Du är offline. Det här är en skrivskyddad version av sidan.
Hoppa till huvudinnehåll
KTH Exjobbportal
Växla navigering
Uppdrag
Prenumerera
Om KTH Exjobbportal
Om KTH Exjobbportal
För uppdragsgivare
För studenter
FAQ
Svenska
English
Svenska
Logga in
Ansök med e-post
Ansök med URL
Uppdrag
Rubrik
*
*
Organisation/Företag
*
Plats
*
Uppdrag
*
Beskrivning
*
*
Background and Motivation: LLMs are now being integrated in all parts of the digital infrastructure. Prompt injection attacks, where malicious input manipulates the LLM’s behavior, is a unique type of attack emerging for these systems. As the field is relatively new research in this area wild-grown. At the same time, LLMs are increasingly interconnected as autonomous agents by means of for instance the Model Context Protocol (MCP) introduces additional attack vectors by externalizing model context and tool access. Recently reported MCP threats include tool poisoning, tool shadowing, preference manipulation, and rug-pull attacks [1]. Liu et al. [2] introduced some conceptual structure, by formalizing and benchmarking prompt injection attacks but stopped short of offering a reusable threat modeling framework suitable for systematic analysis and design-time reasoning. Objectives: This project aims to develop a reusable threat modeling language for prompt injection and MCP-based attacks using the Meta Attack Language (MAL) framework. MAL conceptualizes threats into attack graphs that can be automatically generated for some given system configuration specification. The following steps will be included in the project: - Literature review: where MCP and prompt injection attacks are identified and collected. - Language Design: where appropriate threat modeling assets and associations are defined in MAL and the identified attack types are related to the assets and associations. - Validation and demonstration: A number of examples of prompt injection and MCP attacks reported in case reports are used to ensure that the developed language indeed is able to express the incidents as reported. (For the attack graph generation from the threat models, existing MAL tooling can be used.) - Model automation: develop a tool that can automatically generate a model in the developed language from a MCP LLM agent pipeline. References: [1] Hou et al., Model Context Protocol: Landscape, Security Threats, and Future Research Directions, 2025. https://doi.org/10.48550/arXiv.2503.23278 [2] Liu Y., et al., Formalizing and Benchmarking Prompt Injection Attacks and Defenses. USENIX Security 2024. https://doi.org/10.48550/arXiv.2310.12815 How to apply: Send your CV and University course grades to Mathias Ekstedt (mekstedt@kth.se). For questions about the project, send an email to the same address. Applications will be evaluated continously.
Det finns inga poster att visa.
Du har inte behörighet att visa de här posterna.
Fel när begäran slutfördes.
Läser in ...
Skapa
×
Stäng
Redigera
×
Stäng
Visa information
×
Stäng
Ta bort
×
Stäng
Vill du radera den här posten?
Fel
×
Stäng
Ett fel har uppstått.
Sista ansökningsdatum
*
*
Publiceringsdatum
*
*
Omfattning
30 hp
15 hp
15-30 hp
Applikationskanal
*
e-post
URL
Båda
E-post för ansökan
*
*
Appens URL
*
Ansökningshandlingar
*
CV, university course degrees
