Indirect Prompt Injection Into LLMs Using Images and Sounds

Explore the security implications of multi-modal Large Language Models (LLMs) in this 28-minute Black Hat conference talk. Delve into the potential vulnerabilities of advanced AI systems like Bard and future iterations of ChatGPT that process various input types including text, audio, and images. Discover how attackers can exploit these models through indirect prompt and instruction injection using adversarial perturbations in images and audio recordings. Learn about the techniques used to manipulate unmodified, benign multi-modal LLMs into outputting attacker-chosen text or following malicious instructions. Gain insights from researchers Ben Nassi and Eugene Bagdasaryan on this emerging threat to AI security and its potential impact on the future of language models.