This research reveals a critical security vulnerability in distributed large language model inference systems where companies share computational resources.

• Identifies a novel prompt inversion attack that allows malicious participants to recover sensitive user prompts
• Demonstrates working attacks against popular models including Llama and Vicuna
• Shows that current protection mechanisms are insufficient against these threats
• Proposes initial countermeasures and highlights urgent need for robust security solutions

This work is significant because many companies are building collaborative inference platforms to reduce LLM deployment costs, but may be unknowingly exposing users to serious privacy risks.

Prompt Inversion Attack against Collaborative Inference of Large Language Models