Saved in:
Bibliographic Details
Main Authors: Liu, Yupei, Jia, Yuqi, Jia, Jinyuan, Gong, Neil Zhenqiang
Format: Preprint
Published: 2024
Subjects:
Online Access:https://arxiv.org/abs/2408.07291
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866914452305084416
author Liu, Yupei
Jia, Yuqi
Jia, Jinyuan
Gong, Neil Zhenqiang
author_facet Liu, Yupei
Jia, Yuqi
Jia, Jinyuan
Gong, Neil Zhenqiang
contents Automatically extracting personal information -- such as name, phone number, and email address -- from publicly available profiles at a large scale is a stepstone to many other security attacks including spear phishing. Traditional methods -- such as regular expression, keyword search, and entity detection -- achieve limited success at such personal information extraction. In this work, we perform a systematic measurement study to benchmark large language model (LLM) based personal information extraction and countermeasures. Towards this goal, we present a framework for LLM-based extraction attacks; collect four datasets including a synthetic dataset generated by GPT-4 and three real-world datasets with manually labeled eight categories of personal information; introduce a novel mitigation strategy based on prompt injection; and systematically benchmark LLM-based attacks and countermeasures using ten LLMs and five datasets. Our key findings include: LLM can be misused by attackers to accurately extract various personal information from personal profiles; LLM outperforms traditional methods; and prompt injection can defend against strong LLM-based attacks, reducing the attack to less effective traditional ones.
format Preprint
id arxiv_https___arxiv_org_abs_2408_07291
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle Evaluating LLM-based Personal Information Extraction and Countermeasures
Liu, Yupei
Jia, Yuqi
Jia, Jinyuan
Gong, Neil Zhenqiang
Cryptography and Security
Automatically extracting personal information -- such as name, phone number, and email address -- from publicly available profiles at a large scale is a stepstone to many other security attacks including spear phishing. Traditional methods -- such as regular expression, keyword search, and entity detection -- achieve limited success at such personal information extraction. In this work, we perform a systematic measurement study to benchmark large language model (LLM) based personal information extraction and countermeasures. Towards this goal, we present a framework for LLM-based extraction attacks; collect four datasets including a synthetic dataset generated by GPT-4 and three real-world datasets with manually labeled eight categories of personal information; introduce a novel mitigation strategy based on prompt injection; and systematically benchmark LLM-based attacks and countermeasures using ten LLMs and five datasets. Our key findings include: LLM can be misused by attackers to accurately extract various personal information from personal profiles; LLM outperforms traditional methods; and prompt injection can defend against strong LLM-based attacks, reducing the attack to less effective traditional ones.
title Evaluating LLM-based Personal Information Extraction and Countermeasures
topic Cryptography and Security
url https://arxiv.org/abs/2408.07291