CITATION — REFERENCE ENTRY
Not What You've Signed Up For: Compromising Real-World LLM-Integrated Applications with Indirect Prompt Injection — Proceedings of the 16th ACM Workshop on Artificial Intelligence and Security (AISec '23)
- Key
- greshake-2023-indirect-prompt-injection
- Authors
- Greshake, Kai; Abdelnabi, Sahar; Mishra, Shailesh; Endres, Christoph; Holz, Thorsten; Fritz, Mario
- Issued
- 2023-2-23
- Type
- paper-conference
- Container
- Proceedings of the 16th ACM Workshop on Artificial Intelligence and Security (AISec '23)
- Pages
- 79-90
Raw CSL JSON
{
"DOI": "10.1145/3605764.3623985",
"URL": "https://arxiv.org/abs/2302.12173",
"page": "79-90",
"type": "paper-conference",
"title": "Not What You've Signed Up For: Compromising Real-World LLM-Integrated Applications with Indirect Prompt Injection",
"author": [
{
"given": "Kai",
"family": "Greshake"
},
{
"given": "Sahar",
"family": "Abdelnabi"
},
{
"given": "Shailesh",
"family": "Mishra"
},
{
"given": "Christoph",
"family": "Endres"
},
{
"given": "Thorsten",
"family": "Holz"
},
{
"given": "Mario",
"family": "Fritz"
}
],
"issued": {
"date-parts": [
[
2023,
2,
23
]
]
},
"accessed": {
"date-parts": [
[
2026,
5,
23
]
]
},
"language": "en",
"container-title": "Proceedings of the 16th ACM Workshop on Artificial Intelligence and Security (AISec '23)"
}
Claims
-
Greshake and colleagues argue that LLM-integrated applications blur the line between data and instructions, allowing adversaries to remotely affect users' systems by strategically injecting prompts into data that the model is likely to retrieve at inference time.
"We argue that LLM-Integrated Applications blur the line between data and instructions."
Available in