Published on:
8 May 2024
Primary Category:
Cryptography and Security
Paper Authors:
Eugene Bagdasaryan,
Ren Yi,
Sahra Ghalebikesabi,
Peter Kairouz,
Marco Gruteser,
Sewoong Oh,
Borja Balle,
Daniel Ramage
Adversaries can exploit context dependencies in conversational agents to extract private user data
AirGapAgent limits agent access to minimized user data necessary for each task
Restricting context prevents manipulation attacks that trick agents into oversharing
Across models, AirGapAgent blocks up to 97% of attacks with little utility loss
Protecting privacy in conversational agents
This paper introduces a new threat model where adversarial third parties manipulate context to trick conversational agents into leaking private user data. The authors propose AirGapAgent, an architecture that restricts agent access to only necessary user data for a task. Experiments show AirGapAgent protects up to 97% of user data from context manipulation attacks while maintaining utility.
Collaborating Large and Small AI Models for Secure Context Use
Contextual Confidence in AI Communications
How fine-tuning amplifies privacy risks in large language models
Using pre-trained language models for network security
Manipulating Deep Reinforcement Learning Stock Traders
Security risks of AI code generators
No comments yet, be the first to start the conversation...
Sign up to comment on this paper