大模型推理服务安全加固指南

随着大模型应用的普及，推理服务的安全防护变得尤为重要。本文将从访问控制、输入验证、输出过滤等维度，提供一套可复现的安全加固方案。

1. 访问控制加固

from flask import Flask, request, jsonify
from functools import wraps
import jwt

app = Flask(__name__)
SECRET_KEY = "your-secret-key"

# API密钥验证装饰器
def require_api_key(f):
    @wraps(f)
    def decorated_function(*args, **kwargs):
        api_key = request.headers.get('X-API-Key')
        if not api_key or api_key != SECRET_KEY:
            return jsonify({'error': 'Invalid API Key'}), 401
        return f(*args, **kwargs)
    return decorated_function

@app.route('/infer', methods=['POST'])
@require_api_key
def inference():
    # 推理逻辑
    pass

2. 输入验证与过滤

import re
from typing import Dict, List

class InputValidator:
    @staticmethod
    def validate_input(prompt: str) -> bool:
        # 检查长度限制
        if len(prompt) > 1000:
            return False
        
        # 检查恶意模式
        malicious_patterns = [
            r'\b(select|update|delete|drop|create)\b',
            r'\b(union|union all|order by|group by)\b'
        ]
        for pattern in malicious_patterns:
            if re.search(pattern, prompt, re.IGNORECASE):
                return False
        
        return True

3. 输出安全过滤

import html

def sanitize_output(response: str) -> str:
    # HTML转义防止XSS攻击
    sanitized = html.escape(response)
    
    # 移除潜在危险字符
    dangerous_chars = ['<', '>', '&', '"', "'"]
    for char in dangerous_chars:
        sanitized = sanitized.replace(char, '')
    
    return sanitized

4. 请求频率限制

from flask_limiter import Limiter
from flask_limiter.util import get_remote_address

limiter = Limiter(
    app,
    key_func=get_remote_address,
    default_limits=["100 per hour"]
)

@app.route('/infer')
@limiter.limit("10 per minute")
def inference():
    return "推理结果"

通过以上加固措施，可显著提升大模型推理服务的安全性。建议在生产环境中实施这些防护机制。