English
Related papers

Related papers: SpellBound: Defending Against Package Typosquattin…

200 papers

As the default package manager for Node.js, npm has become one of the largest package management systems in the world. To facilitate dependency management for developers, npm supports a special type of dependency, Peer Dependency, whose…

Software Engineering · Computer Science 2025-06-04 Xingyu Wang , Mingsen Wang , Wenbo Shen , Rui Chang

Large language models (LLMs) have witnessed a meteoric rise in popularity among the general public users over the past few months, facilitating diverse downstream tasks with human-level accuracy and proficiency. Prompts play an essential…

Multimedia · Computer Science 2023-11-29 Hongwei Yao , Jian Lou , Kui Ren , Zhan Qin

Hardware supply-chain attacks are raising significant security threats to the boot process of multiprocessor systems. This paper identifies a new, prevalent hardware supply-chain attack surface that can bypass multiprocessor secure boot due…

Cryptography and Security · Computer Science 2025-04-22 Zhuoruo Zhang , Rui Chang , Mingshuai Chen , Wenbo Shen , Chenyang Yu , He Huang , Qinming Dai , Yongwang Zhao

The NPM ecosystem has become a primary target for software supply chain attacks, yet existing detection tools are evaluated in isolation on incompatible datasets, making cross-tool comparison unreliable. We conduct a benchmark-driven…

Software Engineering · Computer Science 2026-03-31 Wenbo Guo , Zhongwen Chen , Zhengzi Xu , Chengwei Liu , Ming Kang , Shiwen Song , Chengyue Liu , Yijia Xu , Weisong Sun , Yang Liu

Recently, large language models (LLMs) have garnered widespread attention for their exceptional capabilities. Prompts are central to the functionality and performance of LLMs, making them highly valuable assets. The increasing reliance on…

Cryptography and Security · Computer Science 2025-06-13 Yong Yang , Changjiang Li , Qingming Li , Oubo Ma , Haoyu Wang , Zonghui Wang , Yandong Gao , Wenzhi Chen , Shouling Ji

In Go, the widespread adoption of open-source software has led to a flourishing ecosystem of third-party dependencies, which are often integrated into critical systems. However, the reuse of dependencies introduces significant supply chain…

Cryptography and Security · Computer Science 2025-09-05 Carmine Cesarano , Vivi Andersson , Roberto Natella , Martin Monperrus

Recent advances in large language models (LLMs) have led to their extensive global deployment, and ensuring their safety calls for comprehensive and multilingual toxicity evaluations. However, existing toxicity benchmarks are overwhelmingly…

Computation and Language · Computer Science 2024-08-13 Devansh Jain , Priyanshu Kumar , Samuel Gehman , Xuhui Zhou , Thomas Hartvigsen , Maarten Sap

The disconnect between distributed software artifacts and their supposed source code enables attackers to leverage the build process for inserting malicious functionality. Past research in this field focuses on compiled language ecosystems,…

Software Engineering · Computer Science 2025-08-13 Timo Pohl , Pavel Novák , Marc Ohm , Michael Meier

To counter man-at-the-end attacks such as reverse engineering and tampering, software is often protected with techniques that require support modules to be linked into the application. It is well-known, however, that attackers can exploit…

Cryptography and Security · Computer Science 2019-07-04 Jens Van den Broeck , Bart Coppens , Bjorn De Sutter

Prompts have significantly improved the performance of pretrained Large Language Models (LLMs) on various downstream tasks recently, making them increasingly indispensable for a diverse range of LLM application scenarios. However, the…

Computation and Language · Computer Science 2023-12-19 Hongwei Yao , Jian Lou , Zhan Qin

Different security issues are a common problem for open source packages archived to and delivered through software ecosystems. These often manifest themselves as software weaknesses that may lead to concrete software vulnerabilities. This…

Software Engineering · Computer Science 2021-12-28 Jukka Ruohonen , Kalle Hjerppe , Kalle Rindell

Modern software design practice implies widespread use in the development of ready-made components, usually designed as external libraries. The undoubted advantages of reusing third-party code can be offset by integration errors that appear…

Software Engineering · Computer Science 2022-02-09 Vladislav Feofilaktov , Vladimir Itsykson

Background. From information theory, surprisal is a measurement of how unexpected an event is. Statistical language models provide a probabilistic approximation of natural languages, and because surprisal is constructed with the probability…

Computation and Language · Computer Science 2022-04-18 James Caddy , Markus Wagner , Christoph Treude , Earl T. Barr , Miltiadis Allamanis

Despite significant advancements in alignment and content moderation, large language models (LLMs) and text-to-image (T2I) systems remain vulnerable to prompt-based attacks known as jailbreaks. Unlike traditional adversarial examples…

Computer Vision and Pattern Recognition · Computer Science 2025-07-30 Ahmed B Mustafa , Zihan Ye , Yang Lu , Michael P Pound , Shreyank N Gowda

Web application pentesting is a crucial component in the offensive cybersecurity area, whose aim is to safeguard web applications and web services as the majority of the web applications are mounted in publicly accessible web environments.…

Cryptography and Security · Computer Science 2024-10-17 María Olivares-Naya , Jacobo Casado de Gracia , Alfonso Sánchez-Macián

We introduce PPBoot: a bootstrap-based method for prediction-powered inference. PPBoot is applicable to arbitrary estimation problems and is very simple to implement, essentially only requiring one application of the bootstrap. Through a…

Machine Learning · Statistics 2025-01-27 Tijana Zrnic

Managing project dependencies is a key maintenance issue in software development. Developers need to choose an update strategy that allows them to receive important updates and fixes while protecting them from breaking changes. Semantic…

Software Engineering · Computer Science 2023-05-26 Abbas Javan Jafari , Diego Elias Costa , Emad Shihab , Rabe Abdalkareem

Large Language Models (LLMs) have been shown to be susceptible to jailbreak attacks, or adversarial attacks used to illicit high risk behavior from a model. Jailbreaks have been exploited by cybercriminals and blackhat actors to cause…

Computation and Language · Computer Science 2025-01-07 Joao Fonseca , Andrew Bell , Julia Stoyanovich

Aligned large language models (LLMs) are vulnerable to jailbreaking attacks, which bypass the safeguards of targeted LLMs and fool them into generating objectionable content. While initial defenses show promise against token-based threat…

Computation and Language · Computer Science 2024-03-01 Jiabao Ji , Bairu Hou , Alexander Robey , George J. Pappas , Hamed Hassani , Yang Zhang , Eric Wong , Shiyu Chang

Text-to-image (T2I) models can be maliciously used to generate harmful content such as sexually explicit, unfaithful, and misleading or Not-Safe-for-Work (NSFW) images. Previous attacks largely depend on the availability of the diffusion…

Cryptography and Security · Computer Science 2025-05-27 Jiachen Ma , Yijiang Li , Zhiqing Xiao , Anda Cao , Jie Zhang , Chao Ye , Junbo Zhao
‹ Prev 1 8 9 10 Next ›