From 0957fe49cd5c186a32f6fddc3320842ee1ab0fc9 Mon Sep 17 00:00:00 2001
From: Suha Sabi Hussain <suhashussain1@gmail.com>
Date: Thu, 4 Jan 2024 19:55:52 -0500
Subject: [PATCH] Add prompt extraction paper

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index e260b6b..8b255c7 100755
--- a/README.md
+++ b/README.md
@@ -249,6 +249,7 @@ Reconstruction attacks cover also attacks known as *model inversion* and *attrib
 
 
 # Other
+- [**Prompts Should not be Seen as Secrets: Systematically Measuring Prompt Extraction Attack Success**](https://arxiv.org/abs/2307.06865)(Zhang et al., 2023)
 - [**Amnesiac Machine Learning**](https://arxiv.org/abs/2010.10981) (Graves et al., 2020)
 - [**Toward Robustness and Privacy in Federated Learning: Experimenting with Local and Central Differential Privacy**](https://arxiv.org/abs/2009.03561) (Naseri et al., 2020)
 - [**Analyzing Information Leakage of Updates to Natural Language Models**](https://arxiv.org/abs/1912.07942) (Brockschmidt et al., 2020)