{"id":"https://openalex.org/W4411010518","doi":"https://doi.org/10.1145/3714393.3726501","title":"PromptShield: Deployable Detection for Prompt Injection Attacks","display_name":"PromptShield: Deployable Detection for Prompt Injection Attacks","publication_year":2024,"publication_date":"2024-06-19","ids":{"openalex":"https://openalex.org/W4411010518","doi":"https://doi.org/10.1145/3714393.3726501"},"language":"en","primary_location":{"id":"doi:10.1145/3714393.3726501","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3714393.3726501","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3714393.3726501","source":null,"license":"cc-by-nd","license_id":"https://openalex.org/licenses/cc-by-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Fifteenth ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3714393.3726501","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5116053964","display_name":"Dennis Jacob","orcid":null},"institutions":[{"id":"https://openalex.org/I95457486","display_name":"University of California, Berkeley","ror":"https://ror.org/01an7q238","country_code":"US","type":"education","lineage":["https://openalex.org/I95457486"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Dennis Jacob","raw_affiliation_strings":["University of California, Berkeley, Berkeley, CA, USA"],"affiliations":[{"raw_affiliation_string":"University of California, Berkeley, Berkeley, CA, USA","institution_ids":["https://openalex.org/I95457486"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5117822407","display_name":"Hend Alzahrani","orcid":null},"institutions":[{"id":"https://openalex.org/I1284598098","display_name":"King Abdulaziz City for Science and Technology","ror":"https://ror.org/05tdz6m39","country_code":"SA","type":"facility","lineage":["https://openalex.org/I1284598098"]}],"countries":["SA"],"is_corresponding":false,"raw_author_name":"Hend Alzahrani","raw_affiliation_strings":["King Abdulaziz City for Science and Technology, Riyadh, Saudi Arabia"],"affiliations":[{"raw_affiliation_string":"King Abdulaziz City for Science and Technology, Riyadh, Saudi Arabia","institution_ids":["https://openalex.org/I1284598098"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5051762155","display_name":"Zhanhao Hu","orcid":"https://orcid.org/0000-0002-3746-1447"},"institutions":[{"id":"https://openalex.org/I95457486","display_name":"University of California, Berkeley","ror":"https://ror.org/01an7q238","country_code":"US","type":"education","lineage":["https://openalex.org/I95457486"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Zhanhao Hu","raw_affiliation_strings":["University of California, Berkeley, Berkeley, CA, USA"],"affiliations":[{"raw_affiliation_string":"University of California, Berkeley, Berkeley, CA, USA","institution_ids":["https://openalex.org/I95457486"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5019524943","display_name":"Basel Alomair","orcid":"https://orcid.org/0000-0002-0494-2586"},"institutions":[{"id":"https://openalex.org/I1284598098","display_name":"King Abdulaziz City for Science and Technology","ror":"https://ror.org/05tdz6m39","country_code":"SA","type":"facility","lineage":["https://openalex.org/I1284598098"]}],"countries":["SA"],"is_corresponding":false,"raw_author_name":"Basel Alomair","raw_affiliation_strings":["King Abdulaziz City for Science and Technology, Riyadh, Saudi Arabia"],"affiliations":[{"raw_affiliation_string":"King Abdulaziz City for Science and Technology, Riyadh, Saudi Arabia","institution_ids":["https://openalex.org/I1284598098"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5072545254","display_name":"David Wagner","orcid":"https://orcid.org/0000-0002-9944-9232"},"institutions":[{"id":"https://openalex.org/I95457486","display_name":"University of California, Berkeley","ror":"https://ror.org/01an7q238","country_code":"US","type":"education","lineage":["https://openalex.org/I95457486"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"David Wagner","raw_affiliation_strings":["University of California, Berkeley, Berkeley, CA, USA"],"affiliations":[{"raw_affiliation_string":"University of California, Berkeley, Berkeley, CA, USA","institution_ids":["https://openalex.org/I95457486"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5116053964"],"corresponding_institution_ids":["https://openalex.org/I95457486"],"apc_list":null,"apc_paid":null,"fwci":2.0493,"has_fulltext":true,"cited_by_count":6,"citation_normalized_percentile":{"value":0.88464392,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"341","last_page":"352"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9915000200271606,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9891999959945679,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5986288785934448},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4546750485897064}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5986288785934448},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4546750485897064}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3714393.3726501","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3714393.3726501","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3714393.3726501","source":null,"license":"cc-by-nd","license_id":"https://openalex.org/licenses/cc-by-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Fifteenth ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"},{"id":"pmh:oai:escholarship.org:ark:/13030/qt9k36f725","is_oa":true,"landing_page_url":"https://escholarship.org/uc/item/9k36f725","pdf_url":"https://escholarship.org/content/qt9k36f725/qt9k36f725.pdf","source":{"id":"https://openalex.org/S4306400115","display_name":"eScholarship (California Digital Library)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I2801248553","host_organization_name":"California Digital Library","host_organization_lineage":["https://openalex.org/I2801248553"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.1145/3714393.3726501","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3714393.3726501","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3714393.3726501","source":null,"license":"cc-by-nd","license_id":"https://openalex.org/licenses/cc-by-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Fifteenth ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G173227207","display_name":null,"funder_award_id":"KACST","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G470517670","display_name":null,"funder_award_id":"CNS-2154873","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G6062656956","display_name":null,"funder_award_id":"IIS-2229876","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G6360409883","display_name":null,"funder_award_id":"2229876","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G7734553112","display_name":"Collaborative Research: SaTC: CORE: Small: Machine Learning for Cybersecurity: Robustness Against Concept Drift","funder_award_id":"2154873","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G848032724","display_name":null,"funder_award_id":"Science","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320315389","display_name":"Open Philanthropy Project","ror":"https://ror.org/004d1k391"},{"id":"https://openalex.org/F4320322997","display_name":"King Abdulaziz City for Science and Technology","ror":"https://ror.org/05tdz6m39"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4411010518.pdf","grobid_xml":"https://content.openalex.org/works/W4411010518.grobid-xml"},"referenced_works_count":31,"referenced_works":["https://openalex.org/W3168867926","https://openalex.org/W3177813494","https://openalex.org/W3211686893","https://openalex.org/W4224275713","https://openalex.org/W4226278401","https://openalex.org/W4286987939","https://openalex.org/W4309395891","https://openalex.org/W4312091890","https://openalex.org/W4322718191","https://openalex.org/W4327810158","https://openalex.org/W4378465191","https://openalex.org/W4384920109","https://openalex.org/W4385374425","https://openalex.org/W4385714464","https://openalex.org/W4386977707","https://openalex.org/W4387561041","https://openalex.org/W4387839052","https://openalex.org/W4388718089","https://openalex.org/W4388886073","https://openalex.org/W4389157312","https://openalex.org/W4389519291","https://openalex.org/W4390041933","https://openalex.org/W4390214189","https://openalex.org/W4391766701","https://openalex.org/W4395064792","https://openalex.org/W4401306886","https://openalex.org/W4402217583","https://openalex.org/W4403585381","https://openalex.org/W4404342689","https://openalex.org/W4404344885","https://openalex.org/W6898791098"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2390279801","https://openalex.org/W4391913857","https://openalex.org/W2358668433","https://openalex.org/W4396701345","https://openalex.org/W2376932109","https://openalex.org/W2001405890","https://openalex.org/W4396696052"],"abstract_inverted_index":{"Application":[0],"designers":[1],"have":[2,24],"moved":[3],"to":[4,19,27,84,106,123],"integrate":[5],"large":[6],"language":[7],"models":[8,120],"(LLMs)":[9],"into":[10],"their":[11],"products.":[12],"However,":[13],"many":[14,36],"LLM-integrated":[15],"applications":[16],"are":[17,37],"vulnerable":[18],"prompt":[20,33,60,88],"injections.":[21],"While":[22],"attempts":[23],"been":[25],"made":[26],"address":[28],"this":[29,48],"problem":[30],"by":[31],"building":[32],"injection":[34,61,89],"detectors,":[35],"not":[38],"yet":[39],"suitable":[40],"for":[41,55],"practical":[42],"deployment.":[43],"To":[44],"support":[45],"research":[46],"in":[47,96],"area,":[49],"we":[50,77],"introduce":[51],"PromptShield,":[52],"a":[53,86],"benchmark":[54,64],"training":[56,116],"and":[57,68,72,118],"evaluating":[58],"deployable":[59],"detectors.":[62],"Our":[63,109],"is":[65],"carefully":[66],"curated":[67],"includes":[69],"both":[70],"conversational":[71],"application-structured":[73],"data.":[74],"In":[75],"addition,":[76],"use":[78],"insights":[79],"from":[80],"our":[81],"curation":[82,114],"process":[83],"fine-tune":[85],"new":[87],"detector":[90,125],"that":[91,112],"achieves":[92],"significantly":[93],"higher":[94],"performance":[95],"the":[97],"low":[98],"false":[99],"positive":[100],"rate":[101],"(FPR)":[102],"evaluation":[103],"regime":[104],"compared":[105],"prior":[107],"schemes.":[108],"work":[110],"suggests":[111],"careful":[113],"of":[115],"data":[117],"larger":[119],"can":[121],"contribute":[122],"strong":[124],"performance.":[126]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":5}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}