English
Related papers

Related papers: SpellBound: Defending Against Package Typosquattin…

200 papers

LLM watermarks stand out as a promising way to attribute ownership of LLM-generated text. One threat to watermark credibility comes from spoofing attacks, where an unauthorized third party forges the watermark, enabling it to falsely…

Cryptography and Security · Computer Science 2025-05-23 Thibaud Gloaguen , Nikola Jovanović , Robin Staab , Martin Vechev

Prompt injection threatens novel applications that emerge from adapting LLMs for various user tasks. The newly developed LLM-based software applications become more ubiquitous and diverse. However, the threat of prompt injection attacks…

Cryptography and Security · Computer Science 2025-06-25 Valerii Gakh , Hayretdin Bahsi

The popularity of JavaScript has lead to a large ecosystem of third-party packages available via the npm software package registry. The open nature of npm has boosted its growth, providing over 800,000 free and reusable software packages.…

Cryptography and Security · Computer Science 2019-06-10 Markus Zimmermann , Cristian-Alexandru Staicu , Cam Tenny , Michael Pradel

The npm (Node Package Manager) ecosystem is the most important package manager for JavaScript development with millions of users. Consequently, a plethora of earlier work investigated how vulnerability reporting, patch propagation, and in…

Cryptography and Security · Computer Science 2025-06-10 Rajdeep Ghosh , Shiladitya De , Mainack Mondal

Typographical errors are a major source of frustration for visitors of online marketplaces. Because of the domain-specific nature of these marketplaces and the very short queries users tend to search for, traditional spell cheking solutions…

Machine Learning · Computer Science 2023-08-07 Dayananda Ubrangala , Juhi Sharma , Ravi Prasad Kondapalli , Kiran R , Amit Agarwala , Laurent Boué

This paper examines software vulnerabilities in common Python packages used particularly for web development. The empirical dataset is based on the PyPI package repository and the so-called Safety DB used to track vulnerabilities in…

Software Engineering · Computer Science 2019-03-12 Jukka Ruohonen

Modern software systems heavily rely on third-party dependencies, making software supply chain security a critical concern. We introduce the concept of software supply chain smells as structural indicators that signal potential security…

Software Engineering · Computer Science 2026-03-31 Larissa Schmid , Diogo Gaspar , Raphina Liu , Sofia Bobadilla , Benoit Baudry , Martin Monperrus

Recent explorations with commercial Large Language Models (LLMs) have shown that non-expert users can jailbreak LLMs by simply manipulating their prompts; resulting in degenerate output behavior, privacy and security breaches, offensive…

Computation and Language · Computer Science 2024-03-28 Abhinav Rao , Sachin Vashistha , Atharva Naik , Somak Aditya , Monojit Choudhury

The safety and robustness of large language models (LLMs) based applications remain critical challenges in artificial intelligence. Among the key threats to these applications are prompt hacking attacks, which can significantly undermine…

Cryptography and Security · Computer Science 2024-10-21 Baha Rababah , Shang , Wu , Matthew Kwiatkowski , Carson Leung , Cuneyt Gurcan Akcora

The critical challenge of prompt injection attacks in Large Language Models (LLMs) integrated applications, a growing concern in the Artificial Intelligence (AI) field. Such attacks, which manipulate LLMs through natural language inputs,…

Cryptography and Security · Computer Science 2024-01-17 Xuchen Suo

Watermarking of large language models (LLMs) generation embeds an imperceptible statistical pattern within texts, making it algorithmically detectable. Watermarking is a promising method for addressing potential harm and biases from LLMs,…

Cryptography and Security · Computer Science 2024-12-09 Lingjie Chen , Ruizhong Qiu , Siyu Yuan , Zhining Liu , Tianxin Wei , Hyunsik Yoo , Zhichen Zeng , Deqing Yang , Hanghang Tong

The liberalization of software licensing has led to unprecedented re-use of software. Alongside drastically increasing productivity and arguably quality of derivative works, it has also introduced multiple attack vectors. The management of…

Software Engineering · Computer Science 2023-02-20 Aarnav M. Bos

Security patches in open-source software, providing security fixes to identified vulnerabilities, are crucial in protecting against cyberattacks. Despite the National Vulnerability Database (NVD) publishes identified vulnerabilities, a vast…

Cryptography and Security · Computer Science 2021-06-08 Yaqin Zhou , Jing Kai Siow , Chenyu Wang , Shangqing Liu , Yang Liu

As the integration of the Large Language Models (LLMs) into various applications increases, so does their susceptibility to misuse, raising significant security concerns. Numerous jailbreak attacks have been proposed to assess the security…

Cryptography and Security · Computer Science 2025-05-30 Bijoy Ahmed Saiem , MD Sadik Hossain Shanto , Rakib Ahsan , Md Rafi ur Rashid

Plagiarism detection in programming education faces growing challenges due to increasingly sophisticated obfuscation techniques, particularly automated refactoring-based attacks. While code plagiarism detection systems used in education…

Software Engineering · Computer Science 2025-10-30 Robin Maisch , Larissa Schmid , Timur Sağlam , Nils Niehues

Fine-tuning large language models often undermines their safety alignment, a problem further amplified by harmful fine-tuning attacks in which adversarial data removes safeguards and induces unsafe behaviors. We propose SPARD, a defense…

Machine Learning · Computer Science 2026-05-28 Shuhao Chen , Weisen Jiang , Yeqi Gong , Shengda Luo , Chengxiang Zhuo , Zang Li , James T. Kwok , Yu Zhang

Packer identification tools are a critical foundation of malware analysis, directly affecting unpacking, behavioral analysis, malware classification, and threat attribution. However, their semantic correctness is rarely validated. In…

Cryptography and Security · Computer Science 2026-05-28 Fangtian Zhong , Zhuoyun Qian , Mengfei Ren , Yili Jiang , Jiaqi Huang , Yunming Pang , Xiuzhen Cheng

Large Language Models (LLMs) remain vulnerable to prompt injection attacks, representing the most significant security threat in production deployments. We present Prompt Fencing, a novel architectural approach that applies cryptographic…

Cryptography and Security · Computer Science 2025-11-26 Steven Peh

Safety mechanisms for large language models (LLMs) remain predominantly English-centric, creating systematic vulnerabilities in multilingual deployment. Prior work shows that translating malicious prompts into other languages can…

Computation and Language · Computer Science 2026-04-29 Shirin Alanova , Bogdan Minko , Sabrina Sadiekh , Evgeniy Kokuykin

Large Language Models (LLMs), such as ChatGPT and GPT-4, are designed to provide useful and safe responses. However, adversarial prompts known as 'jailbreaks' can circumvent safeguards, leading LLMs to generate potentially harmful content.…

Computation and Language · Computer Science 2024-04-09 Peng Ding , Jun Kuang , Dan Ma , Xuezhi Cao , Yunsen Xian , Jiajun Chen , Shujian Huang