Peak + Accumulation: A Proxy-Level Scoring Formula for Multi-Turn LLM Attack Detection
#prompt injection #multi‑turn attack #LLM detection #risk scoring #proxy detection #arXiv preprint #Peak + Accumulation formula
📌 Key Takeaways
- Multi‑turn prompt injection attacks distribute malicious intent over several conversation turns.
- Conventional single‑turn detection methods do not aggregate risk across turns.
- No published formula existed for proxy‑level aggregation of per‑turn pattern scores without invoking an LLM.
- The authors present a Peak + Accumulation scoring mechanism that addresses a flaw in the intuitive weighted‑average approach.
- This new formula aims to provide a straightforward risk metric that can be applied at the proxy layer in real‑time.
📖 Full Retelling
WHO: Researchers who published a preprint on arXiv. WHAT: They introduce a new Peak + Accumulation formula for aggregating per‑turn detections into a single conversation‑level risk score at the proxy layer, bypassing the need for a language model. WHERE: The work was posted as arXiv:2602.11247v1. WHEN: It appeared in late February 2026. WHY: The goal is to detect multi‑turn prompt injection attacks, which spread malicious intent across several exchanges and so far have lacked an effective proxy‑side aggregation formula.
🏷️ Themes
AI Security, Prompt Injection, LLM Risk Detection, Proxy Layer Monitoring
Entity Intersection Graph
No entity connections available yet for this article.
Original Source
arXiv:2602.11247v1 Announce Type: cross
Abstract: Multi-turn prompt injection attacks distribute malicious intent across multiple conversation turns, exploiting the assumption that each turn is evaluated independently. While single-turn detection has been extensively studied, no published formula exists for aggregating per-turn pattern scores into a conversation-level risk score at the proxy layer -- without invoking an LLM. We identify a fundamental flaw in the intuitive weighted-average appro
Read full article at source