Pentest Intern - LLM Agent Security
Researching intersection of AI and Cybersecurity to defend AutoPentest agents.
At InSecLab (CNSC), I focused on the intersection of Artificial Intelligence and Cybersecurity, specifically securing LLM-based Automated Penetration Testing (AutoPentest) agents against Prompt Injection attacks.
- LLM Agent research: Conducted in-depth analysis of CAI and VulnBot, two prominent AutoPentest agents, and their vulnerability surfaces.
- Deceptive environment simulation: Deployed CVE-Bench integrated with Mantis Honeypot using Docker and vLLM to replicate real-world attack scenarios.
- Novel defense mechanism: Designed and implemented a "Prompt Defense" system that enables AI Agents to detect and evade malicious honeypot traps.
- Breakthrough results: Improved the agent's evasion rate from 0% to 90% against active deceptive defenses, benchmarked on Qwen3-32B.