Defensive LLM Calling

Kyoto Tech Talk #9 2025/12/05 Defensive LLM Calling Katsuya Ogata

ࣗݾ঺հ • ໊લ: ॹํ ࠀ࠸ʢ͓͕ͨ ͔ͭ΍ʣ • ॴଐ: େࡕେֶ ৘ใՊֶݚڀՊ
• झຯ: ొࢁɾཱྀߦɾα΢φ • MLLMΛ༻͍ͨಈըղੳͷݚڀ • ϝϧϘϧϯʹߦͬͯ·ͨ͠ • X: @ogata_katsuya • ݸਓ: www.ogatakatsuya.com ϝϧϘϧϯཱྀߦ ޒ৭ϲݪ΁ͷొࢁ

AWS 2025/10/20 Google Cloud 2025/06/13 Azure 2025/10/29

Ϋϥ΢υ͸յΕΔલఏͰར༻͢Δ

2025೥ʹো֐͕ى͖ͯͨͷ͸ʁ

શ෦

ো֐ͷݪҼͱ಺༰ • ݪҼ • AIΛϗετ͍ͯ͠ΔΫϥ΢υͷো֐ • ίϯύΠϥͷόάʢΠϯϑϥىҼʣ • ಺༰ •
ϨΠςϯγͷٸܹͳ૿Ճ • ਫ਼౓ͷ௿Լ • ͦ΋ͦ΋LLMΛݺͼग़͢͜ͱ͕Ͱ͖ͳ͍

LLM΋յΕΔલఏͰར༻͢Δ

Application Layer Transport Layer Network Layer Network Access Layer TCP/IP

τϥϯεϙʔτ૚ • ΞυϨε͸ϙʔτ൪߸ͷΈʢIPΛ஌ͬͯΔͷ͸ωοτϫʔΫ૚ʣ • ͲΜͳωοτϫʔΫͷܦ࿏Λ௨Δ͔͸஌Βͳ͍ • ωοτϫʔΫͦͷ΋ͷΛ৴པ͍ͯ͠ͳ͍લఏͰ࣮֬ʹσʔλΛૹΓಧ͚Δ • ࠶ૹ੍ޚɺ᫔᫓੍ޚɺޡΓݕग़ •
ʢ๻ͷߟ͑Δʣτϥϯεϙʔτ૚ͷ໾ׂ • ΞϓϦέʔγϣϯ૚ʹωοτϫʔΫͷ੾ΓޱΛݟͤΔ • ΞϓϦέʔγϣϯ͸ωοτϫʔΫͷҧ͍Λҙࣝ͠ͳͯ͘ྑ͍ • ωοτϫʔΫͦͷ΋ͷͷ৴པੑΛ୲อ͢Δ

Application Layer Transport Layer Network Layer Network Access Layer TCP/IP

Application Endpoint ????? LLM Calling LLM Calling ͜͜

LLM Callingʹ͓͚Δτϥϯεϙʔτ૚ • LLM Providerͷҧ͍Λٵऩͯ͠ɺͦͷ੾Γޱ͚ͩΛݟͤΔ • ந৅Խ • Ӆṭ •
LLM ProviderΛ৴པ͍ͯ͠ͳ͍લఏͰ඼࣭Λ୲อ͢Δ • ϦτϥΠॲཧ • ଞͷProvider΁ͷϑΥʔϧόοΫ • ඞͣԿ͔͠ΒͷϨεϙϯε͕ฦͬͯ͘Δ

PythonͰͷ࣮૷ྫ abcΛ༻͍ͨந৅Ϋϥεͷ࡞੒ LiteLLMͱ͍͏ศརϥΠϒϥϦ΋͋Γ·͢

PythonͰͷ࣮૷ྫ ֤ϓϩόΠμʔͰͷந৅ϝιουͷ࣮૷

PythonͰͷ࣮૷ྫ LLM Callingͷτϥϯεϙʔτ૚(͔ͳΓ୺ંͬͯ·͢)

LLM Caller໨ઢ • τϥϯεϙʔτ૚ʹඞཁͳύϥϝʔλΛ౉͚ͩ͢ • ͲΜͳϓϩόΠμͰ࣮ߦ͞ΕΔ͔͸஌Βͳ͍ • ΠϯλʔϑΣʔε͚ͩΛҙࣝͯ͠ɺͦΕҎԼΛؾʹ͠ͳ͍ • ͚ͩͲɺҰఆ඼࣭͕อͨΕͯɺ͋Δఔ౓ͷ଎౓Ͱฦ౴͕ฦͬͯ͘Δ

ສࣄղܾʁʁʁ • LLMͷো֐͸ૉ௚ʹΤϥʔΛు͍ͯམͪͯ͘Εͳ͍ • Ϩεϙϯε͕500൪୆ͳΒେৎ෉ • ϨΠςϯγ͕૿Ճ͢Δ • λΠϚʔͱϦτϥΠॲཧͰͳΜͱ͔ͳΔʢ͔΋ʣ •
ਫ਼౓͕མͪΔ • ো֐Λײ஌͢Δ͜ͱ͕೉͍͠ • ࠷ऴతʹ͸ɺ͜·Ίͳ؂ࢹͱɺϢʔβʔͷ੠ʹৗʹහײͰ͋Δ͜ͱ͕ॏཁ • Langfuse΍LangsmithͳͲͷLLM؂ࢹମ੍ͷ੔උ΋ඞཁ

·ͱΊ • ͜ͷLTʹ໌֬ͳ౴͑͸͋Γ·ͤΜ • LLMͷ඼࣭Λ୲อ͢Δͷ͸ϓϩόΠμ͸΋ͪΖΜɺϢʔβʔ΋੹຿Λෛ͍ͬͯ Δͱ͍͏໰୊ఏى • ࠷௿ݶఏڙ͢΂͖αʔϏεͷ඼࣭Λ୲อ͢ΔͨΊͷϑΥʔϧόοΫઓུΛߟ͑ ͍ͯ͘ඞཁ͕͋Δ •
օ͞Μ͕࣮ફ͍ͯ͠ΔϑΥʔϧόοΫઓུɾख๏Λڭ͍͑ͯͩ͘͞

Reference • https://azure.status.microsoft/en-us/status/history/ • https://www.youtube.com/watch?v=D297rfqSFvY • https://status.cloud.google.com/incidents/ow5i3PPK96RduMcb1SsW • https://www.mobihealthnews.com/news/google-cloud-outage-disrupts-ai- services-used-healthcare
• https://www.youtube.com/watch?v=Ar_ckPSwe1Y • https://www.anthropic.com/engineering/a-postmortem-of-three-recent-issues

Defensive LLM Calling

Defensive LLM Calling

Ogata Katsuya

More Decks by Ogata Katsuya

Featured

Transcript

Kyoto Tech Talk #9 2025/12/05 Defensive LLM Calling Katsuya Ogata

ࣗݾ঺հ • ໊લ: ॹํ ࠀ࠸ʢ͓͕ͨ ͔ͭ΍ʣ • ॴଐ: େࡕେֶ ৘ใՊֶݚڀՊ

AWS 2025/10/20 Google Cloud 2025/06/13 Azure 2025/10/29

Ϋϥ΢υ͸յΕΔલఏͰར༻͢Δ

2025೥ʹো֐͕ى͖ͯͨͷ͸ʁ

શ෦

ো֐ͷݪҼͱ಺༰ • ݪҼ • AIΛϗετ͍ͯ͠ΔΫϥ΢υͷো֐ • ίϯύΠϥͷόάʢΠϯϑϥىҼʣ • ಺༰ •

LLM΋յΕΔલఏͰར༻͢Δ

🤔

Application Layer Transport Layer Network Layer Network Access Layer TCP/IP

τϥϯεϙʔτ૚ • ΞυϨε͸ϙʔτ൪߸ͷΈʢIPΛ஌ͬͯΔͷ͸ωοτϫʔΫ૚ʣ • ͲΜͳωοτϫʔΫͷܦ࿏Λ௨Δ͔͸஌Βͳ͍ • ωοτϫʔΫͦͷ΋ͷΛ৴པ͍ͯ͠ͳ͍લఏͰ࣮֬ʹσʔλΛૹΓಧ͚Δ • ࠶ૹ੍ޚɺ᫔᫓੍ޚɺޡΓݕग़ •

🤔

Application Layer Transport Layer Network Layer Network Access Layer TCP/IP

Application Endpoint ????? LLM Calling LLM Calling ͜͜

LLM Callingʹ͓͚Δτϥϯεϙʔτ૚ • LLM Providerͷҧ͍Λٵऩͯ͠ɺͦͷ੾Γޱ͚ͩΛݟͤΔ • ந৅Խ • Ӆṭ •

PythonͰͷ࣮૷ྫ abcΛ༻͍ͨந৅Ϋϥεͷ࡞੒ LiteLLMͱ͍͏ศརϥΠϒϥϦ΋͋Γ·͢

PythonͰͷ࣮૷ྫ ֤ϓϩόΠμʔͰͷந৅ϝιουͷ࣮૷

PythonͰͷ࣮૷ྫ LLM Callingͷτϥϯεϙʔτ૚(͔ͳΓ୺ંͬͯ·͢)

LLM Caller໨ઢ • τϥϯεϙʔτ૚ʹඞཁͳύϥϝʔλΛ౉͚ͩ͢ • ͲΜͳϓϩόΠμͰ࣮ߦ͞ΕΔ͔͸஌Βͳ͍ • ΠϯλʔϑΣʔε͚ͩΛҙࣝͯ͠ɺͦΕҎԼΛؾʹ͠ͳ͍ • ͚ͩͲɺҰఆ඼࣭͕อͨΕͯɺ͋Δఔ౓ͷ଎౓Ͱฦ౴͕ฦͬͯ͘Δ

ສࣄղܾʁʁʁ • LLMͷো֐͸ૉ௚ʹΤϥʔΛు͍ͯམͪͯ͘Εͳ͍ • Ϩεϙϯε͕500൪୆ͳΒେৎ෉ • ϨΠςϯγ͕૿Ճ͢Δ • λΠϚʔͱϦτϥΠॲཧͰͳΜͱ͔ͳΔʢ͔΋ʣ •

·ͱΊ • ͜ͷLTʹ໌֬ͳ౴͑͸͋Γ·ͤΜ • LLMͷ඼࣭Λ୲อ͢Δͷ͸ϓϩόΠμ͸΋ͪΖΜɺϢʔβʔ΋੹຿Λෛ͍ͬͯ Δͱ͍͏໰୊ఏى • ࠷௿ݶఏڙ͢΂͖αʔϏεͷ඼࣭Λ୲อ͢ΔͨΊͷϑΥʔϧόοΫઓུΛߟ͑ ͍ͯ͘ඞཁ͕͋Δ •

Reference • https://azure.status.microsoft/en-us/status/history/ • https://www.youtube.com/watch?v=D297rfqSFvY • https://status.cloud.google.com/incidents/ow5i3PPK96RduMcb1SsW • https://www.mobihealthnews.com/news/google-cloud-outage-disrupts-ai- services-used-healthcare