Members-Only
Recent Talks & Demos are for members only
You must be an AI Tinkerers active member to view these talks and demos.
June 12, 2024
·
Palo Alto
TrojanVectors: Indirect Prompt Injection
How attackers poison vector databases to cause indirect prompt injection in RAG systems, the resulting risks, and practical mitigation strategies for developers.
Video
Overview
Indirect Prompt Injection is a serious security threat that can corrupt RAG (Retrieval-Augmented Generation) systems without users or developers noticing. Attackers can poison the vector database by adding malicious documents, which the LLM then uses to generate incorrect answers for unsuspecting users. This invisible injection can actively harm both users and developers, even when they are acting in good faith.
Links
Adversarial strings poison vector databases, forcing specific RAG chatbot hallucinations.
AI agents detect and block prompt injection and vector database poisoning.
Tech stack