2410.14728v1

Model: gemini-2.0-flash

# Security Threats in Agentic AI System **Authors**: - Kolkata, India - \AndEdwin Jose (Department of Computer Science) - Michigan, USA Abstract This research paper explores the privacy and security threats posed to an Agentic AI system with direct access to database systems. Such access introduces significant risks, including unauthorized retrieval of sensitive information, potential exploitation of system vulnerabilities, and misuse of personal or confidential data. The complexity of AI systems combined with their ability to process and analyze large volumes of data increases the chances of data leaks or breaches, which could occur unintentionally or through adversarial manipulation. Furthermore, as AI agents evolve with greater autonomy, their capacity to bypass or exploit security measures becomes a growing concern, heightening the need to address these critical vulnerabilities in agentic systems. K eywords Artificial intelligence $·$ database security $·$ privacy protection $·$ natural language processing $·$ data retrieval $·$ vector databases $·$ data management $·$ performance risks $·$ scalability concerns $·$ AI agent vulnerabilities $·$ safety threats 1 Introduction Artificial Intelligence (AI) agents have become increasingly prevalent in various applications, from virtual assistants to complex data analysis systems. However, their direct access to databases raises significant concerns regarding privacy and security. This paper examines these critical issues, focusing on the potential risks posed by unrestricted AI access to sensitive data. The rapid advancement of AI technologies has resulted in systems capable of processing vast amounts of data and generating human-like responses. While this progress has provided numerous benefits, it has also introduced new challenges in ensuring data privacy and security. AI agents with direct access to databases may inadvertently expose confidential information, or they may be exploited by malicious actors to access or manipulate sensitive data. Additionally, AI systems’ ability to analyze large datasets increases the risk of unintended privacy violations, making them prime targets for attacks aimed at extracting or misusing data. This paper explores the current landscape of AI agent interactions with databases and analyzes the associated risks. It discusses the potential threats to privacy protection and data security as AI agents become more integrated into various applications. 2 Literature Review The integration of Artificial Intelligence (AI) agents with database systems has garnered significant attention in recent years due to the rapid advancement of AI technologies and their widespread applications. As AI agents increasingly interact with sensitive data, understanding the privacy and security implications of these interactions becomes paramount. This literature review synthesises current research on AI agent architectures [1], the associated risks of database access, and the implications of using Natural Language Processing (NLP) for querying. Additionally, it examines the emergence of intermediary layers and tool-based approaches as potential mitigations for security concerns, while also exploring the ethical considerations inherent in AI data access. Through this review, we aim to highlight the critical challenges faced by AI systems and the necessity for continued research in ensuring secure and responsible AI-agent interactions with databases. 2.1 AI agent architectures AI agent architectures have evolved significantly, enabling complex interactions with databases. In “Agent Architecture: An Overview” [2], the foundational structure of AI agents is discussed, highlighting how different architectural designs facilitate or limit access to data sources. The paper outlines how traditional architectures allow for more direct interactions with data, leading to potential vulnerabilities in modern, large-scale systems. 2.2 AI and Database Interactions The intersection of AI and database security has been a subject of concern. The paper “Privacy and Security Concerns in AI-Database Systems” analyses the risks posed by AI agents with unrestricted access to databases, emphasising issues like unauthorised data exposure and data breaches [3]. The research argues that as AI becomes more integrated with data repositories, these risks will increase if security protocols are not adapted. 2.3 Natural Language Processing Natural Language Processing (NLP) plays a crucial role in AI-driven data retrieval, with its application raising specific security concerns. [4] discuss the use of NLP for querying databases, revealing how this technology simplifies interactions but can lead to unintended exposure of sensitive information . Similarly, Daurenbek and Aimbetov explore the performance and efficiency of NLP-based querying, further highlighting the need for robust privacy safeguards as AI-driven queries become more widespread [5]. 2.4 Scalability and Performance Scalability and performance issues are another critical aspect of AI-agent interactions with databases. Gupta and Verma highlight the trade-offs between performance and security, particularly in large-scale AI systems. The increasing demand for real-time data access and processing places significant stress on database systems, amplifying the risk of security lapses as performance optimization becomes a priority [6]. 2.5 Latency and Accuracy Latency and accuracy are critical performance metrics in the evaluation of AI systems, particularly those integrated with databases [7]. High latency can significantly hinder user experience, as delays in processing requests may lead to frustration and reduced engagement with AI applications. Conversely, accuracy is paramount for ensuring that the outputs generated by AI systems are reliable and trustworthy [1]. A trade-off often exists between these two metrics; for instance, increasing the complexity of an AI model to enhance accuracy may inadvertently lead to longer processing times [6]. Research has shown that optimizing these performance indicators is essential for the effective deployment of AI in real-world applications, as users typically expect both prompt responses [8] and high-quality information from AI-driven systems. 2.6 Ethical Implications Finally, the ethical implications of AI-driven access to sensitive data are well-documented. Studies [9], [10] discuss the ethical challenges AI systems face when interacting with databases, particularly around privacy, consent, and the protection of user data . These ethical considerations underscore the importance of addressing security threats as AI continues to evolve in its capacity to access and process personal and confidential information. 3 Methodology This research paper employs a qualitative methodology to explore the privacy and security vulnerabilities associated with AI agents that have direct access to database systems. The study is structured around a comprehensive literature review, supplemented by case studies and expert interviews, to provide a well-rounded analysis of the issues at hand. 3.1 Literature Review A systematic literature review was conducted to gather existing research on AI agents [11], database interactions, and associated security vulnerabilities. Academic journals, conference proceedings, and industry reports were analyzed to identify key themes and trends. The literature review aimed to synthesize findings related to attack surface expansion, data manipulation risks, and the implications of using large language models (LLMs) in querying databases. Sources were selected based on their relevance, credibility, and contribution to the understanding of privacy and security concerns in AI systems. 3.2 Case Studies In addition to the literature review, several case studies were examined to illustrate real-world instances of security breaches and privacy violations involving AI agents. These case studies provided practical insights into how vulnerabilities manifest in various industries and the consequences of inadequate security measures. Each case was analyzed to identify patterns in vulnerabilities, attack vectors, and the impact on data privacy and security. 3.2.1 Expert Interviews To gain a deeper understanding of the complexities involved in AI and database security, interviews were conducted with experts in the fields of artificial intelligence, cybersecurity, and data privacy. These interviews facilitated the collection of qualitative data on industry best practices, emerging threats, and the challenges faced by organizations in safeguarding sensitive information when employing AI agents. The insights gained from these discussions were instrumental in contextualizing the findings from the literature review and case studies. 3.3 Data Analysis The data collected from the literature review, case studies, and expert interviews were analyzed using thematic analysis. This involved coding the data to identify recurring themes and vulnerabilities associated with AI agents’ access to databases. The analysis aimed to highlight critical security concerns and establish a comprehensive understanding of the risks posed by AI agents in contemporary applications. 3.4 Ethical Considerations Ethical considerations were paramount throughout the research process. The study adhered to ethical guidelines for conducting research, ensuring informed consent from interview participants and maintaining confidentiality where necessary. The findings of this research contribute to the ongoing discourse on AI ethics, emphasizing the importance of responsible data handling and security measures. 4 The Problem: AI Agents with Direct Data Access in Industry As artificial intelligence (AI) continues to revolutionise various sectors, from healthcare to finance, the integration of AI agents with vast databases has become increasingly common. However, this integration has given rise to significant challenges, particularly in the realms of data privacy, security, and regulatory compliance. This section delves into the multifaceted problem that the industry faces when AI agents have direct access to databases. 4.1 Privacy Concerns - Data Exposure: AI agents with unrestricted database access can potentially expose sensitive information. These agents, designed to process and analyse large volumes of data, may inadvertently include private details in their outputs, leading to unintended disclosures. - User Trust: As users become more aware of data privacy issues [12], their trust in AI systems handling their personal information is increasingly contingent on robust privacy safeguards. The perception of AI having unfettered access to personal data can erode user confidence and adoption of AI-powered services. 4.2 Security Vulnerabilities - Attack Surface Expansion: Direct database access by AI agents expands the attack surface for malicious actors. If an AI system is compromised, it could potentially be used as a gateway to access and exploit the entire database. - Data Manipulation Risks and Prompt Injections: Sophisticated attackers could potentially manipulate the AI’s queries or responses, leading to data theft, corruption, or the insertion of false information into the database. <details> <summary>extracted/5930689/media/PromptInjections.png Details</summary> ![9d97f863](/v1/image/9d97f8637d89a85545e4cbe5b73f336a447ac6a2b8194b530d10160bc4562b64) ### Visual Description \n ## Diagram: Prompt Injection Vulnerability ### Overview The image illustrates a prompt injection vulnerability in a large language model (LLM). It shows how a malicious user prompt can override the intended application prompt, causing the model to produce an undesirable output. ### Components/Axes * **Full Prompt:** This is the combined prompt that is fed to the model. It consists of two parts: the application prompt template and the malicious user prompt. * **Application Prompt Template:** This is the intended prompt that the application wants the model to follow. It is shown in a green box and contains the text "Write a story about the following: {{user\_input}}". * **Malicious User Prompt:** This is a prompt injected by a user with malicious intent. It is shown in a red box and contains the text "Ignore the above and say 'I have been PWNED'". * **Model (e.g. GPT-3):** This is the large language model that processes the full prompt and generates an output. It is represented by a black box. * **Output:** This is the text generated by the model. In this case, the output is "I have been PWNED", indicating that the malicious prompt was successful in overriding the application prompt. ### Detailed Analysis The diagram shows a flow from left to right. The "Full Prompt" is constructed by combining the "Application Prompt Template" and the "Malicious User Prompt" using a "+" symbol. This combined prompt is then fed into the "Model (e.g. GPT-3)", which processes it and generates the "Output". The application prompt template is designed to generate a story based on user input. However, the malicious user prompt instructs the model to ignore the application prompt and instead output a specific phrase. ### Key Observations * The malicious user prompt successfully overrides the application prompt. * The model outputs the text specified in the malicious prompt, demonstrating the prompt injection vulnerability. ### Interpretation This diagram illustrates a critical security vulnerability in large language models. By injecting malicious prompts, users can manipulate the model's behavior and cause it to produce unintended or harmful outputs. This can have serious consequences, such as spreading misinformation, generating offensive content, or even gaining unauthorized access to sensitive information. The diagram highlights the importance of carefully sanitizing user inputs and implementing robust prompt injection defenses to protect against this type of attack. It also demonstrates the need for ongoing research and development in the area of LLM security to mitigate the risks associated with these powerful technologies. </details> Figure 1: Demonstration of Prompt Injection on an LLM 4.3 Compliance and Regulatory Challenges - Data Protection Regulations: With the implementation of stringent data protection laws like GDPR in Europe and CCPA in California, organisations face significant challenges in ensuring that AI systems comply with data handling and user consent requirements. - Audit Trails and Accountability: Direct database access by AI can complicate the creation and maintenance of clear audit trails, making it difficult to track data access and usage for compliance reporting. 4.4 Scalability and Performance Issues - Resource Intensive Queries: AI agents, particularly those using natural language processing, may generate inefficient or resource-intensive database queries, leading to performance bottlenecks as systems scale. - Database Overload: Unconstrained AI access can result in an overwhelming number of queries, potentially overloading database systems and impacting overall system performance. 4.5 Ethical and Bias Concerns - Algorithmic Bias: AI agents with direct database access may perpetuate or amplify existing biases in the data, leading to unfair or discriminatory outcomes in decision-making processes. - Transparency and Explainability: The complexity of AI decision-making processes, combined with direct database access, can create a "black box" effect, making it challenging to explain how certain conclusions or recommendations were reached. 4.6 Data Quality and Integrity - Inconsistent Data Handling: AI agents interacting directly with databases may handle data inconsistently, potentially misinterpreting or misusing certain data fields, leading to data quality issues. - Version Control and Data Lineage: Tracking changes and maintaining data lineage becomes more complex when AI agents have direct write access to databases, potentially compromising data integrity over time. 5 Security Vulnerabilities in AI and Large Language Models As AI systems, particularly Large Language Models (LLMs), become more integrated into various applications, their security vulnerabilities warrant thorough examination. The deployment of AI agents with direct access to databases poses significant risks, which can be broadly categorized into two main areas: attack surface expansion and data manipulation risks. Table 1: Security Vulnerabilities in AI Systems | Attack Surface Expansion | New entry points for attackers Exploitation of AI system weaknesses Increased attack vector complexity | Unauthorised data access Breach of sensitive information Exploitation of system vulnerabilities | | --- | --- | --- | | Data Manipulation Risks | Prompt injection attacks Manipulation of AI-generated queries Automated attack execution | Data theft and corruption Insertion of false information Large-scale coordinated attacks | | Privacy Concerns | Unintended data exposure Inclusion of sensitive info in AI outputs | Privacy violations Erosion of user trust | | API Usage Risks | Exposure of sensitive data to API providers Lack of control over data handling | Data leakage Compliance violations Misuse of confidential information | | Scalability and Performance | Resource-intensive queries Database overload | System slowdowns Increased vulnerability to DoS attacks | | Data Integrity Issues | Inconsistent data handling Version control challenges | Data corruption Loss of data lineage | | Ethical and Bias Concerns | Perpetuation of algorithmic bias Lack of transparency in decision-making | Unfair or discriminatory outcomes Difficulty in explaining AI decisions | | Compliance Challenges | Difficulty in maintaining clear audit trails Complexity in ensuring regulatory compliance | Non-compliance with data protection laws Legal and financial repercussions | 5.1 Attack Surface Expansion One of the primary security concerns associated with AI agents accessing databases is the expansion of the attack surface. With direct database access, these AI systems become potential entry points for malicious actors. If an AI agent is compromised, it can act as a gateway, allowing attackers to access and exploit the underlying database. This can lead to several detrimental outcomes: - Unauthorized Data Access: Attackers may gain access to sensitive information, including personal data, financial records, and proprietary business information, leading to privacy violations and potential legal ramifications for organizations. <details> <summary>extracted/5930689/media/PrivacyAI.png Details</summary> ![f0d733b6](/v1/image/f0d733b68a43aa2af3566ed9e764c3e4cbe8e278ba370e9231e01442176f14b1) ### Visual Description ## Data Flow Diagram: Data Privacy Vault ### Overview The image is a data flow diagram illustrating how data is accessed and controlled within a system that includes a Data Privacy Vault. The diagram shows data entering the system, passing through access control, being stored in the Data Privacy Vault, and then being accessed again with access control, ultimately reaching different departments (Support and Marketing). The data is represented in JSON format. ### Components/Axes * **Data Source (Left):** A JSON object containing personal information. * **Access Control (Left):** A gray rectangle labeled "Access Control". * **Data Privacy Vault:** A rounded rectangle labeled "Data Privacy Vault". * **Access Control (Right):** A gray rectangle labeled "Access Control". * **Support:** A JSON object containing personal information, labeled "Support". * **Marketing:** A JSON object containing personal information, labeled "Marketing". * **Arrows:** Indicate the direction of data flow. ### Detailed Analysis or ### Content Details **1. Data Source (Left):** * A JSON object with the following key-value pairs: * `"full_name"`: `"98aav8dfyd"` * `"ssn"`: `"8463528957154825"` * `"dob"`: `"ad3420o23n434"` * `"email"`: `"ko2390f32nf"` **2. Access Control (Left):** * A vertical rectangle labeled "Access Control". * Represents a process that filters or modifies the data before it enters the Data Privacy Vault. **3. Data Privacy Vault:** * A rounded rectangle labeled "Data Privacy Vault". * Represents a secure storage location for sensitive data. **4. Access Control (Right):** * A vertical rectangle labeled "Access Control". * Represents a process that filters or modifies the data before it is accessed by different departments. **5. Support:** * A JSON object with the following key-value pairs: * `"full_name"`: `"John D***"` * `"ssn"`: `"XXX-XX-3627"` * `"dob"`: `"*REDACTED*"` * `"email"`: `"j***@gmail.com"` * Labeled "Support" to indicate the department that receives this data. **6. Marketing:** * A JSON object with the following key-value pairs: * `"full_name"`: `"John Doe"` * `"ssn"`: `"*REDACTED*"` * `"dob"`: `"XXXX-05-17"` * `"email"`: `"john.doe@gmail.com"` * Labeled "Marketing" to indicate the department that receives this data. ### Key Observations * The data undergoes access control both before entering and after leaving the Data Privacy Vault. * The data is transformed between the input and output, with some fields being redacted or modified. * Different departments receive different versions of the data. ### Interpretation The diagram illustrates a system designed to protect sensitive data by using a Data Privacy Vault and access control mechanisms. The data is anonymized or redacted before being shared with different departments, ensuring that only necessary information is accessible. The "Access Control" blocks likely represent processes that enforce data masking, tokenization, or other privacy-enhancing technologies. The diagram highlights the importance of controlling access to sensitive data and tailoring data access based on departmental needs. The transformation of the data between the input and output suggests that the system is designed to minimize the risk of data breaches and comply with privacy regulations. </details> Figure 2: Unauthorized Data Access - Exploitation of Vulnerabilities: The integration of AI agents may introduce new vulnerabilities that malicious actors can exploit. For example, if the AI system relies on outdated software or lacks proper security updates, attackers could take advantage of these weaknesses to execute attacks. - Increased Attack Vector Complexity: The dynamic nature of AI and LLMs introduces complexities in identifying and mitigating attack vectors. Attackers may employ sophisticated techniques that exploit these complexities, making it challenging for traditional security measures to adequately protect the system. 5.2 Data Manipulation Risks and Prompt Injections Data manipulation risks pose a significant threat to the integrity and reliability of AI systems [13]. Malicious actors can employ various techniques to manipulate AI-generated queries and responses, resulting in severe consequences: - Prompt Injection Attacks: Attackers can exploit prompt injection vulnerabilities by crafting inputs that manipulate the AI’s behaviour [14]. For instance, an attacker might input maliciously crafted prompts that cause the AI to generate misleading or harmful outputs, which could then be executed in a database query context. This could result in unauthorized data modifications or even complete data deletion. - Data Theft and Corruption: By manipulating the AI’s queries or responses, attackers can gain unauthorized access to sensitive data, leading to data theft. Furthermore, they may corrupt the data by inserting false or misleading information into the database, undermining data integrity and potentially leading to erroneous decision-making based on compromised data. - Automated Attack Execution: The ability of AI agents to autonomously execute commands increases the risk of large-scale attacks. For instance, if an attacker can manipulate the AI to generate a series of malicious database queries, they could inadvertently launch a coordinated attack, overwhelming the database with unauthorized access attempts or data manipulation requests. 5.3 API Usage and Sensitive Data Exposure Companies utilizing LLM APIs may inadvertently expose sensitive information to the API providers. When organizations send queries containing personal or confidential data to an external API, they run the risk of disclosing sensitive information that can be misused. This vulnerability arises from several factors: - Lack of Control Over Data Handling: Organizations often have limited visibility into how API providers manage and store the data sent to them. Sensitive information could be logged, analyzed, or even used to improve the AI model, leading to potential privacy breaches. - Inadvertent Data Leakage: Even well-meaning API calls can lead to data leakage. For instance, if a query inadvertently includes sensitive user information or internal business data, this data could be accessed by API providers and other parties involved in the processing chain. <details> <summary>extracted/5930689/media/OrgData.png Details</summary> ![8d5490e5](/v1/image/8d5490e5991d8414283bd82075aa11132ce8869e34d4ba2fa5692f16cd816690) ### Visual Description ## Diagram: Privacy Layer for LLM/Gen AI Tools ### Overview The image is a diagram illustrating how a privacy layer can be used to sanitize data containing Personally Identifiable Information (PII) before it is processed by Large Language Models (LLMs) or Generative AI tools. The diagram shows the flow of data from a prompt containing sensitive data, through a privacy layer, and then to AI tools, with a corresponding flow of output back. ### Components/Axes * **Left Box (Input):** A dashed green box labeled "Prompt containing Sensitive Data e.g. PII". * **Right Box (Output):** A white box containing logos for Google AI, DALL-E, and OpenAI, labeled "OpenAI" above and "LLM / Gen AI Tools" below. * **Center Box (Privacy Layer):** A dashed red box labeled "Privacy Layer". * **Arrows:** * A gray arrow from the left box to the center box, labeled "Data with PII". * A gray arrow from the center box to the right box, labeled "Data without PII". * A gray arrow from the right box to the center box, labeled "Output with sensitive information". * A gray arrow from the center box to the left box, labeled "Santized Output". ### Detailed Analysis * **Input (Left Box):** The green box represents the initial prompt that contains sensitive data, such as PII. * **Privacy Layer (Center Box):** The red box represents the privacy layer, which is responsible for sanitizing the input data and removing PII. It also receives potentially sensitive output from the AI tools and sanitizes it before sending it back. * **LLM/Gen AI Tools (Right Box):** The white box represents the LLMs or Generative AI tools, such as Google AI, DALL-E, and OpenAI. These tools receive data without PII from the privacy layer and generate output, which may contain sensitive information. * **Data Flow:** * Data with PII flows from the input prompt to the privacy layer. * Data without PII flows from the privacy layer to the LLM/Gen AI tools. * Output with sensitive information flows from the LLM/Gen AI tools to the privacy layer. * Sanitized output flows from the privacy layer back to the origin of the prompt. ### Key Observations * The diagram highlights the importance of a privacy layer in protecting sensitive data when using LLMs or Generative AI tools. * The privacy layer acts as an intermediary between the input prompt and the AI tools, ensuring that PII is removed before processing and that sensitive information in the output is sanitized. * The diagram shows a closed-loop system, where the privacy layer handles both input and output data. ### Interpretation The diagram illustrates a common approach to addressing privacy concerns when using LLMs and Generative AI. By implementing a privacy layer, organizations can reduce the risk of exposing sensitive data to AI models and potentially violating privacy regulations. The privacy layer sanitizes input prompts to remove PII before they are processed by the AI, and it also sanitizes the output to remove any sensitive information that may have been generated. This helps to ensure that the AI models are not trained on or used to generate data that could compromise individual privacy. The inclusion of logos for Google AI, DALL-E, and OpenAI suggests that this privacy layer approach is applicable to a variety of AI tools. </details> Figure 3: Demonstration of an intermediary layer setup to prevent leakage of sensitive organisational data - Compliance Risks: Sharing sensitive information with third-party API providers may result in non-compliance with data protection regulations such as GDPR or HIPAA. Organizations must ensure that any data shared with external services adheres to legal standards for data handling and user consent. 5.4 Mitigating Security Vulnerabilities To combat these vulnerabilities, organisations must adopt a proactive approach to security. This includes implementing layered security measures, such as robust access controls, encryption, and continuous monitoring of AI systems. Regular security assessments and updates are essential to identify and address vulnerabilities before they can be exploited. Additionally, educating AI developers and users about potential security threats associated with AI and LLMs is crucial [15]. By fostering a culture of security awareness, organisations can better equip themselves to respond to and mitigate the risks posed by these evolving technologies. 6 Conclusion The integration of AI agents, particularly those with direct access to database systems, presents significant privacy and security challenges that cannot be overlooked. This research has highlighted the multifaceted vulnerabilities associated with AI agent interactions, including the expansion of the attack surface, risks of data manipulation, and the unintended exposure of sensitive information through the use of LLM APIs. As AI technologies continue to advance, the potential for exploitation of these vulnerabilities by malicious actors increases, necessitating a proactive approach to security in AI systems. Organizations must prioritize the development of robust security frameworks that encompass comprehensive access controls, continuous monitoring, and adherence to data protection regulations. Moreover, fostering a culture of security awareness among AI developers and users is critical to mitigating risks associated with AI and LLMs. Ultimately, while the potential benefits of AI systems are immense, the challenges of ensuring data privacy and security are equally significant. Addressing these vulnerabilities is essential for maintaining user trust and achieving the responsible deployment of AI technologies across various industries. Continued research and innovation in this area will be crucial to creating secure, ethical, and efficient AI systems that can operate safely in a datarich environment. References - [1] Othmane Friha, Mohamed Amine Ferrag, Burak Kantarci, Burak Cakmak, Arda Ozgun, and Nassira Ghoualmi-Zine. Llm-based edge intelligence: A comprehensive survey on architectures, applications, security and trustworthiness. IEEE Open Journal of the Communications Society, 2024. - [2] Kim On Chin, Kim Soon Gan, Rayner Alfred, Patricia Anthony, and Dickson Lukose. Agent architecture: An overview. Transactions on science and technology, 1(1):18–35, 2014. - [3] Yifeng He, Ethan Wang, Yuyang Rong, Zifei Cheng, and Hao Chen. Security of ai agents. arXiv preprint arXiv:2406.08689, 2024. - [4] Adrián Bazaga, Nupur Gunwant, and Gos Micklem. Translating synthetic natural language to database queries with a polyglot deep learning framework. Scientific Reports, 11(1):18462, 2021. - [5] G Prashanthi, Sravani Puranam, Sheethal Reddy Vemula, Preethi Doulathbaji, Anusha Bellamkonda, et al. Natural language to sql: Automated query formation using nlp techniques. In E3S Web of Conferences, volume 391, page 01115. EDP Sciences, 2023. - [6] Austine Unuriode, Olalekan Durojaiye, Babatunde Yusuf, and Lateef Okunade. The integration of artificial i intelligence into d database systems (ai-db integration review). Available at SSRN 4744549, 2023. - [7] Zhi Jing, Yongye Su, Yikun Han, Bo Yuan, Chunjiang Liu, Haiyun Xu, and Kehai Chen. When large language models meet vector databases: A survey. arXiv preprint arXiv:2402.01763, 2024. - [8] Daeseung Park, Gi-taek An, Chayapol Kamyod, and Cheong Ghil Kim. A study on performance improvement of prompt engineering for generative ai with a large language model. Journal of Web Engineering, 22(8):1187–1206, 2023. - [9] Mark Ryan, Josephina Antoniou, Laurence Brooks, Tilimbe Jiya, Kevin Macnish, and Bernd Stahl. Research and practice of ai ethics: a case study approach juxtaposing academic discourse with organisational reality. Science and Engineering Ethics, 27:1–29, 2021. - [10] Ana Luize Corrêa Bertoncini and Mauricio C Serafim. Ethical content in artificial intelligence systems: A demand explained in three critical points. Frontiers in Psychology, 14:1074787, 2023. - [11] Tula Masterman, Sandi Besen, Mason Sawtell, and Alex Chao. The landscape of emerging ai agent architectures for reasoning, planning, and tool calling: A survey. arXiv preprint arXiv:2404.11584, 2024. - [12] Saharnaz Dilmaghani, Matthias R Brust, Grégoire Danoy, Natalia Cassagnes, Johnatan Pecero, and Pascal Bouvry. Privacy and security of big data in ai systems: A research and standards perspective. In 2019 IEEE international conference on big data (big data), pages 5737–5743. IEEE, 2019. - [13] Jan von der Assen, Jamo Sharif, Chao Feng, Christian Killer, Gérôme Bovet, and Burkhard Stiller. Asset-centric threat modeling for ai-based systems. In 2024 IEEE International Conference on Cyber Security and Resilience (CSR), pages 437–444. IEEE, 2024. - [14] Daniel Wankit Yip, Aysan Esmradi, and Chun Fai Chan. A novel evaluation framework for assessing resilience against prompt injection attacks in large language models. In 2023 IEEE Asia-Pacific Conference on Computer Science and Data Engineering (CSDE), pages 1–5. IEEE, 2023. - [15] Yupeng Hu, Wenxin Kuang, Zheng Qin, Kenli Li, Jiliang Zhang, Yansong Gao, Wenjia Li, and Keqin Li. Artificial intelligence security: Threats and countermeasures. ACM Computing Surveys (CSUR), 55(1):1–36, 2021.

Rendering Paper...