LLM Security: Attacks and Controls
2024-12-14 , Rookie track 2

The use of Generative Artificial Intelligence (AI), particularly Large Language Models (LLMs), is rapidly increasing across various sectors, bringing significant advancements in automating tasks, enhancing decision-making, and improving user interactions. However, this growing reliance on LLMs also introduces substantial security challenges, as these models are vulnerable to various cyber threats, including adversarial attacks, data breaches, and misinformation propagation. Ensuring the security of LLMs is essential to maintain the integrity of their outputs, protect sensitive information, and build trust in AI technologies.

This talk will examine the security vulnerabilities that are inherent in Large Language Models (LLMs), with a particular focus on injection techniques, client-side attacks such as Cross-Site Scripting (XSS) and HTML injection, and Denial of Service (DoS) attacks. Through the simulation of these attack vectors, the study assesses the responses of various pre-trained models like GPT-3.5 Turbo and GPT-4, revealing their susceptibility to different forms of manipulation.

The talk will also underscore the critical risk of these vulnerabilities, especially when exploited in a real-time corporate environment, where they can lead to significant disruptions, unauthorized access, data theft, and compromised system integrity.


The talk is structured to fulfil the following objectives:
1. Evaluate approaches for identifying exploitation of security vulnerabilities in large language models (LLMs).
2. Investigate the response of various pre-trained models to attacks on LLMs.
3. Develop and assess security controls to mitigate cyber risks associated with LLM attacks.

The 15-minute talk will focus on Large Language Models (LLMs) will extensively explore the vulnerabilities, particularly in the context of adversarial attacks, types of prompt injection attacks on LLMs, Insecure output handling, Client side Injection attacks and denial-of-service (DoS) attacks. However, there remains a research gap in the systematic simulation and comparative analysis of these attacks across different LLM architectures and configurations. Current studies predominantly focus on individual attack vectors or specific LLMs, lacking a holistic approach that examines the interplay between multiple attack types and their cumulative impact on LLM performance and security.

Most weaknesses in AI models stem from injection techniques, which can be particularly harmful when the model or the API used to access the model makes incorrect calls to the database, inadvertently retrieving sensitive content that does not align with established guidelines. These vulnerabilities underscore the critical need to thoroughly understand how AI models interact with third parties and the potential risks associated with these interactions.


Please confirm that I am a first time speaker and have not spoken in public and will not be before the Bsides London event date (14th December 2024).:

Yes

With a Master's from the University of Warwick, Nazeef stays at the forefront of offensive security techniques. He holds multiple industry-recognized certifications, including the Certified Red Team Operator (CRTO), HTB Certified Penetration Testing Specialist (CPTS), and Practical Network Penetration Tester (PNPT).

A dedicated learner, Nazeef actively contributes to the cybersecurity community by sharing his knowledge through public talks and technical discussions/blogs, inspiring others to explore the field. His expertise spans across various domains, including Red team Operations, and AI security.