Session Spotlight
Getting AI to Do the Unexpected
Wednesday, July 31, 2024 - 9:00 PM UTC, for 1 hour.
Regular, 60 minute presentation
Room: African 60
In an era where AI features in apps are no longer a novelty but a necessity, developers are creatively embedding Large Language Models (LLMs) into applications ranging from “dad joke generators” to critical healthcare tools like “automated EHR systems”. But amidst this innovative surge, a crucial question often lingers: "What if a bad actor decides to toy with my LLM app, making it behave in ways it was never intended to?" In October 2023, the OWASP foundation released their top 10 vulnerabilities in LLM apps. In the report, the top 3 vulnerabilities were Prompt Injections, Insecure Output Handling, and PII data leakage. Thus, in this session, through live demos, attendees will learn about these prompt hacking vulnerabilities, mitigation strategies, and the importance of 'secure by design' practices in app development. The goal is to equip attendees with the knowledge to build secure LLM apps.
Prerequisites
Should have used an LLM like ChatGPT or Llama before, but this is not a requirement
Take Aways
- Learn about prompt hacking strategies that are used to exploit LLM apps.
- Learn about defensive prompting techniques to prevent these prompt hacking attacks.
- Learn how to deal with PII, and insecure outputs going in and out of an LLM app.
