OALib Journal期刊
ISSN: 2333-9721
费用：99美元

投递稿件

查看量	下载量

相关文章
更多...

Journal of Software Engineering and Applications 2024

Security Vulnerability Analyses of Large Language Models (LLMs) through Extension of the Common Vulnerability Scoring System (CVSS) Framework

DOI: 10.4236/jsea.2024.175019, PP. 340-358

Alicia Biju, Vishnupriya Ramesh, Vijay K. Madisetti

Keywords: Common Vulnerability Scoring System (CVSS), Large Language Models (LLMs), DALL-E, Prompt Injections, Training Data Poisoning, CVSS Metrics

Full-Text Cite this paper Add to My Lib

Abstract:

Large Language Models (LLMs) have revolutionized Generative Artificial Intelligence (GenAI) tasks, becoming an integral part of various applications in society, including text generation, translation, summarization, and more. However, their widespread usage emphasizes the critical need to enhance their security posture to ensure the integrity and reliability of their outputs and minimize harmful effects. Prompt injections and training data poisoning attacks are two of the most prominent vulnerabilities in LLMs, which could potentially lead to unpredictable and undesirable behaviors, such as biased outputs, misinformation propagation, and even malicious content generation. The Common Vulnerability Scoring System (CVSS) framework provides a standardized approach to capturing the principal characteristics of vulnerabilities, facilitating a deeper understanding of their severity within the security and AI communities. By extending the current CVSS framework, we generate scores for these vulnerabilities such that organizations can prioritize mitigation efforts, allocate resources effectively, and implement targeted security measures to defend against potential risks.

References

[1]	What Are Large Language Models (LLMs)? IBM. https://www.ibm.com/topics/large-language-models
[2]	DALL-E. Wikipedia. https://en.wikipedia.org/wiki/DALL-E
[3]	Lakera LLM Security Playbook. Lakera. https://www.lakera.ai/ai-security-guides/llm-security-playbook
[4]	OWASP (2023) OWASP Top 10 for Large Language Model Applications. https://owasp.org/www-project-top-10-for-large-language-model-applications
[5]	OWASP (2023) LLM01:2023—Prompt Injections. https://owasp.org/www-project-top-10-for-large-language-model-applications/Archive/0_1_vulns/Prompt_Injection.html
[6]	OWASP (2023) LLM10:2023—Training Data Poisoning. https://owasp.org/www-project-top-10-for-large-language-model-applications/Archive/0_1_vulns/Training_Data_Poisoning.html
[7]	Shah, D. (2023) The ELI5 Guide to Prompt Injection: Techniques, Prevention Methods & Tools. Lakera. https://www.lakera.ai/blog/guide-to-prompt-injection
[8]	Shah, D. (2023) Introduction to Training Data Poisoning: A Beginner’s Guide. Lakera. https://www.lakera.ai/blog/training-data-poisoning
[9]	Common Vulnerability Scoring System: Specification Document. FIRST. https://www.first.org/cvss/specification-document
[10]	Hughes, C. (2023) Will CVSS 4.0 Be a Vulnerability-Scoring Breakthrough or Is It Broken? CSO. https://www.csoonline.com/article/648607/will-cvss-4-0-be-a-vulnerability-scoring-breakthrough-or-is-it-broken.html
[11]	Vulnerability Metrics. NVD. https://nvd.nist.gov/vuln-metrics/cvss
[12]	CVSS v3.1 Specification Document. FIRST. https://www.first.org/cvss/v3.1/specification-document
[13]	Schroeder, W. (2024) Learning Machine Learning Part 3: Attacking Black Box Models. Medium. https://posts.specterops.io/learning-machine-learning-part-3-attacking-black-box-models-3efffc256909
[14]	How Cyber Threats Can Affect Your Organization. Genetec. https://www.genetec.com/blog/cybersecurity/how-cyber-threats-can-affect-your-organization
[15]	United States District Court Southern District of New York (2023) Case 1:23-cv-11195 Document 1 Filed 12/27/23. https://nytco-assets.nytimes.com/2023/12/NYT_Complaint_Dec2023.pdf
[16]	Common Vulnerability Scoring System Calculator. NVD. https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator
[17]	Liu, H., et al. (2023) RIATIG: Reliable and Imperceptible Adversarial Text-to-Image Generation with Natural Prompts. 2023 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), Vancouver, 18-22 June 2023, 20585-20594.
[18]	Maus, N., et al. (2023) Black Box Adversarial Prompting for Foundation Models. https://arxiv.org/abs/2302.04237
[19]	Struppek, L., et al. (2023) Exploiting Cultural Biases via Homoglyphs in Text-to-Image Synthesis. Journal of Artificial Intelligence Research, 78, 1017-1068.
[20]	ABET (2019) Criteria for Accrediting Computing Programs, 2019-2020. https://www.abet.org/accreditation/accreditation-criteria/criteria-for-accrediting-computing-programs-2019-2020/#GC3
[21]	McAfee Network Security Platform 9.1.x Product Guide. Attack Categories, Trellix Doc Portal, 2023. https://docs.trellix.com/bundle/network-security-platform-9.1.x-product-guide/page/GUID-A2BABA05-42EF-41F2-A6A3-57892D17DA7B.html
[22]	Qu, Y., et al. (2023) On the Proactive Generation of Unsafe Images from Text-to-Image Models Using Benign Prompts. https://arxiv.org/abs/2305.13873
[23]	Shan, S., et al. (2023) Prompt-Specific Poisoning Attacks on Text-to-Image Generative Models. https://arxiv.org/abs/2310.13828
[24]	Struppek, L., et al. (2023) Rickrolling the Artist: Injecting Backdoors into Text Encoders for Text to Image Synthesis. IEEE/CVF International Conference on Computer Vision (ICCV), Paris, 2-3 October 2023, 4561-4573. https://arxiv.org/abs/2211.02408
[25]	Internal vs External Threats—Here’s All You Need to Know. Blogs by Cyril, SecureTriad, 2021. https://securetriad.io/internal-vs-external-threats/
[26]	International Security Ligue (2023) Internal Threats Grow, as both a Problem and Security Priority. https://www.security-ligue.org/news?tx_news_pi1[action]=detail&tx_news_pi1[controller]=News&tx_news_pi1[news]=207&cHash=aa008ddccc6311803eb094847a94b212#:~:text=Internal threats are experienced more,in the last 12 months
[27]	SoftActivity (2023) 31 Insider Threat Stats You Need to Know in 2024” Monitoring Software Blog. https://www.softactivity.com/ideas/insider-threat-statistics
[28]	Bhatia, J. (2017) Comparison of White Box, Black Box and Gray Box Cryptography. International Journal of Innovations in Engineering and Technology (IJIET), 8, 217-221. http://ijiet.com/wp-content/uploads/2017/05/31.pdf
[29]	Gomes, J. (2019) Adversarial Attacks and Defences for Convolutional Neural Networks. Medium. https://medium.com/onfido-tech/adversarial-attacks-and-defences-for-convolutional-neural-networks-66915ece52e7
[30]	Jiang, F., et al. (2024) ArtPrompt: ASCII Art-Based Jailbreak Attacks against Aligned LLMs. https://arxiv.org/pdf/2402.11753.pdf
[31]	Livshitz, I. (2019) What’s the Difference Between a High Interaction Honeypot and a Low Interaction Honeypot? Akamai. https://www.akamai.com/blog/security/high-interaction-honeypot-versus-low-interaction-honeypot-comparison
[32]	Kapko, M. (2024) How Companies Describe Cyber Incidents in SEC Filings. Cybersecurity Dive. https://www.cybersecuritydive.com/news/sec-filing-cyber-incidentdescriptions/710678/?utm_source=Sailthru&utm_medium=email&utm_campaign=Issue
[33]	Jones, D. (2024) What’s Material to the SEC, 3 Months into Cyber Disclosure Rules? Cybersecurity Dive. https://www.cybersecuritydive.com/news/sec-3-months-cyber-disclosure-rules/710562/

Full-Text

comments powered by Disqus

Contact Us

service@oalib.com

QQ:3279437679

WhatsApp +8615387084133

WeChat 1538708413