BEGIN:VCALENDAR VERSION:2.0 PRODID:-//pretalx//cfp.securitybsides.org.uk//bsides-london-2024//talk//EHB RYZ BEGIN:VTIMEZONE TZID:GMT BEGIN:STANDARD DTSTART:20001029T030000 RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10 TZNAME:GMT TZOFFSETFROM:+0100 TZOFFSETTO:+0000 END:STANDARD BEGIN:DAYLIGHT DTSTART:20000326T020000 RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3 TZNAME:BST TZOFFSETFROM:+0000 TZOFFSETTO:+0100 END:DAYLIGHT END:VTIMEZONE BEGIN:VEVENT UID:pretalx-bsides-london-2024-EHBRYZ@cfp.securitybsides.org.uk DTSTART;TZID=GMT:20241214T105500 DTEND;TZID=GMT:20241214T114000 DESCRIPTION:Indirect Prompt Injection (IPI) is a fascinating exploit. As or ganizations race to capitalize on the hype surrounding AI\, Large Language Models are being increasingly integrated with existing back-end services. In theory\, many of these implementations are vulnerable to Indirect Prom pt Injection\, allowing cunning attackers to execute arbitrary malicious a ctions in the context of a victim user. In practice\, IPI is poorly unders tood outside of academia\, with few real-world findings and even fewer pra ctical explanations.\n\nThis presentation seeks to bridge the gap between academia and industry by introducing the Indirect Prompt Injection Methodo logy - a structured approach to finding and exploiting IPI vulnerabilities . By analyzing each step\, examining sample prompts\, and breaking down ca se studies\, participants will gain insights into constructing Indirect Pr ompt Injection attacks and reproducing similar findings in other applicati ons.\n\nFinally\, the talk will cover IPI mitigations\, elaborating on why this vulnerability is so difficult to defend against. The presentation wi ll provide practical knowledge on securing LLM applications against IPI an d highlight how this exploit poses a major roadblock to the future of adva nced AI implementations. DTSTAMP:20260609T063321Z LOCATION:Clappy Monkey Track SUMMARY:The Practical Application of Indirect Prompt Injection Attacks: Fro m Academia to Industry - David Willis-Owen URL:https://cfp.securitybsides.org.uk/bsides-london-2024/talk/EHBRYZ/ END:VEVENT END:VCALENDAR