Kevin Lu
Bellarmine College Preparatory School
San Jose, CA
AEGIS: Security Sandboxing Meets Mechanistic Interpretability To Defend Against AI Prompt Injections
Kevin Lu, 17, of Santa Clara, developed a system to help programmers defend their large language models (LLMs) for his Regeneron Science Talent Search computer science project.
View Poster
Machine learning applications are vulnerable to prompt injection attacks, when a malicious prompt overrides the LLM’s internal rules and can then force the program to surrender sensitive data. Existing defenses against prompt injection are imperfect and often have high computing costs. In his project, Kevin combined traditional cybersecurity techniques with tools to analyze LLMs.
Kevin’s shield system, AEGIS, quarantines a suspicious prompt and interprets its threat level before processing it. In tests, 0% of simulated attacks against AEGIS were successful. Tools like Kevin’s could help secure services that incorporate LLMs, like Slack.
The son of Shufang Tian and Jun Lu, Kevin attends Bellarmine College Preparatory School (San Jose). As president of the Student Machine Learning Coalition, an international student-run educational collective, Kevin writes and teaches machine learning courses. A nationally ranked debater, Kevin captains his school’s team. His top speaking speed is 350 words per minute.
Beyond the Project
Kevin is president of the Student Machine Learning Coalition, a student-run educational collective with multiple chapters at different schools. He teaches advanced and beginner courses.
FUN FACTS: A skincare superfan, Kevin enjoys spending his Saturday nights watching television with his sister while they apply face masks.
