| [1] | What Are Large Language Models (LLMs)? IBM.
https://www.ibm.com/topics/large-language-models
|
| [2] | DALL-E. Wikipedia.
https://en.wikipedia.org/wiki/DALL-E
|
| [3] | Lakera LLM Security Playbook. Lakera.
https://www.lakera.ai/ai-security-guides/llm-security-playbook
|
| [4] | OWASP (2023) OWASP Top 10 for Large Language Model Applications.
https://owasp.org/www-project-top-10-for-large-language-model-applications
|
| [5] | OWASP (2023) LLM01:2023—Prompt Injections.
https://owasp.org/www-project-top-10-for-large-language-model-applications/Archive/0_1_vulns/Prompt_Injection.html
|
| [6] | OWASP (2023) LLM10:2023—Training Data Poisoning.
https://owasp.org/www-project-top-10-for-large-language-model-applications/Archive/0_1_vulns/Training_Data_Poisoning.html
|
| [7] | Shah, D. (2023) The ELI5 Guide to Prompt Injection: Techniques, Prevention Methods & Tools. Lakera.
https://www.lakera.ai/blog/guide-to-prompt-injection
|
| [8] | Shah, D. (2023) Introduction to Training Data Poisoning: A Beginner’s Guide. Lakera.
https://www.lakera.ai/blog/training-data-poisoning
|
| [9] | Common Vulnerability Scoring System: Specification Document. FIRST.
https://www.first.org/cvss/specification-document
|
| [10] | Hughes, C. (2023) Will CVSS 4.0 Be a Vulnerability-Scoring Breakthrough or Is It Broken? CSO.
https://www.csoonline.com/article/648607/will-cvss-4-0-be-a-vulnerability-scoring-breakthrough-or-is-it-broken.html
|
| [11] | Vulnerability Metrics. NVD.
https://nvd.nist.gov/vuln-metrics/cvss
|
| [12] | CVSS v3.1 Specification Document. FIRST.
https://www.first.org/cvss/v3.1/specification-document
|
| [13] | Schroeder, W. (2024) Learning Machine Learning Part 3: Attacking Black Box Models. Medium.
https://posts.specterops.io/learning-machine-learning-part-3-attacking-black-box-models-3efffc256909
|
| [14] | How Cyber Threats Can Affect Your Organization. Genetec.
https://www.genetec.com/blog/cybersecurity/how-cyber-threats-can-affect-your-organization
|
| [15] | United States District Court Southern District of New York (2023) Case 1:23-cv-11195 Document 1 Filed 12/27/23.
https://nytco-assets.nytimes.com/2023/12/NYT_Complaint_Dec2023.pdf
|
| [16] | Common Vulnerability Scoring System Calculator. NVD.
https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator
|
| [17] | Liu, H., et al. (2023) RIATIG: Reliable and Imperceptible Adversarial Text-to-Image Generation with Natural Prompts. 2023 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), Vancouver, 18-22 June 2023, 20585-20594.
|
| [18] | Maus, N., et al. (2023) Black Box Adversarial Prompting for Foundation Models.
https://arxiv.org/abs/2302.04237
|
| [19] | Struppek, L., et al. (2023) Exploiting Cultural Biases via Homoglyphs in Text-to-Image Synthesis. Journal of Artificial Intelligence Research, 78, 1017-1068.
|
| [20] | ABET (2019) Criteria for Accrediting Computing Programs, 2019-2020.
https://www.abet.org/accreditation/accreditation-criteria/criteria-for-accrediting-computing-programs-2019-2020/#GC3
|
| [21] | McAfee Network Security Platform 9.1.x Product Guide. Attack Categories, Trellix Doc Portal, 2023.
https://docs.trellix.com/bundle/network-security-platform-9.1.x-product-guide/page/GUID-A2BABA05-42EF-41F2-A6A3-57892D17DA7B.html
|
| [22] | Qu, Y., et al. (2023) On the Proactive Generation of Unsafe Images from Text-to-Image Models Using Benign Prompts.
https://arxiv.org/abs/2305.13873
|
| [23] | Shan, S., et al. (2023) Prompt-Specific Poisoning Attacks on Text-to-Image Generative Models.
https://arxiv.org/abs/2310.13828
|
| [24] | Struppek, L., et al. (2023) Rickrolling the Artist: Injecting Backdoors into Text Encoders for Text to Image Synthesis. IEEE/CVF International Conference on Computer Vision (ICCV), Paris, 2-3 October 2023, 4561-4573.
https://arxiv.org/abs/2211.02408
|
| [25] | Internal vs External Threats—Here’s All You Need to Know. Blogs by Cyril, SecureTriad, 2021.
https://securetriad.io/internal-vs-external-threats/
|
| [26] | International Security Ligue (2023) Internal Threats Grow, as both a Problem and Security Priority.
https://www.security-ligue.org/news?tx_news_pi1[action]=detail&tx_news_pi1[controller]=News&tx_news_pi1[news]=207&cHash=aa008ddccc6311803eb094847a94b212#:~:text=Internal threats are experienced more,in the last 12 months
|
| [27] | SoftActivity (2023) 31 Insider Threat Stats You Need to Know in 2024” Monitoring Software Blog.
https://www.softactivity.com/ideas/insider-threat-statistics
|
| [28] | Bhatia, J. (2017) Comparison of White Box, Black Box and Gray Box Cryptography. International Journal of Innovations in Engineering and Technology (IJIET), 8, 217-221.
http://ijiet.com/wp-content/uploads/2017/05/31.pdf
|
| [29] | Gomes, J. (2019) Adversarial Attacks and Defences for Convolutional Neural Networks. Medium.
https://medium.com/onfido-tech/adversarial-attacks-and-defences-for-convolutional-neural-networks-66915ece52e7
|
| [30] | Jiang, F., et al. (2024) ArtPrompt: ASCII Art-Based Jailbreak Attacks against Aligned LLMs.
https://arxiv.org/pdf/2402.11753.pdf
|
| [31] | Livshitz, I. (2019) What’s the Difference Between a High Interaction Honeypot and a Low Interaction Honeypot? Akamai.
https://www.akamai.com/blog/security/high-interaction-honeypot-versus-low-interaction-honeypot-comparison
|
| [32] | Kapko, M. (2024) How Companies Describe Cyber Incidents in SEC Filings. Cybersecurity Dive.
https://www.cybersecuritydive.com/news/sec-filing-cyber-incidentdescriptions/710678/?utm_source=Sailthru&utm_medium=email&utm_campaign=Issue
|
| [33] | Jones, D. (2024) What’s Material to the SEC, 3 Months into Cyber Disclosure Rules? Cybersecurity Dive.
https://www.cybersecuritydive.com/news/sec-3-months-cyber-disclosure-rules/710562/
|
