Hugging Face's logo

withsecure
/
DistilBERT-PromptInjectionDetectorForCVs

Text Classification
Transformers
PyTorch
English
distilbert
promptinjection
Inference Endpoints
Model card Files Community
kyuz0 commited on
Commit
f95c98b
1 Parent(s): 332f8ed

Update README.md

Browse files
Files changed (1) hide show
  1. README.md +14 -10
README.md CHANGED
@@ -9,20 +9,24 @@ tags:
9
  ---
10
  # Model Card for DistilBERT-PromptInjectionDetectorForCVs
11
 
12
- ## Model Description
13
- This DistilBERT-based model was developed as part of a research project aiming to mitigate prompt injection attacks in applications processing CVs. It specifically targets the nuanced domain of CV submissions, demonstrating a strategy to distinguish between legitimate CVs and those containing prompt injection attempts.
14
 
15
- ## Research and Application Context
16
- The model was created in the context of demonstrating a synthetic application handling CVs, showcasing a domain-specific approach to mitigate prompt injection attacks. This work, including the model and its underlying strategy, is detailed in our [research blog](http://placeholder) and the synthetic application can be accessed [here](http://placeholder).
17
 
18
  ## Training Data
19
- The model was fine-tuned on a custom dataset that combines domain-specific examples (legitimate CVs) with prompt injection examples to create a more tailored dataset. This dataset includes legitimate CVs, pure prompt injection texts, and CVs with embedded prompt injection attempts. The original datasets used are available on Hugging Face: [Resume Dataset](https://huggingface.co/datasets/Lakshmi12/Resume_Dataset) for CVs and [Prompt Injections](https://huggingface.co/datasets/deepset/prompt-injections) for injection examples.
 
 
 
 
20
 
21
  ## Intended Use
22
- This model is not intended for production use but serves as a demonstration of a domain-specific strategy to mitigate prompt injection attacks. It should be employed as part of a broader security strategy, including securing the model's output, as described in our article. This approach is meant to showcase how to address prompt injection risks in a targeted application scenario.
23
 
24
- ## Limitations and Ethical Considerations
25
- Prompt injection in Large Language Models (LLMs) remains an open problem with no deterministic solution. While this model offers a mitigation strategy, it's important to understand that new ways to perform injection attacks may still be possible. Users should consider this model as an example of how to approach mitigation in a specific domain, rather than a definitive solution.
26
 
27
- ## License and Usage
28
- The model and datasets are shared for research purposes, encouraging further exploration and development of mitigation strategies against prompt injection attacks. Users are encouraged to refer to the specific licenses of the datasets and the model for more details on permissible use cases.
 
9
  ---
10
  # Model Card for DistilBERT-PromptInjectionDetectorForCVs
11
 
12
+ ## Model Overview
13
+ This model, leveraging the DistilBERT architecture, has been fine-tuned to demonstrate a strategy for mitigating prompt injection attacks. While it is specifically tailored for a synthetic application that handles CVs, the underlying research and methodology are intended to be applicable across various domains. This model serves as an example of how fine-tuning with domain-specific data can enhance the detection of prompt injection attempts in a targeted use case.
14
 
15
+ ## Research Context
16
+ The development of this model was part of broader research into general strategies for mitigating prompt injection attacks in Large Language Models (LLMs). The detailed findings and methodology are discussed in our [research blog](http://placeholder), with the synthetic CV application available [here](http://placeholder) serving as a practical demonstration.
17
 
18
  ## Training Data
19
+ To fine-tune this model, we combined a domain-specific dataset (legitimate CVs) with examples of prompt injections, resulting in a custom dataset that provides a nuanced perspective on detecting prompt injection attacks. This approach leverages the strengths of both:
20
+ - **CV Dataset:** [Resume Dataset](https://huggingface.co/datasets/Lakshmi12/Resume_Dataset)
21
+ - **Prompt Injection Dataset:** [Prompt Injections](https://huggingface.co/datasets/deepset/prompt-injections)
22
+
23
+ The custom dataset includes legitimate CVs, pure prompt injection examples, and CVs embedded with prompt injection attempts, creating a rich training environment for the model.
24
 
25
  ## Intended Use
26
+ This model is a demonstration of how a domain-specific approach can be applied to mitigate prompt injection attacks within a particular context, in this case, a synthetic CV application. It is important to note that this model is not intended for direct production use but rather to serve as an example within a broader strategy for securing LLMs against such attacks.
27
 
28
+ ## Limitations and Considerations
29
+ The challenge of prompt injection in LLMs is an ongoing research area, with no definitive solution currently available. While this model demonstrates a possible mitigation strategy within a specific domain, it is essential to recognize that it does not offer a comprehensive solution to the problem. Future prompt injection techniques may still succeed, underscoring the importance of continuous research and adaptation of mitigation strategies.
30
 
31
+ ## Conclusion
32
+ Our research aims to contribute to the broader discussion on securing LLMs against prompt injection attacks. This model, while specific to a synthetic application, showcases a piece of the puzzle in addressing these challenges. We encourage further exploration and development of strategies to fortify models against evolving threats in this space.