Workshop: Exploiting AI with Ben Bowman

This class will mostly be the offensive side of things with students getting to practice offensive techniques in a controlled environment as well as learning about tooling that exists to attack AI models. This should help students understand the risks of AI but will not teach any hands on defensive remediations, only discussion of how to potentially harden and remediate security issues.

Syllabus

The Basics

• What is AI and LLM
• Deep Dive
• What Attack Surfaces exist

Attack Vectors

• Prompt Injection
• Filter Dumping
• Containment Breach
• Data Poisoning
• Training a spam classifier
• Training a network traffic classification system
• Model Inversion Attacks
• Inferring Information Using a Loan Assessment AI
• Transfer Model Attack

Preventitive Measures

• Preventing Prompt Injection
• Preventing Data Poisoning
• Preventing Model Inversion Attacks
• Preventing Transfer Model Attacks

Understanding the real world

• Entering an Uncontrolled Environment

Tooling

• PyRit
• Garak
• Playgrounds

Virtual (September 12th, 2025)

• September 12th – 11 AM EST – 4 PM EST

System Requirements

• Ryzen 5 or i5 CPU with 16 GB of RAM

Who should take this workshop/prerequisites

• This class is for people trying to learn about inherent risks that come with implementing AI in any facet.

VM/Lab/Student information

• VMs will be provided to the students.

Audience Skill Level

• Intermediate

Student Requirements

• Hypervisor(VMWare/Virtual Box) and Hugging Face.