning

Jobs that call for the skills explored in this talk.