SOTA Prompt Injection Defense benchmarks and papers with code

Benchmarks

Dataset Name	SOTA Method	Metric
Inj-SQuAD	StruQ	Combined ASR0.11	123	1mo ago
SEP		ASR0	24	6d ago
OPI (Open-Prompt-Injection)	DataSentinel	ASR0	24	6d ago
AgentDojo New Attack 2		Utility under Attack (UA)89.78	23	3mo ago
AgentDojo New Attack 1		Utility under Attack89.88	23	3mo ago
AgentDojo Important Instructions		Utility under Attack0.9041	23	3mo ago
AgentDojo No Attack		Benign Utility92.78	23	3mo ago
Indirect Prompt Injection Tail 1.0	Extraction removal method	ASR Naive0.11	18	3mo ago
Indirect Prompt Injection Middle 1.0	StruQ	Naive ASR0.11	18	3mo ago
Indirect Prompt Injection Head 1.0	Segmentation removal method	ASR Naive0.11	18	3mo ago
WASP	Attn.Tracker	Attack Success Rate (ASR)0	16	1mo ago
CSQA	INFA-GUARD	ASR@313.4	16	3mo ago
PI (CSQA) random topology		ASR @150	16	3mo ago
GSM8K PI (Prompt Injection) (test)		ASR@13.3	16	3mo ago
Prompt Injection Attacks (test)	Ours-Ignore	Naive ASR0.9	16	3mo ago
Adaptive Prompt Injection (train)	ACT	Attack Success Rate (ASR)32	15	6d ago
Adaptive Prompt Injection (test)	ACT	Attack Success Rate (ASR)37	15	6d ago
AgentDojo		Benign Utility77.3	13	1mo ago
Jailbreak MI-FGSM		Attack Success Rate4	12	8d ago
Jailbreak APGD	Gradient-guided Token Suppression	ASR1	12	8d ago
LCC		Utility67	12	2mo ago
VPI-Bench		ASR (Amazon)96.5	10	1mo ago
LLMail full 22,899-attack pool	Pipeline	ASR0	10	2mo ago
AgentDojo Indirect Injection (test)		Utility (No Attack)90	9	1mo ago
OpenPromptInjection Direct Injection		BU100	9	1mo ago

Showing 25 of 53 rows