system-prompt-recoverytricks the model into revealing its hidden instructions.training-data-memorizationfishes for exact text the model memorized during training.distillation-attackharvests many answers to train a cheap copycat model.architecture-probingasks questions to guess the model’s size and design.version-detectionfigures out which model and version is running behind the scenes.
Attack Strategies
Model Extraction: Attack Strategy
Tricks that try to pull private details out of an AI model. That includes its hidden system prompt, its training data, its settings, and even clues to copy
What it is: Tricks that try to pull private details out of an AI model. That includes its hidden system prompt, its training data, its settings, and even clues to copy the model itself.
How the attacks work: The attacker probes with clever questions and watches the answers for leaks. Many small queries can map how the model behaves, or coax it into repeating secrets it should keep hidden.
Real examples from the framework: