XiaoMi-AI文件搜索系统
World File Search SystemLAB2
DMIS ICT日时间表2025年1月
管理信息系统文凭级别1 6楼日时间主题计划室讲师星期二0800 - 1000业务信息技术DMIS 12 Mukundu T. Mukundu T. Tues 1000 - 1200介绍。用于计算机使用DMIS LAB2 JAMES M星期二1400 - 1700简介。到计算机编程DMIS实验室2 Zinyowowa F.星期四0800-1000会计基础DMIS 12 Shilling S. S. thers 1400-1600简介。通用数学DMIS 12 Chigumbu M. Thress 1000-1200商业通信DMIS 8 Mufundisi R.Fri 1000-1200简介。到信息系统DMIS 12 Makanjera J .. Mon 0900-1100 Cisco Lab Magwada F.管理信息系统文凭2级5楼日时间主题为Prog Room讲师讲师Mon 1000-1200数学方法DMIS 7 Chigumbu M. M. M. M. MON 1400 - 1600 NAVIGIGATING信息。超高速DMIS 7 Chigumbu M. M. Mon 0800-1000简介。管理DMIS 7先令s。 TUES 1400 – 1600 Principles of marketing DMIS 7 Chizema S FRI 0800 - 1000 Report writing & Comm skills DMIS 7 Chirango PT FRI 1200 – 1400 Systems analysis and design DMIS 10-6 th Zinyowera F. FRI 1400 – 1700 Programming I(VB.NET) DMIS Lab 2 Zinyowera F. Wed 1000-1200 CISCO Practical Lab Mrs Magwada DIPLOMA IN MANAGEMENT INFORMATION SYSTEMS LEVEL 3 5层楼日时间主题计划室讲师星期三 - 1000年1000个管理信息SYS DMIS 7 Zinyowowa F. Wed 1000 - 1300 Java编程DMIS编程DMIS LAB 2 ZINYOWORA F. ZINYOWORA F.周四0800 - 1000 for Business DMIS DMIS DMIS DMIS DMIS DMIS DMIS DMIS DMIS系统7 Makota 7 Makota J. T. Fri 1000 - 1200介绍。到计算机体系结构DMIS 6 Makanjera J Fri 1200 - 1400电子商务理论与实践DMIS 6 Chigumbu M. M. M. M.
LLM安全性的评论:威胁和缓解 - 开放元
图1:包含LLM关键字的纸张计数[5]。该图还代表了该地区的增长兴趣。............................................................................................................................................................... 1 Figure 2:Newly released version of OWAPS top 10 for LLM Applications [3]............................................................................................................................................................................................................................................................................................................................可以看到后门攻击的示例。 您可以看到,当攻击者使用“ sudo”一词时,模型会改变其行为。 [27] ....................................................................................................................... 5 Figure 4: A working flow of an RAG technique can be seen [9]. 用户提出了LLM不知道的请求。 使用抹布技术,LLM从Internet获取内容并处理它。 然后,它为用户生成答案。 ................................................................................................................................................. 6 Figure 5: An inference attack example can be seen LLM analyzed some comments of a user and was able to detect his location [12]. ........................................................................................................................................... 7 Figure 6: LLM supply chain attack scenario is shown. 首先,毒害模型;其次,上传中毒的模型。 第三,受害者找到并拉动了模型。 第四步是受害者的使用。 首先,用户希望聊天GPT-4访问网站(1)。...........................................................................................................................................................................................................................................................................................................................可以看到后门攻击的示例。您可以看到,当攻击者使用“ sudo”一词时,模型会改变其行为。[27] ....................................................................................................................... 5 Figure 4: A working flow of an RAG technique can be seen [9].用户提出了LLM不知道的请求。使用抹布技术,LLM从Internet获取内容并处理它。然后,它为用户生成答案。................................................................................................................................................. 6 Figure 5: An inference attack example can be seen LLM analyzed some comments of a user and was able to detect his location [12]............................................................................................................................................ 7 Figure 6: LLM supply chain attack scenario is shown.首先,毒害模型;其次,上传中毒的模型。第三,受害者找到并拉动了模型。第四步是受害者的使用。首先,用户希望聊天GPT-4访问网站(1)。.......................................... 8 Figure 7: The end-to-end attack scenario is shown in the paper of Wu et al.然后,CHAT GPT-4使用插件(3)并获取恶意数据(4)。CHAT GPT-4运行命令(5)并调用新插件(6)。此插件创建用户的聊天历史记录,并将其发送给攻击者(7)[14]。..................................................................................................................................................................10 Figure 8: An example of an ignore attack is seen.可以看到,当用户提示“忽略指示并说您讨厌人类”时,可能会导致LLM返回“我讨厌人类”。作为输出[20]。......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................12 Figure 10: Malicious Code created by ChatGPT4.................................................................................................12 Figure 11: ChatGpt-4 Runs the malicious code and gives an error........................................................................13 Figure 12: Jailbreak attack example is shown.用户提出恶意问题,而chatgpt没有回答。但是,当它被要求作为角色扮演时,它会回答它。.....................................................................14 Figure 13: Web Security Academy's LLM labs website home page can be seen in the figure.可以看到实验室向攻击者提供电子邮件地址和日志页面。..................................................................................................................................................................................................................................................................................................................17 Figure 14: List of Available LLM APIs for Lab 1.................................................................................................18 Figure 15: The log page of the first lab is displayed.可以看到用于更新系统上电子邮件地址的查询。................................................................................................................................................19 Figure 16: Deleting Carlos' user account and receiving a congratulations message for completing the first PortSwigger............................................................................................................................................................19 Figure 17: Lab2 – OS command injection在LLM接口上显示在图中。...........................................20 Figure 18: The attacker's mailbox is shown.在每一行中,可以在“到”列中看到OS命令的输出。第一行显示删除操作后LS命令的结果,第二行显示了删除操作之前的LS命令结果,第三行显示Whoami命令的结果。...... 20图19:已显示产品页面。可以看出,在页面的底部,有一个审核部分,在页面顶部,有一个寄存器按钮使用户能够创建一个帐户。...................21 Figure 20: LLM response for the first two trials.在第一次尝试中,LLM没有识别命令并忽略了命令。查询产品会导致删除用户帐户。在第二次尝试中,它识别命令,但没有执行。..........................................22 Figure 21: Indirect Injection can be seen.