English
Related papers

Related papers: Models Are Codes: Towards Measuring Malicious Code…

200 papers

LLMs produce harmful and undesirable behavior when trained on datasets containing even a small fraction of poisoned data. We demonstrate that GPT models remain vulnerable to fine-tuning on poisoned data, even when safeguarded by moderation…

Cryptography and Security · Computer Science 2025-07-18 Dillon Bowen , Brendan Murphy , Will Cai , David Khachaturov , Adam Gleave , Kellin Pelrine

Large Language Models (LLMs), now a foundation in advancing natural language processing, power applications such as text generation, machine translation, and conversational systems. Despite their transformative potential, these models…

Cryptography and Security · Computer Science 2025-08-05 Kang Chen , Xiuze Zhou , Yuanguo Lin , Jinhe Su , Yuanhui Yu , Li Shen , Fan Lin

The NPM ecosystem has become a primary target for software supply chain attacks, yet existing detection tools are evaluated in isolation on incompatible datasets, making cross-tool comparison unreliable. We conduct a benchmark-driven…

Software Engineering · Computer Science 2026-03-31 Wenbo Guo , Zhongwen Chen , Zhengzi Xu , Chengwei Liu , Ming Kang , Shiwen Song , Chengyue Liu , Yijia Xu , Weisong Sun , Yang Liu

Poisoning attacks can compromise the safety of large language models (LLMs) by injecting malicious documents into their training data. Existing work has studied pretraining poisoning assuming adversaries control a percentage of the training…

Malicious package detection has become a critical task in ensuring the security and stability of the PyPI. Existing detection approaches have focused on advancing model selection, evolving from traditional machine learning (ML) models to…

Cryptography and Security · Computer Science 2025-06-18 Xingan Gao , Xiaobing Sun , Sicong Cao , Kaifeng Huang , Di Wu , Xiaolei Liu , Xingwei Lin , Yang Xiang

Large Language Models (LLMs) have been shown to be susceptible to jailbreak attacks, or adversarial attacks used to illicit high risk behavior from a model. Jailbreaks have been exploited by cybercriminals and blackhat actors to cause…

Computation and Language · Computer Science 2025-01-07 Joao Fonseca , Andrew Bell , Julia Stoyanovich

Many have observed that the development and deployment of generative machine learning (ML) and artificial intelligence (AI) models follow a distinctive pattern in which pre-trained models are adapted and fine-tuned for specific downstream…

Social and Information Networks · Computer Science 2025-08-12 Benjamin Laufer , Hamidah Oderinwale , Jon Kleinberg

The pre-training and fine-tuning paradigm has demonstrated its effectiveness and has become the standard approach for tailoring language models to various tasks. Currently, community-based platforms offer easy access to various pre-trained…

Cryptography and Security · Computer Science 2024-09-17 Ruixuan Liu , Tianhao Wang , Yang Cao , Li Xiong

Multimodal Large Language Models (MLLMs) achieve strong reasoning and perception capabilities but are increasingly vulnerable to jailbreak attacks. While existing work focuses on explicit attacks, where malicious content resides in a single…

Cryptography and Security · Computer Science 2026-04-28 Xu Zhang , Hao Li , Zhichao Lu

The ubiquity of large-scale Pre-Trained Models (PTMs) is on the rise, sparking interest in model hubs, and dedicated platforms for hosting PTMs. Despite this trend, a comprehensive exploration of the challenges that users encounter and how…

Software Engineering · Computer Science 2024-01-25 Mina Taraghi , Gianolli Dorcelus , Armstrong Foundjem , Florian Tambon , Foutse Khomh

In the software engineering community, deep learning (DL) has recently been applied to many source code processing tasks. Due to the poor interpretability of DL models, their security vulnerabilities require scrutiny. Recently, researchers…

Software Engineering · Computer Science 2022-11-01 Jia Li , Zhuo Li , Huangzhao Zhang , Ge Li , Zhi Jin , Xing Hu , Xin Xia

Context:With the advancement of artificial intelligence (AI) technology and applications, numerous AI models have been developed, leading to the emergence of open-source model hosting platforms like Hugging Face (HF). Thanks to these…

Software Engineering · Computer Science 2024-08-07 Hao Qin , Mingyang Li , Junjie Wang , Qing Wang

Large language models (LLMs) have brought significant advancements to code generation, benefiting both novice and experienced developers. However, their training using unsanitized data from open-source repositories, like GitHub, introduces…

Software Engineering · Computer Science 2023-10-26 Jiexin Wang , Liuwen Cao , Xitong Luo , Zhiping Zhou , Jiayuan Xie , Adam Jatowt , Yi Cai

In the context of the rising interest in code language models (code LMs) and vulnerability detection, we study the effectiveness of code LMs for detecting vulnerabilities. Our analysis reveals significant shortcomings in existing…

Software Engineering · Computer Science 2024-07-11 Yangruibo Ding , Yanjun Fu , Omniyyah Ibrahim , Chawin Sitawarin , Xinyun Chen , Basel Alomair , David Wagner , Baishakhi Ray , Yizheng Chen

Large language models (LLMs) have revolutionized software development practices, yet concerns about their safety have arisen, particularly regarding hidden backdoors, aka trojans. Backdoor attacks involve the insertion of triggers into…

Software Engineering · Computer Science 2024-03-06 Aftab Hussain , Md Rafiqul Islam Rabin , Navid Ayoobi , Mohammad Amin Alipour

We analyzed nearly 460,000 AI model cards from Hugging Face to examine how developers report risks. From these, we extracted around 3,000 unique risk mentions and built the \emph{AI Model Risk Catalog}. We compared these with risks…

Computers and Society · Computer Science 2025-08-26 Pooja S. B. Rao , Sanja Šćepanović , Dinesh Babu Jayagopi , Mauro Cherubini , Daniele Quercia

Model stealing attacks endanger the confidentiality of machine learning models offered as a service. Although these models are kept secret, a malicious party can query a model to label data samples and train their own substitute model,…

Cryptography and Security · Computer Science 2025-09-01 Daryna Oliynyk , Rudolf Mayer , Kathrin Grosse , Andreas Rauber

Due to the cost of developing and training deep learning models from scratch, machine learning engineers have begun to reuse pre-trained models (PTMs) and fine-tune them for downstream tasks. PTM registries known as "model hubs" support…

Thanks to the explosive growth of data and the development of computational resources, it is possible to build pre-trained models that can achieve outstanding performance on various tasks, such as neural language processing, computer…

Artificial Intelligence · Computer Science 2024-11-13 Meng Yang , Tianqing Zhu , Chi Liu , WanLei Zhou , Shui Yu , Philip S. Yu

Large-scale pre-trained models (PTMs) such as BERT and GPT have achieved great success in diverse fields. The typical paradigm is to pre-train a big deep learning model on large-scale data sets, and then fine-tune the model on small…

Cryptography and Security · Computer Science 2024-05-08 Minghang Deng , Zhong Zhang , Junming Shao