What is web LLM attack
Many companies are quickly adding Large Language Models (LLMs) to improve their online services. But this can also create new security risks called web LLM attacks. These attacks happen when hackers trick the LLM into doing things it shouldn’t — by using its access to data, APIs, or user information that the attacker normally can’t reach.
For example, an attacker might:
- Steal data the LLM can see — like its prompt, training data, or API responses.
- Use the LLM to attack APIs, such as performing a SQL injection through the model.
- Attack other users or systems that interact with the same LLM.
What is a large language model?
- LLMs are advanced AI models that understand and generate text by predicting the next words in a sentence.
- They are trained on large datasets to learn how language works and how words relate to each other.
- Most LLMs use a chat-style interface where users type messages called prompts.
- The input users give is managed through input validation rules to control what can be entered.
