您的浏览器禁用了JavaScript(一种计算机语言,用以实现您与网页的交互),请解除该禁用,或者联系我们。 [OWASP]:2025年大语言模型应用十大安全风险 - 发现报告

2025年大语言模型应用十大安全风险

信息技术 2024-11-18 - OWASP Billy
报告封面

LLM Applications 2025 Version 2025November 18, 2024 REVISION HISTORY 2023-08-01 Version 1.0 Release2023-10-16 Version 1.1 Release2024-11-18 Version 2025 Release OWASP Top 10 for LLM Applications v2.0LLM05:2025 Improper Output Handling OWASP Top 10 for LLM Applications v2.0LLM06:2025 Excessive Agency OWASP Top 10 for LLM Applications v2.0LLM07:2025 System Prompt Leakage Description 1. Proof Pudding (CVE-2019-20634) AVID (`moohax` & `monoxgas`)2. arXiv:2403.06634 Stealing Part of a Production Language Model arXiv3. Runaway LLaMA | How Meta's LLaMA NLP model leaked: Deep Learning Blog4. I Know What You See:: Arxiv White Paper5. A Comprehensive Defense Framework Against Model Extraction Attacks: IEEE6. Alpaca: A Strong, Replicable Instruction-Following Model: Stanford Center on Researchfor Foundation Models (CRFM)7. How Watermarking Can Help Mitigate The Potential Risks Of LLMs?: KD Nuggets8. Securing AI Model Weights Preventing Theft and Misuse of Frontier Models9. Sponge Examples: Energy-Latency Attacks on Neural Networks: Arxiv White Paper arXiv10. Sourcegraph Security Incident on API Limits Manipulation and DoS Attack Sourcegraph