English
Related papers

Related papers: Mir: Automated Quantifiable Privilege Reduction Ag…

200 papers

Due to the amount of data that smartphone applications can potentially access, platforms enforce permission systems that allow users to regulate how applications access protected resources. If users are asked to make security decisions too…

Cryptography and Security · Computer Science 2015-04-16 Primal Wijesekera , Arjun Baokar , Ashkan Hosseini , Serge Egelman , David Wagner , Konstantin Beznosov

The rapid advancement of Large Language Models (LLMs) in software engineering has revealed critical limitations in existing benchmarks, particularly the widely used SWE-bench dataset. Recent studies have uncovered severe data contamination…

The ever-increasing size of open-source Large Language Models (LLMs) renders local deployment impractical for individual users. Decentralized computing has emerged as a cost-effective solution, allowing individuals and small companies to…

Machine Learning · Computer Science 2026-02-03 Yifan Sun , Yuhang Li , Yue Zhang , Yuchen Jin , Huan Zhang

Reasoning in Large Language Models (LLMs) often suffers from inefficient long chain-of-thought traces with redundant self-exploration and validation, which inflate computational costs and even degrade performance. Inspired by human…

Artificial Intelligence · Computer Science 2026-02-17 Qianyue Wang , Jinwu Hu , Huanxiang Lin , Bolin Chen , Zhiquan Wen , Yaofo Chen , Yu Rong , Mingkui Tan

Current smartphone operating systems regulate application permissions by prompting users on an ask-on-first-use basis. Prior research has shown that this method is ineffective because it fails to account for context: the circumstances under…

Cryptography and Security · Computer Science 2017-03-08 Primal Wijesekera , Arjun Baokar , Lynn Tsai , Joel Reardon , Serge Egelman , David Wagner , Konstantin Beznosov

Large language models (LLMs) are increasingly used to assist developers with code, yet their implementations of cryptographic functionality often contain exploitable flaws. Minor design choices (e.g., static initialization vectors or…

Cryptography and Security · Computer Science 2026-02-09 Max Manolov , Tony Gao , Siddharth Shukla , Cheng-Ting Chou , Ryan Lagasse

Large-scale enterprise software systems commonly run as unprivileged service accounts to enforce least privilege, yet still depend on a small set of privileged components -- such as executables with elevated ownership, permissions, or…

Cryptography and Security · Computer Science 2026-05-29 Rajarshi Chowdhury , Akshay Shah

Mid-training has become an important stage in modern LLM development, using large-scale curated mixtures to strengthen capabilities before final post-training. Its data selection problem is distinct: the data are optimized under a…

Artificial Intelligence · Computer Science 2026-05-29 Haowen Wang , Yaxin Du , Jian Yang , Jiajun Wu , Shukai Liu , Yuxuan Zhang , Pingjie Wang , Siheng Chen , Tuney Zheng , Ming Zhou , Xianglong Liu

RowHammer is a major read disturbance mechanism in DRAM where repeatedly accessing (hammering) a row of DRAM cells (DRAM row) induces bitflips in other physically nearby DRAM rows. RowHammer solutions perform preventive actions (e.g.,…

Industrial applications heavily integrate open-source software libraries nowadays. Beyond the benefits that libraries bring, they can also impose a real threat in case a library is affected by a vulnerability but its community is not active…

Software Engineering · Computer Science 2025-04-24 Alexandros Tsakpinis

Skill libraries allow LLM agents to load task-specific instructions on demand, letting non-expert users solve domain-specific tasks through natural language without knowing which skills exist or how they work. However, performance degrades…

Software Engineering · Computer Science 2026-05-26 Hongwen Song , Song , Wei

Modern JavaScript includes the SharedArrayBuffer feature, which provides access to true shared memory concurrency. SharedArrayBuffers are simple linear buffers of bytes, and the JavaScript specification defines an axiomatic relaxed memory…

Programming Languages · Computer Science 2020-05-25 Conrad Watt , Christopher Pulte , Anton Podkopaev , Guillaume Barbier , Stephen Dolan , Shaked Flur , Jean Pichon-Pharabod , Shu-yu Guo

We consider the problem of private information retrieval (PIR) where a single user with private side information aims to retrieve multiple files from a library stored (uncoded) at a number of servers. We assume the side information at the…

Information Theory · Computer Science 2018-05-31 Seyed Pooya Shariatpanahi , Mahdi Jafari Siavoshani , Mohammad Ali Maddah-Ali

Large Language Models (LLMs) have exhibited strong mathematical reasoning prowess, tackling tasks ranging from basic arithmetic to advanced competition-level problems. However, frequently occurring subtle yet critical errors, such as…

Computation and Language · Computer Science 2025-05-28 Kaishuai Xu , Tiezheng Yu , Wenjun Hou , Yi Cheng , Chak Tou Leong , Liangyou Li , Xin Jiang , Lifeng Shang , Qun Liu , Wenjie Li

The implementations of most hardened cryptographic libraries use defensive programming techniques for side-channel resistance. These techniques are usually specified as guidelines to developers on specific code patterns to use or avoid.…

Cryptography and Security · Computer Science 2025-09-03 Moritz Schneider , Daniele Lain , Ivan Puddu , Nicolas Dutly , Srdjan Capkun

We present \texttt{secml}, an open-source Python library for secure and explainable machine learning. It implements the most popular attacks against machine learning, including test-time evasion attacks to generate adversarial examples…

Machine Learning · Computer Science 2022-05-16 Maura Pintor , Luca Demetrio , Angelo Sotgiu , Marco Melis , Ambra Demontis , Battista Biggio

LLM agents operating in open environments face escalating risks from indirect prompt injection, particularly within the tool stream where manipulated metadata and runtime feedback hijack execution flow. Existing defenses encounter a…

Cryptography and Security · Computer Science 2026-01-15 Junda Lin , Zhaomeng Zhou , Zhi Zheng , Shuochen Liu , Tong Xu , Yong Chen , Enhong Chen

Multi-variant execution (MVX) systems amplify the effectiveness of software diversity techniques. The key idea is to run multiple diversified program variants in lockstep while providing them with the same input and monitoring their…

Cryptography and Security · Computer Science 2020-11-05 Alexios Voulimeneas , Dokyung Song , Per Larsen , Michael Franz , Stijn Volckaert

Customized Large Language Model (LLM) agents face a critical security threat from black-box instruction backdoors, where malicious behaviors are covertly injected through hidden system instructions. Although existing prompt-based defenses…

Cryptography and Security · Computer Science 2026-04-17 Zhengxian Wu , Juan Wen , Wanli Peng , Haowei Chang , Yinghan Zhou , Yiming Xue

Large language models increasingly operate as autonomous agents that select and invoke tools from large registries. We identify a critical gap: when unauthorized tools are visible in an agent's context, models select them in adversarial…

Cryptography and Security · Computer Science 2026-05-19 Rohith Uppala