📄 中文摘要
RAG(检索增强生成)系统的安全性面临新的挑战,传统的安全扫描工具如 nmap、nuclei 或 DAST 工具无法有效识别其漏洞。RAG 系统广泛应用于企业 LLM 应用程序中,如客户支持机器人和内部知识库等,通常通过检索相关文档并将其注入 LLM 上下文中生成响应。由于其独特的架构,安全团队需要重新评估现有的安全扫描方法,以应对 RAG 系统带来的新型攻击方式。
如何攻击 RAG 系统——以及为什么你的安全扫描器无法捕捉到它
📄 English Summary
How to Attack a RAG System — and Why Your Security Scanner Won't Catch It
RAG (Retrieval Augmented Generation) systems present new security challenges that traditional scanning tools like nmap, nuclei, or DAST cannot effectively identify. Widely used in enterprise LLM applications such as customer support bots and internal knowledge bases, RAG systems typically retrieve relevant documents and inject them into the LLM context to generate responses. Due to their unique architecture, security teams need to reassess existing scanning methodologies to address the novel attack vectors posed by RAG systems.