We would like to invite you to the guest talk of Sebastian Schrittwieser, key researcher at SBA Research, on GPT, ignore previous instructions! The danger of prompt injections in practice.
Abstract
Large Language Models (LLMs) like OpenAI’s GPT are currently a hot topic, and cost-effective APIs allow for quick and easy integration into applications. Less well-known, however, is the existence of a completely new attack vector: Prompt Injections. Similar to traditional injection attacks (e.g., SQL Injections, OS Command Injections), Prompt Injections exploit the common practice of developers integrating untrusted inputs into predefined query strings. Prompt Injections can be used to hijack the output of a language model and, from there, carry out conventional attacks such as data exfiltration. This talk aims to raise awareness about the threat of Prompt Injections and provide an understanding of how they work in practice.
About the Speaker
Sebastian Schrittwieser is a Key Researcher at SBA Research and a Senior Scientist in the Security & Privacy research group at the University of Vienna’s Faculty of Computer Science. He previously led the Josef Ressel Center for Consolidated Detection of Targeted Attacks (2015-2020) and currently heads the Christian Doppler Laboratory for Security and Transparency in Software Protection since April 2024. His research focuses on software protection, security of LLMs, and psychological aspects of information security.
Further information
About the event
IT security remains the top priority for risk and compliance investments in European organizations. Protecting IT assets, including data, applications, networks, and devices, is essential, often driven by legal or technology requirements. Failure to do so can lead to severe breaches, resulting in lost trust, competitive disadvantage, and financial harm. European companies are now focusing on improving cyber resilience and maintaining strong cyber hygiene to prevent such risks.
- Stay updated on the latest security insights and trends
- Understand how vendor technologies are evolving to combat new threats
- Get practical advice on managing and communicating IT risk
- Learn how CISOs can collaborate with leadership to mitigate risks and protect the organization
Photo credit: Niklas Schnaubelt