Search papers, labs, and topics across Lattice.
The paper explores the security vulnerabilities of VLMs/LLMs by embedding the EICAR test file within JPEG images and uploading them to various platforms. The research demonstrates the ability to successfully mask the EICAR signature, extract the test file within LLM environments using Python, and execute obfuscation techniques, highlighting potential risks associated with file handling in these systems. The findings show that cloud-based generative AI and LLMs are susceptible to malicious file uploads and execution within their containerized environments.
LLMs can be tricked into executing malicious code hidden inside images, exposing a critical security vulnerability in their file handling capabilities.
This study demonstrates a novel approach to testing the security boundaries of Vision-Large Language Model (VLM/ LLM) using the EICAR test file embedded within JPEG images. We successfully executed four distinct protocols across multiple LLM platforms, including OpenAI GPT-4o, Microsoft Copilot, Google Gemini 1.5 Pro, and Anthropic Claude 3.5 Sonnet. The experiments validated that a modified JPEG containing the EICAR signature could be uploaded, manipulated, and potentially executed within LLM virtual workspaces. Key findings include: 1) consistent ability to mask the EICAR string in image metadata without detection, 2) successful extraction of the test file using Python-based manipulation within LLM environments, and 3) demonstration of multiple obfuscation techniques including base64 encoding and string reversal. This research extends Microsoft Research's"Penetration Testing Rules of Engagement"framework to evaluate cloud-based generative AI and LLM security boundaries, particularly focusing on file handling and execution capabilities within containerized environments.
