/ The hackers guide to AI: malicious use cases for LLMs

Description

This talk is for anyone who wants to see how a malicious actor can harness the power of AI for nefarious purposes, live and in action. Leveraging demos, we show how we can turn helpful AI assistants into evil agents of chaos, and turn AI hallucinations into malware advertisements. And even show how a complete novice can use an AI model can hack a vulnerable network entirely. 1. Basics of generative AI We explore how AI models are trained and the benefits and weaknesses of different types of models including baseline LLMs and instruction-tuned LLMs. 2. Prompt injection Prompt injection is social engineering for AI models. We demo basic prompt injection like jail breaking but quickly move to show how advanced injection can be used to take over an email account. Using a common AI email assistant we show how a malicious email containing a prompt injection can be used to steal data, inject malicious links and even take over an email account. 3. Package hallucinations Package hallucinations is typo squatting V2. 30% of software packages ChatGPT references do not exist in reality. We demo how malicious actors can create malware-laced packages ChatGPT will promote. 4. Malicious AI models Most AI models prevent you from creating malware, however some AI models, like White Rabiit, are trained specifically for performing malicious actiona White. We will demo how a complete novice can exploit a vulnerable network and encrypt data entirely using malicious AI models. 5. Using AI safely Finally, we will look at what we can do to protect ourselves from AI attacks and allow staff to use AI systems safely.

Session 🗣 Intermediate ⭐⭐ Track: AI, ML, Bigdata, Python