December 10, 2024 at 08:27AM
Microsoft has launched the LLMail-Inject hacking challenge, offering $10,000 in prizes for breaking defenses in a simulated email client using an instruction-tuned large language model. The challenge runs until January 20, 2025, featuring 40 unique scenarios. Participants can form teams of up to five and must register via GitHub.
### Meeting Takeaways
1. **LLMail-Inject Challenge Overview**:
– Microsoft has launched a hacking challenge with a total of $10,000 in prizes.
– The challenge focuses on breaking protections of LLMail, an LLM-integrated email client.
2. **Competition Format**:
– Participants will act as attackers, sending emails that exploit weaknesses in prompt injection defenses to execute specific actions via the LLM.
– A total of 40 levels represent unique combinations of retrieval configurations, LLM models (GPT-4o mini or Phi-3-medium-128k-instruct), and defense mechanisms.
3. **Prizes**:
– There are four prize levels: $4,000, $3,000, $2,000, and $1,000.
– A live scoreboard will track participant progress throughout the event.
4. **Challenge Duration**:
– The challenge started on Monday and runs until January 20, 2025, at 11:59 a.m. UTC.
– The deadline may be extended if less than 10% of levels are completed by at least four teams.
5. **Participation Requirements**:
– Researchers interested in participating must sign up using a GitHub account, create a team (up to five members), and submit their entries on the dedicated LLMail-Inject website.
6. **Defensive Measures**:
– Included defenses against prompt injection attacks in the LLMail service are Spotlighting, PromptShield, LLM-as-a-judge, and TaskTracker, with combinations of these also being tested.
7. **Next Steps for Participants**:
– Interested teams should expedite their registration and familiarize themselves with different scenarios and objectives laid out in the challenge.
These structured elements highlight the competitive framework and engagement opportunities presented by Microsoft through the LLMail-Inject challenge.