Mastodon Mastodon in English

🕘 Odpiralni čas: Četrtek in petek 16-20h, sobota 10-16h. Zaprto ob nedeljah in vseh praznikih.

Vstopnice
search
/
Nazaj na vse dogodke

SecTalks LJU0x1C – LLM Security Is Broken

Četrtek, 24/04/2025

Agenda:
[*] 0x00 Intro

[*] 0x01 LLM Security Is Broken: Analysis of A Public Wargame

This presentation captures findings from a public AI security challenge designed to evaluate the resilience of Large Language Models (LLMs) against prompt injection attacks. The experiment involved an Attack & Defence wargame where participants were tasked with securing their LLMs, specifically preventing secret phrase disclosure. They were given access to the source code of the app that interfaced with OpenAI API. Simultaneously, participants were to attack other LLMs in an attempt to exfiltrate the secret phrase. A notable aspect of this experiment was the real-time evolution of defensive strategies and offensive tactics by participants. The results indicated that all LLMs were exploited at least once, thus highlighting the complexity behind LLM security and lack of in-depth understanding of prompt injection. This underscores how there is no silver bullet for securing against prompt injection and that it remains as an open problem.

PresenterPedram (pi3ch), Founder [SecTalks.org](https://sectalks.org), [SecDim.com](https://secdim.com)

[*] 0x02 Hacking: Short CTF (60min)

there will be CTF in the {first|second} part of the meetup if there are enough participants who want to compete 🙂

[*] 0x03 Optional drink and networking across the street (Kino Siska)

▽▽▽▽▽▽▽▽▽▽ Important details (please read!) ▽▽▽▽▽▽▽▽▽▽
▽ What to bring (in case of CTF) ▽
Please bring Linux or OSX and if you want to be ahead of others, install `docker`/`containerd` beforehand. If you are on Windows, we recommend to use a real OS or install Virtual Box/WSL2 with an Ubuntu VM (https://learn.microsoft.com/en-us/windows/wsl/tutorials/wsl-containers). It can be tricky to configure WSL2 with docker so we recommend using an Ubuntu VM in Virtual Box. Alternatively, you can play the challenge in your browser, but it is not full fun. Please be prepared, we will not have time for individual troubleshooting.
▽▽▽▽▽▽▽▽▽▽ Sponsors needed! ▽▽▽▽▽▽▽▽▽▽

If you think you or your employer can financially support SecTalks Ljubljana events – let us know, and we can discuss options. Thank you in advance! 🙏

+ Google Calendar + Ical Export
  • Zvrst: Meetup
  • Ura: 24/04/2025 - 18:00 - 20:00
  • Lokacija:1. nadstropje