Cloudflare announced the development of a Firewall on IT, and a layer of protection that helps detect abuse before it reaches the LLM (Large Language Model). The generation of artificial intelligence, to be used within the application to aksesojnë access to the internet, you may have a weakness that is exploited by the attacker.
Harder and protects the applications of IT
The Firewall on, IT is a firewall application on the web (WAF) that have been developed specifically for applications that use a model of HIM. Cloudflare notes that the cyber criminals cyber you can use the instructions specific to take advantage of the weakness of the shablloneve. But, the defense of an application IT is more complicated than it is an application of the traditional internet.
The latter are deterministic, which means that you are allowed to perform the same operation on each entry. The applications of AI, on the other hand, there are non-deterministic, for a variety of reasons. First of all, the input is based on the language of nature, so it is difficult to identify a demand problem. Moreover, the answers will always be different even in the same application.
In an application of the traditional, the code is separated from the data. In the LLM, however, that the figures are part of the tv model and, in the process of training. The foundation OSWAP is ranked 10 in weakness. Some of you may be in the phase of design, development, and training. The three of them (the Injection of a sudden, the Refusal of the Service Model and the Disclosure of the Information is sensitive, can be alleviated with a Firewall on IT.
The application, HE shall enter into the firewall via the API to determine the requirements (inputs). The responses (output) of the model and also to pass through the firewall
before we arrive at the TRUTH. The Denial of Service is similar to an attack is to describe the DoS, so that the firewall allows you to keep a limitation on the number of requests per session only.
The disclosure of the information is sensitive, on the other hand, is what happens when the model detects the data of the confidential information in the response, since they have been entered by mistake on the details of the training. You can create a rule in order for the firewall to block the exit with the sensitive information. It also operates in reverse, to prevent a user from the input of personal information to requirements.
One of the techniques most widely used for the manipulation of the models, it is known as the Injection of the fast. Get the request to generate the hallucinations or the answers are wrong and abusive. The Firewall of the Cloudflare able to block such a request by the rules set forth by the client.
Two of the protections of the first, are already available, while the third is still in development, and is a version of the beta will be released in the next few months. Interested parties can register on the waiting list.
Discussion about this post