English
Related papers

Related papers: Context-Auditor: Context-sensitive Content Injecti…

200 papers

Since the first publication of the "OWASP Top 10" (2004), cross-site scripting (XSS) vulnerabilities have always been among the top 5 web application security bugs. Black-box vulnerability scanners are widely used in the industry to…

Cryptography and Security · Computer Science 2014-10-17 Enrico Bazzoli , Claudio Criscione , Federico Maggi , Stefano Zanero

Backdoor attacks create significant security threats to language models by embedding hidden triggers that manipulate model behavior during inference, presenting critical risks for AI systems deployed in healthcare and other sensitive…

Cryptography and Security · Computer Science 2026-04-30 Mohamed Afane , Abhishek Satyam , Ke Chen , Tao Li , Junaid Farooq , Juntao Chen

In recent years, the adoption of cloud services has been expanding at an unprecedented rate. As more and more organizations migrate or deploy their businesses to the cloud, a multitude of related cybersecurity incidents such as data…

Cryptography and Security · Computer Science 2025-06-23 Fei Zuo , Junghwan Rhee , Yung Ryn Choe , Chenglong Fu , Xianshan Qu

Adversarial attacks perturb images such that a deep neural network produces incorrect classification results. A promising approach to defend against adversarial attacks on natural multi-object scenes is to impose a context-consistency…

Computer Vision and Pattern Recognition · Computer Science 2022-03-30 Zikui Cai , Shantanu Rane , Alejandro E. Brito , Chengyu Song , Srikanth V. Krishnamurthy , Amit K. Roy-Chowdhury , M. Salman Asif

The emergence of multimodal large language models has redefined the agent paradigm by integrating language and vision modalities with external data sources, enabling agents to better interpret human instructions and execute increasingly…

Computer Vision and Pattern Recognition · Computer Science 2025-07-29 Le Wang , Zonghao Ying , Tianyuan Zhang , Siyuan Liang , Shengshan Hu , Mingchuan Zhang , Aishan Liu , Xianglong Liu

Traditional security scanners fail when facing new attack patterns they haven't seen before. They rely on fixed rules and predetermined signatures, making them blind to novel threats. We present a fundamentally different approach: instead…

Cryptography and Security · Computer Science 2025-11-21 Ayush Chaudhary

As the AI systems become deeply embedded in social media platforms, we've uncovered a concerning security vulnerability that goes beyond traditional adversarial attacks. It becomes important to assess the risks of LLMs before the general…

Computation and Language · Computer Science 2025-05-30 Nilanjana Das , Edward Raff , Aman Chadha , Manas Gaur

Content composition vulnerabilities remain among the most prevalent and persistent classes of security weakness in deployed software. Prior mitigations, including developer training, static analysis tools, and domain-specific template…

Programming Languages · Computer Science 2026-05-19 Mike Samuel , Tom Palmer , Shaw Summa , Robert Grayson

The growing number of Internet users and the prevalence of web applications make it necessary to deal with very complex software and applications in the network. This results in an increasing number of new vulnerabilities in the systems,…

Networking and Internet Architecture · Computer Science 2021-08-18 Mahdi Soltani , Mahdi Jafari Siavoshani , Amir Hossein Jahangir

Cross Site Scripting (XSS) is one of the most critical vulnerabilities exist in web applications. XSS can be prevented by encoding untrusted data that are loaded into browser content of web applications. Security Application Programming…

Cryptography and Security · Computer Science 2018-10-03 Chamila Wijayarathna , Nalin Asanka Gamagedara Arachchilage

We present ConXsense, the first framework for context-aware access control on mobile devices based on context classification. Previous context-aware access control systems often require users to laboriously specify detailed policies or they…

Cryptography and Security · Computer Science 2014-06-06 Markus Miettinen , Stephan Heuser , Wiebke Kronz , Ahmad-Reza Sadeghi , N. Asokan

The increasing reliance on web services has led to a rise in cybersecurity threats, particularly Cross-Site Scripting (XSS) attacks, which target client-side layers of web applications by injecting malicious scripts. Traditional Web…

Cryptography and Security · Computer Science 2025-04-14 Vahid Babaey , Arun Ravindran

Web agents powered by vision-language models (VLMs) enable autonomous interaction with web environments by perceiving and acting on both visual and textual webpage content to accomplish user-specified tasks. However, they are highly…

Cryptography and Security · Computer Science 2026-04-15 Yulin Chen , Tri Cao , Haoran Li , Yue Liu , Yibo Li , Yufei He , Le Minh Khoi , Yangqiu Song , Shuicheng Yan , Bryan Hooi

The integration of artificial intelligence (AI) agents into web browsers introduces security challenges that go beyond traditional web application threat models. Prior work has identified prompt injection as a new attack vector for web…

Machine Learning · Computer Science 2025-11-26 Kaiyuan Zhang , Mark Tenenholtz , Kyle Polley , Jerry Ma , Denis Yarats , Ninghui Li

Large language models (LLMs) are increasingly used as analyst assistants in security operations centers (SOCs), where they ingest log and alert data to produce triage labels, incident summaries, or remediation advice. We study a structural…

Cryptography and Security · Computer Science 2026-05-26 Rohan Pandey , Archit Bhujang

Web-use agents are rapidly being deployed to automate complex web tasks with extensive browser capabilities. However, these capabilities create a critical and previously unexplored attack surface. This paper demonstrates how attackers can…

Cryptography and Security · Computer Science 2025-10-22 Avishag Shapira , Parth Atulbhai Gandhi , Edan Habler , Asaf Shabtai

When AI agents retrieve and reason over external documents, adversaries can manipulate the data they receive to subvert their behaviour. Previous research has studied indirect prompt injection, where the attacker injects malicious…

Computation and Language · Computer Science 2025-10-14 Michael Schlichtkrull

Previous research on testing the vulnerabilities in Large Language Models (LLMs) using adversarial attacks has primarily focused on nonsensical prompt injections, which are easily detected upon manual or automated review (e.g., via byte…

Computation and Language · Computer Science 2024-07-29 Nilanjana Das , Edward Raff , Manas Gaur

Large language models (LLMs) have transformed the development of embodied intelligence. By providing a few contextual demonstrations, developers can utilize the extensive internal knowledge of LLMs to effortlessly translate complex tasks…

Artificial Intelligence · Computer Science 2024-08-07 Aishan Liu , Yuguang Zhou , Xianglong Liu , Tianyuan Zhang , Siyuan Liang , Jiakai Wang , Yanjun Pu , Tianlin Li , Junqi Zhang , Wenbo Zhou , Qing Guo , Dacheng Tao

Contextual biasing is essential to improving the recognition of rare and domain-specific words in an automatic speech recognition (ASR) system. While numerous methods have been proposed in recent years, most of them focus on offline…

Audio and Speech Processing · Electrical Eng. & Systems 2026-05-20 Kai-Chen Tsai , Tien-Hong Lo , Yun-Ting Sun , Berlin Chen