📊 Статистика дайджестов
Всего дайджестов: 34022 Добавлено сегодня: 0
Последнее обновление: сегодня
Авторы:
Van Nguyen, Surya Nepal, Xingliang Yuan, Tingmin Wu, Fengchao Chen, Carsten Rudolph
Саммари на русском не найдено
Доступные поля: ['id', 'arxiv_id', 'title', 'authors', 'abstract', 'summary_ru', 'categories', 'published_date', 'created_at']
Доступные поля: ['id', 'arxiv_id', 'title', 'authors', 'abstract', 'summary_ru', 'categories', 'published_date', 'created_at']
Annotation:
Software vulnerabilities (SVs) pose a critical threat to safety-critical
systems, driving the adoption of AI-based approaches such as machine learning
and deep learning for software vulnerability detection. Despite promising
results, most existing methods are limited to a single programming language.
This is problematic given the multilingual nature of modern software, which is
often complex and written in multiple languages. Current approaches often face
challenges in capturing both shared and ...
Авторы:
Shuai Zhao, Xinyi Wu, Shiqian Zhao, Xiaobao Wu, Zhongliang Guo, Yanhao Jia, Anh Tuan Luu
Саммари на русском не найдено
Доступные поля: ['id', 'arxiv_id', 'title', 'authors', 'abstract', 'summary_ru', 'categories', 'published_date', 'created_at']
Доступные поля: ['id', 'arxiv_id', 'title', 'authors', 'abstract', 'summary_ru', 'categories', 'published_date', 'created_at']
Annotation:
During fine-tuning, large language models (LLMs) are increasingly vulnerable
to data-poisoning backdoor attacks, which compromise their reliability and
trustworthiness. However, existing defense strategies suffer from limited
generalization: they only work on specific attack types or task settings. In
this study, we propose Poison-to-Poison (P2P), a general and effective backdoor
defense algorithm. P2P injects benign triggers with safe alternative labels
into a subset of training samples and fin...
Авторы:
Santhosh KumarRavindran
Саммари на русском не найдено
Доступные поля: ['id', 'arxiv_id', 'title', 'authors', 'abstract', 'summary_ru', 'categories', 'published_date', 'created_at']
Доступные поля: ['id', 'arxiv_id', 'title', 'authors', 'abstract', 'summary_ru', 'categories', 'published_date', 'created_at']
Annotation:
The rapid adoption of large language models (LLMs) in enterprise systems
exposes vulnerabilities to prompt injection attacks, strategic deception, and
biased outputs, threatening security, trust, and fairness. Extending our
adversarial activation patching framework (arXiv:2507.09406), which induced
deception in toy networks at a 23.9% rate, we introduce the Unified Threat
Detection and Mitigation Framework (UTDMF), a scalable, real-time pipeline for
enterprise-grade models like Llama-3.1 (405B),...
📄 Dynamic Target Attack
2025-10-07Авторы:
Kedong Xiu, Churui Zeng, Tianhang Zheng, Xinzhe Huang, Xiaojun Jia, Di Wang, Puning Zhao, Zhan Qin, Kui Ren
Саммари на русском не найдено
Доступные поля: ['id', 'arxiv_id', 'title', 'authors', 'abstract', 'summary_ru', 'categories', 'published_date', 'created_at']
Доступные поля: ['id', 'arxiv_id', 'title', 'authors', 'abstract', 'summary_ru', 'categories', 'published_date', 'created_at']
Annotation:
Existing gradient-based jailbreak attacks typically optimize an adversarial
suffix to induce a fixed affirmative response. However, this fixed target
usually resides in an extremely low-density region of a safety-aligned LLM's
output distribution conditioned on diverse harmful inputs. Due to the
substantial discrepancy between the target and the original output, existing
attacks require numerous iterations to optimize the adversarial prompt, which
might still fail to induce the low-probability t...
Авторы:
Jonathan Sneh, Ruomei Yan, Jialin Yu, Philip Torr, Yarin Gal, Sunando Sengupta, Eric Sommerlade, Alasdair Paren, Adel Bibi
Саммари на русском не найдено
Доступные поля: ['id', 'arxiv_id', 'title', 'authors', 'abstract', 'summary_ru', 'categories', 'published_date', 'created_at']
Доступные поля: ['id', 'arxiv_id', 'title', 'authors', 'abstract', 'summary_ru', 'categories', 'published_date', 'created_at']
Annotation:
As LLMs increasingly power agents that interact with external tools, tool use
has become an essential mechanism for extending their capabilities. These
agents typically select tools from growing databases or marketplaces to solve
user tasks, creating implicit competition among tool providers and developers
for visibility and usage. In this paper, we show that this selection process
harbors a critical vulnerability: by iteratively manipulating tool names and
descriptions, adversaries can systemat...
📄 Untargeted Jailbreak Attack
2025-10-07Авторы:
Xinzhe Huang, Wenjing Hu, Tianhang Zheng, Kedong Xiu, Xiaojun Jia, Di Wang, Zhan Qin, Kui Ren
Саммари на русском не найдено
Доступные поля: ['id', 'arxiv_id', 'title', 'authors', 'abstract', 'summary_ru', 'categories', 'published_date', 'created_at']
Доступные поля: ['id', 'arxiv_id', 'title', 'authors', 'abstract', 'summary_ru', 'categories', 'published_date', 'created_at']
Annotation:
Existing gradient-based jailbreak attacks on Large Language Models (LLMs),
such as Greedy Coordinate Gradient (GCG) and COLD-Attack, typically optimize
adversarial suffixes to align the LLM output with a predefined target response.
However, by restricting the optimization objective as inducing a predefined
target, these methods inherently constrain the adversarial search space, which
limit their overall attack efficacy. Furthermore, existing methods typically
require a large number of optimizati...
Авторы:
Valentin Barbaza, Alan Rodrigo Diaz-Rizo, Hassan Aboushady, Spyridon Raptis, Haralampos-G. Stratigopoulos
Саммари на русском не найдено
Доступные поля: ['id', 'arxiv_id', 'title', 'authors', 'abstract', 'summary_ru', 'categories', 'published_date', 'created_at']
Доступные поля: ['id', 'arxiv_id', 'title', 'authors', 'abstract', 'summary_ru', 'categories', 'published_date', 'created_at']
Annotation:
AI models are often regarded as valuable intellectual property due to the
high cost of their development, the competitive advantage they provide, and the
proprietary techniques involved in their creation. As a result, AI model
stealing attacks pose a serious concern for AI model providers. In this work,
we present a novel attack targeting wireless devices equipped with AI hardware
accelerators. The attack unfolds in two phases. In the first phase, the
victim's device is compromised with a hardwa...
Авторы:
Luis Burbano, Diego Ortiz, Qi Sun, Siwei Yang, Haoqin Tu, Cihang Xie, Yinzhi Cao, Alvaro A Cardenas
Саммари на русском не найдено
Доступные поля: ['id', 'arxiv_id', 'title', 'authors', 'abstract', 'summary_ru', 'categories', 'published_date', 'created_at']
Доступные поля: ['id', 'arxiv_id', 'title', 'authors', 'abstract', 'summary_ru', 'categories', 'published_date', 'created_at']
Annotation:
Embodied Artificial Intelligence (AI) promises to handle edge cases in
robotic vehicle systems where data is scarce by using common-sense reasoning
grounded in perception and action to generalize beyond training distributions
and adapt to novel real-world situations. These capabilities, however, also
create new security risks. In this paper, we introduce CHAI (Command Hijacking
against embodied AI), a new class of prompt-based attacks that exploit the
multimodal language interpretation abilities...
Авторы:
Ehsan Aghaei, Sarthak Jain, Prashanth Arun, Arjun Sambamoorthy
Саммари на русском не найдено
Доступные поля: ['id', 'arxiv_id', 'title', 'authors', 'abstract', 'summary_ru', 'categories', 'published_date', 'created_at']
Доступные поля: ['id', 'arxiv_id', 'title', 'authors', 'abstract', 'summary_ru', 'categories', 'published_date', 'created_at']
Annotation:
Effective analysis of cybersecurity and threat intelligence data demands
language models that can interpret specialized terminology, complex document
structures, and the interdependence of natural language and source code.
Encoder-only transformer architectures provide efficient and robust
representations that support critical tasks such as semantic search, technical
entity extraction, and semantic analysis, which are key to automated threat
detection, incident triage, and vulnerability assessme...
📄 MAVUL: Multi-Agent Vulnerability Detection via Contextual Reasoning and Interactive Refinement
2025-10-05Авторы:
Youpeng Li, Kartik Joshi, Xinda Wang, Eric Wong
Саммари на русском не найдено
Доступные поля: ['id', 'arxiv_id', 'title', 'authors', 'abstract', 'summary_ru', 'categories', 'published_date', 'created_at']
Доступные поля: ['id', 'arxiv_id', 'title', 'authors', 'abstract', 'summary_ru', 'categories', 'published_date', 'created_at']
Annotation:
The widespread adoption of open-source software (OSS) necessitates the
mitigation of vulnerability risks. Most vulnerability detection (VD) methods
are limited by inadequate contextual understanding, restrictive single-round
interactions, and coarse-grained evaluations, resulting in undesired model
performance and biased evaluation results. To address these challenges, we
propose MAVUL, a novel multi-agent VD system that integrates contextual
reasoning and interactive refinement. Specifically, a...
Показано 241 -
250
из 470 записей