Kevin Lu
Bellarmine College Preparatory School
San Jose, CA
AEGIS: Security Sandboxing Meets Mechanistic Interpretability To Defend Against AI Prompt Injections
Kevin Lu, 17, of Santa Clara, developed a system to help programmers defend their large language models (LLMs) for his Regeneron Science Talent Search computer science project.
Machine learning applications are vulnerable to prompt injection attacks, when a malicious prompt overrides the LLM鈥檚 internal rules and can then force the program to surrender sensitive data. Existing defenses against prompt injection are imperfect and often have high computing costs. In his project, Kevin combined traditional cybersecurity techniques with tools to analyze LLMs.
Kevin鈥檚 shield system, AEGIS, quarantines a suspicious prompt and interprets its threat level before processing it. In tests, 0% of simulated attacks against AEGIS were successful. Tools like Kevin鈥檚 could help secure services that incorporate LLMs, like Slack.
The son of Shufang Tian and Jun Lu, Kevin attends Bellarmine College Preparatory School (San Jose). A nationally ranked debater, Kevin captains his school鈥檚 team. His top speaking speed is 350 words per minute.
Beyond the Project
Kevin is president of the Student Machine Learning Coalition, a student-run educational collective with multiple chapters at different schools. He teaches advanced and beginner courses.
FUN FACTS: A skincare superfan, Kevin enjoys spending his Saturday nights watching television with his sister while they apply face masks.
