Racing Against Risks: Is Your Generative AI Security Keeping Pace?

How AI Developers And Leaders Can Secure Our AI-Driven Future

Oct 03, 2023

On September 28, Steve Wilson (Project Leader, OWASP Foundation) joined me on “What’s the BUZZ?” and shared how you can secure your Large Language Models (LLM) against common vulnerabilities. As we embrace the boundless possibilities that AI presents, a shadow of security concerns looms over the horizon. The excitement of new functionalities is intertwined with the necessity for robust security measures. The narratives unravel the unique security challenges introduced by AI, notably in the face of generative AI applications like chatbots and copilots. How can AI developers and leaders celebrate its potential while exercising due diligence in mitigating the associated security risks? Here is what we’ve talked about…

The Need For Balanced Approach To AI Innovation And Security

The emergence of any groundbreaking technology often comes with a rush towards exploring its new functionalities, sidelining the security aspects initially. This pattern was observed during the early days of the World Wide Web. Initially, the web was a platform for sharing research papers or engaging in discussions on message boards. However, with the introduction of e-commerce, the necessity to secure web applications became apparent. This led to the birth of OWASP (Open Web Application Security Project), with pioneers like Jeff Williams devising the original OWASP top 10 list for web applications. Fast forward two decades, and we are on the cusp of another technological wave, possibly the most significant since the web. Even though some security challenges resemble those of the early web, like injection attacks, the security landscape has evolved. For instance, AI technology introduces unique challenges such as prompt injection. Unlike traditional web applications where an SQL injection might reveal sensitive data, prompt injections in AI can mislead the system into unintended actions. An illustrative example is how early versions of ChatGPT could be manipulated to provide a list of unsafe websites by tweaking the request phrasing. As we delve deeper into securing AI systems, the challenges span beyond technical hacks to encompass social engineering and psychological aspects.

Thank you for reading The AI MEMO. Feel free to share it with your network.

Generative AI Vulnerabilities: Direct & Indirect Prompt Injections Are Just The Beginning

Generative AI is weaving its way into various applications, notably in chatbots and copilots. Chatbots, enhancing interactive customer support, and copilots, like GitHub Copilot, aiding in code generation or modification, are becoming commonplace. These AI systems can be prompted either directly by users or indirectly through embedded instructions on the web, leading to potential misuses.

» I think one of the things that's interesting is not all prompts though are going to come from a person. We actually define this two different ways. We talk about direct prompt injection and indirect prompt injection. «
— Steve Wilson

An example is the manipulation of AI in resume screening by hiding instructions within resumes to prioritize certain candidates. This scenario exemplifies the direct prompt injection. On the flip side, indirect prompt injection occurs when AI systems unwittingly access web pages containing hidden malicious instructions. The diversity in applications and the ways in which they can be manipulated underlines the necessity for robust security measures to prevent abuse of large language models (LLMs).

Mitigating Security Risks With Trust Boundaries

The working group at OWASP identified multiple entry vectors posing security threats to LLMs. These entry vectors include prompt injections, training data manipulations, and more. The recommendation is to treat data from LLMs as untrusted to mitigate potential risks. A notable issue is the over-reliance on data generated by LLMs which can be misleading. For instance, legal practitioners have faced scrutiny for using fabricated case law generated by AI in their briefs. Besides, the excessive agency granted to LLMs can lead to unintended actions such as unauthorized changes to GitHub repositories. While the potential of generative AI is acknowledged, it's crucial to consider the unique security implications it carries. The OWASP Top 10 for LLMs is highlighted as a valuable resource for understanding and mitigating these risks, whether one is a user or a developer in the realm of generative AI.

Summary

The journey from the early days of the web, where security took a backseat to functionality, to the present-day challenges posed by AI technologies like prompt injection shows lots of similarities. The unique security challenges presented by generative AI in various applications, such as chatbots and copilots, underscore the necessity for robust security measures to mitigate potential abuses and risks associated with LLMs. Understanding the most common security vulnerabilities of LLMs enables developers to adequately prepare as the Generative AI is integrated into more and more applications and both, its capabilities and its attractiveness for bad actors grow over the next quarters.

In what ways are the security challenges of AI similar from those of the early web?

Listen to this episode on the podcast: Apple Podcasts | Other platforms

Become an AI Leader

Join my bi-weekly live stream and podcast for leaders and hands-on practitioners. Each episode features a different guest who shares their AI journey and actionable insights. Learn from your peers how you can lead artificial intelligence, generative AI & automation in business with confidence.

Join us live

October 12 - Matt Lewis, Chief AI Officer, will discuss how you can grow your role as a Chief AI Officer.
October 24 - Harpreet Sahota, Developer Relations Experts, will join when we talk about augmenting off-the-shelf LLMs with new data.
November 07 - Tobias Zwingmann, AI Advisor & Author, will share which open source technology you need to build your own generative AI application.

Watch the latest episodes or listen to the podcast

Find me here

October 11 - Put Generative AI to Work, Unveiling Tomorrow's Possibilities – Insights from 30 AI Visionaries on the Future of Generative AI in Business.

Follow me on LinkedIn for daily posts about how you can lead AI in business with confidence. Activate notifications (🔔) and never miss an update.

Together, let’s turn hype into outcome. 👍🏻
—Andreas