{"id":"https://openalex.org/W7117387429","doi":"https://doi.org/10.1145/3769694.3771165","title":"Weaponizing Words: Direct &amp; Indirect Prompt Injection Attacks on LLM","display_name":"Weaponizing Words: Direct &amp; Indirect Prompt Injection Attacks on LLM","publication_year":2025,"publication_date":"2025-11-06","ids":{"openalex":"https://openalex.org/W7117387429","doi":"https://doi.org/10.1145/3769694.3771165"},"language":null,"primary_location":{"id":"doi:10.1145/3769694.3771165","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3769694.3771165","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 26th ACM Annual Conference on Cybersecurity &amp; Information Technology Education","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5113211821","display_name":"PJ Reddy","orcid":null},"institutions":[{"id":"https://openalex.org/I193531525","display_name":"George Washington University","ror":"https://ror.org/00y4zzh67","country_code":"US","type":"education","lineage":["https://openalex.org/I193531525"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Pavan Reddy","raw_affiliation_strings":["George Washington University, Washington, DC, USA"],"raw_orcid":"https://orcid.org/0009-0001-4832-1845","affiliations":[{"raw_affiliation_string":"George Washington University, Washington, DC, USA","institution_ids":["https://openalex.org/I193531525"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5113211821"],"corresponding_institution_ids":["https://openalex.org/I193531525"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.84071589,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"292","last_page":"293"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11986","display_name":"Scientific Computing and Data Management","score":0.33000001311302185,"subfield":{"id":"https://openalex.org/subfields/1802","display_name":"Information Systems and Management"},"field":{"id":"https://openalex.org/fields/18","display_name":"Decision Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T11986","display_name":"Scientific Computing and Data Management","score":0.33000001311302185,"subfield":{"id":"https://openalex.org/subfields/1802","display_name":"Information Systems and Management"},"field":{"id":"https://openalex.org/fields/18","display_name":"Decision Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.0877000018954277,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.06750000268220901,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/checklist","display_name":"Checklist","score":0.4659999907016754},{"id":"https://openalex.org/keywords/trusted-platform-module","display_name":"Trusted Platform Module","score":0.4018999934196472},{"id":"https://openalex.org/keywords/trusted-computing","display_name":"Trusted Computing","score":0.36489999294281006},{"id":"https://openalex.org/keywords/open-source","display_name":"Open source","score":0.3212999999523163},{"id":"https://openalex.org/keywords/data-validation","display_name":"Data validation","score":0.3158000111579895},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.31529998779296875}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5927000045776367},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5332000255584717},{"id":"https://openalex.org/C2779356329","wikidata":"https://www.wikidata.org/wiki/Q922625","display_name":"Checklist","level":2,"score":0.4659999907016754},{"id":"https://openalex.org/C202775310","wikidata":"https://www.wikidata.org/wiki/Q1140366","display_name":"Trusted Platform Module","level":2,"score":0.4018999934196472},{"id":"https://openalex.org/C2776831232","wikidata":"https://www.wikidata.org/wiki/Q966812","display_name":"Trusted Computing","level":2,"score":0.36489999294281006},{"id":"https://openalex.org/C3018397939","wikidata":"https://www.wikidata.org/wiki/Q3644502","display_name":"Open source","level":3,"score":0.3212999999523163},{"id":"https://openalex.org/C92446256","wikidata":"https://www.wikidata.org/wiki/Q3306762","display_name":"Data validation","level":2,"score":0.3158000111579895},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.31529998779296875},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.3107999861240387},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.29260000586509705},{"id":"https://openalex.org/C48677424","wikidata":"https://www.wikidata.org/wiki/Q6888088","display_name":"Mode (computer interface)","level":2,"score":0.2750999927520752},{"id":"https://openalex.org/C60448319","wikidata":"https://www.wikidata.org/wiki/Q154021","display_name":"Block cipher mode of operation","level":2,"score":0.2694000005722046},{"id":"https://openalex.org/C2775928411","wikidata":"https://www.wikidata.org/wiki/Q2041312","display_name":"Fault injection","level":3,"score":0.2612000107765198}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3769694.3771165","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3769694.3771165","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 26th ACM Annual Conference on Cybersecurity &amp; Information Technology Education","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":2,"referenced_works":["https://openalex.org/W4386556582","https://openalex.org/W4388886073"],"related_works":[],"abstract_inverted_index":{"As":[0],"AI":[1],"systems\u2014particularly":[2],"LLM":[3,25],"applications\u2014proliferate":[4],"across":[5],"products":[6],"and":[7,51,64,77,97,108,118,136,142,153,164],"workflows,":[8],"security":[9],"has":[10],"not":[11],"kept":[12],"pace.":[13],"Prompt":[14],"injection":[15,46,53],"is":[16],"the":[17,38,83,167],"failure":[18],"mode":[19],"most":[20],"likely":[21],"to":[22],"turn":[23],"well-intentioned":[24],"applications":[26],"into":[27,160],"unsafe":[28],"systems":[29],"[4].":[30],"This":[31],"75-minute,":[32],"code-first":[33],"tutorial":[34],"focuses":[35],"exclusively":[36],"on":[37,90],"two":[39,60],"forms":[40],"that":[41,71],"matter":[42],"in":[43],"practice:":[44],"direct":[45],"through":[47],"trusted":[48],"input":[49,126],"channels":[50],"indirect":[52],"via":[54],"retrieved":[55],"or":[56],"linked":[57],"content.":[58],"Using":[59],"reproducible":[61],"demos\u2014EmailGPT":[62],"(direct)":[63],"EchoLeak":[65],"(indirect)\u2014participants":[66],"will":[67],"reproduce":[68],"end-to-end":[69],"attacks":[70],"override":[72],"system":[73],"instructions,":[74],"exfiltrate":[75],"secrets,":[76],"trigger":[78],"unauthorized":[79],"actions,":[80],"then":[81],"harden":[82],"pipelines":[84],"step":[85],"by":[86],"step.":[87],"Labs":[88],"run":[89],"free":[91],"notebooks":[92],"with":[93,148],"small":[94],"open":[95],"models":[96],"mock":[98],"tools;":[99],"no":[100],"API":[101],"keys":[102],"required.":[103],"We":[104],"distill":[105],"why":[106],"guardrails":[107],"\u201cbetter":[109],"prompts\u201d":[110],"alone":[111],"are":[112],"insufficient\u2014instruction-following":[113],"bias,":[114],"collapsed":[115],"trust":[116],"boundaries,":[117],"tool":[119,140],"autopilot\u2014and":[120],"build":[121],"a":[122,154],"deployable":[123],"defense-in-depth":[124],"stack:":[125],"canonicalization,":[127],"instruction/data":[128],"separation,":[129],"untrusted-context":[130],"labeling,":[131],"structured":[132],"I/O":[133],"contracts,":[134],"provenance":[135],"taint":[137],"tracking,":[138],"deny-by-default":[139],"policies,":[141],"red-team":[143],"regression":[144],"tests.":[145],"Attendees":[146],"leave":[147],"working":[149],"intuition,":[150],"tested":[151],"code,":[152],"practical":[155],"checklist":[156],"they":[157],"can":[158],"drop":[159],"RAG":[161],"flows,":[162],"agents,":[163],"email":[165],"assistants":[166],"same":[168],"day.":[169]},"counts_by_year":[],"updated_date":"2025-12-27T23:12:19.206068","created_date":"2025-12-27T00:00:00"}