Copilot - Jailbreak Detection
Copilot Jailbreak Detected
Query
CopilotActivity
| where RecordType == "CopilotInteraction"
| extend LLMData = parse_json(LLMEventData)
| mv-expand Message = LLMData.Messages
| extend JailbreakDetected = tobool(Message.JailbreakDetected)
| where JailbreakDetected == true
//| project TimeGenerated, ActorName, AppHost, AIModelName, MessageId = tostring(Message.Id), IsPrompt = tobool(Message.isPrompt)
| order by TimeGenerated descAbout this query
Explanation
This KQL query is designed to detect and retrieve events related to "jailbreak" attempts in Microsoft Copilot, which is an AI-powered tool. Here's a simple breakdown of what the query does:
-
Data Source: It looks at the
CopilotActivitytable, which contains records of interactions with Copilot. -
Filtering:
- The query specifically filters for records where the
RecordTypeis "CopilotInteraction", indicating that these are interactions with the Copilot tool. - It then parses the
LLMEventDatafield to extract JSON data and focuses on theMessageswithin this data.
- The query specifically filters for records where the
-
Jailbreak Detection:
- It checks each message to see if a jailbreak attempt was detected by converting the
JailbreakDetectedfield to a boolean. - The query filters to only include messages where
JailbreakDetectedis true, meaning a jailbreak attempt was identified.
- It checks each message to see if a jailbreak attempt was detected by converting the
-
Sorting: The results are ordered by the time the event was generated, with the most recent events appearing first.
-
Additional Log Entry:
- Another log entry is provided, which also looks at the
CopilotActivitytable. - It parses the
LLMEventDatato extract accessed resources and checks if any resource name matches "JailBreak". - This log entry projects various fields like
TimeGenerated,Action,Id,Name,Type, and others, providing additional context about the jailbreak attempt.
- Another log entry is provided, which also looks at the
Overall, this query is part of a testing phase to monitor and detect jailbreak attempts in interactions with Microsoft Copilot, helping to ensure the security and integrity of the AI tool.
