English
Related papers

Related papers: WebSentinel: Detecting and Localizing Prompt Injec…

200 papers

Web agents powered by large language models (LLMs) must process lengthy web page observations to complete user goals; these pages often exceed tens of thousands of tokens. This saturates context limits and increases computational cost…

Recent work has embodied LLMs as agents, allowing them to access tools, perform actions, and interact with external content (e.g., emails or websites). However, external content introduces the risk of indirect prompt injection (IPI)…

Computation and Language · Computer Science 2024-08-06 Qiusi Zhan , Zhixiang Liang , Zifan Ying , Daniel Kang

Large Language Model (LLM) based agents integrated into web browsers (often called agentic AI browsers) offer powerful automation of web tasks. However, they are vulnerable to indirect prompt injection attacks, where malicious instructions…

Cryptography and Security · Computer Science 2025-10-16 Avihay Cohen

Web application pentesting is a crucial component in the offensive cybersecurity area, whose aim is to safeguard web applications and web services as the majority of the web applications are mounted in publicly accessible web environments.…

Cryptography and Security · Computer Science 2024-10-17 María Olivares-Naya , Jacobo Casado de Gracia , Alfonso Sánchez-Macián

Large language model (LLM) agents increasingly rely on external tools and retrieval systems to autonomously complete complex tasks. However, this design exposes agents to indirect prompt injection (IPI), where attacker-controlled context…

Cryptography and Security · Computer Science 2026-02-27 Tian Zhang , Yiwei Xu , Juan Wang , Keyan Guo , Xiaoyang Xu , Bowen Xiao , Quanlong Guan , Jinlin Fan , Jiawei Liu , Zhiquan Liu , Hongxin Hu

Recent intelligent systems integrate powerful Large Language Models (LLMs) through APIs, but their trustworthiness may be critically undermined by targeted attacks like backdoor and prompt injection attacks, which secretly force LLMs to…

Cryptography and Security · Computer Science 2026-03-03 Xiaoyi Pang , Xuanyi Hao , Pengyu Liu , Qi Luo , Song Guo , Zhibo Wang

Large language models (LLMs) and their applications, such as agents, are highly vulnerable to prompt injection attacks. State-of-the-art prompt injection detection methods have the following limitations: (1) their effectiveness degrades…

Cryptography and Security · Computer Science 2026-04-02 Yanting Wang , Wei Zou , Runpeng Geng , Jinyuan Jia

Large language model (LLM) based web agents are increasingly deployed to automate complex online tasks by directly interacting with web sites and performing actions on users' behalf. While these agents offer powerful capabilities, their…

Cryptography and Security · Computer Science 2026-02-11 Georgios Syros , Evan Rose , Brian Grinstead , Christoph Kerschbaumer , William Robertson , Cristina Nita-Rotaru , Alina Oprea

A prompt injection attack aims to inject malicious instruction/data into the input of an LLM-Integrated Application such that it produces results as an attacker desires. Existing works are limited to case studies. As a result, the…

Cryptography and Security · Computer Science 2025-11-13 Yupei Liu , Yuqi Jia , Runpeng Geng , Jinyuan Jia , Neil Zhenqiang Gong

Large Language Models (LLMs) are increasingly integrated into real-world applications, from virtual assistants to autonomous agents. However, their flexibility also introduces new attack vectors-particularly Prompt Injection (PI), where…

Cryptography and Security · Computer Science 2025-09-17 Mengxiao Wang , Yuxuan Zhang , Guofei Gu

The increasing volume of traffic (especially from IoT devices) is posing a challenge to the current anomaly detection systems. Existing systems are forced to take the support of the control plane for a more thorough and accurate detection…

Cryptography and Security · Computer Science 2024-12-24 Sankalp Mittal

We introduce a Semantic Identification Attack, in which an adversary uses semantic signals about the pages visited in one browsing session to identify other browsing sessions launched by the same user. This attack allows an adver- sary to…

Cryptography and Security · Computer Science 2016-11-01 Neel Guha

Existing red-teaming studies on GUI agents have important limitations. Adversarial perturbations typically require white-box access, which is unavailable for commercial systems, while prompt injection is increasingly mitigated by stronger…

Cryptography and Security · Computer Science 2026-04-10 Wenkui Yang , Chao Jin , Haisu Zhu , Weilin Luo , Derek Yuen , Kun Shao , Huaibo Huang , Junxian Duan , Jie Cao , Ran He

Agentic large language model systems increasingly automate tasks by retrieving URLs and calling external tools. We show that this workflow gives rise to implicit prompt injection: adversarial instructions embedded in automatically generated…

Cryptography and Security · Computer Science 2026-02-27 Qianlong Lan , Anuj Kaul , Shaun Jones , Stephanie Westrum

As Large Language Models (LLMs) grow increasingly powerful, multi-agent systems are becoming more prevalent in modern AI applications. Most safety research, however, has focused on vulnerabilities in single-agent LLMs. These include prompt…

Multiagent Systems · Computer Science 2024-10-11 Donghyun Lee , Mo Tiwari

As LLMs are increasingly integrated into systems that browse, retrieve, summarize, and act on web content, webpages have become an untrusted input vector for downstream model behavior. This enables site owners, contributors, and adversaries…

Cryptography and Security · Computer Science 2026-05-01 Soheil Khodayari , Xuenan Zhang , Bhupendra Acharya , Giancarlo Pellegrino

Safety risks arise as large language model-based agents solve complex tasks with tools, multi-step plans, and inter-agent messages. However, deployer-written policies in natural language are ambiguous and context dependent, so they map…

Artificial Intelligence · Computer Science 2025-12-19 Yiliu Yang , Yilei Jiang , Qunzhong Wang , Yingshui Tan , Xiaoyong Zhu , Sherman S. M. Chow , Bo Zheng , Xiangyu Yue

Web attack detection is the first line of defense for securing web applications, designed to preemptively identify malicious activities. Deep learning-based approaches are increasingly popular for their advantages: automatically learning…

Cryptography and Security · Computer Science 2026-01-30 Kangqiang Luo , Yi Xie , Shiqian Zhao , Jing Pan

We demonstrate how AI-powered cybersecurity tools can be turned against themselves through prompt injection attacks. Prompt injection is reminiscent of cross-site scripting (XSS): malicious text is hidden within seemingly trusted content,…

Cryptography and Security · Computer Science 2025-11-18 Víctor Mayoral-Vilches , Per Mannermaa Rynning

Webshell attacks are becoming more common, requiring robust detection mechanisms to protect web applications. The dissertation clearly states two research directions: scanning web application source code and analyzing HTTP traffic to detect…

Cryptography and Security · Computer Science 2024-12-10 Ha L. Viet , On V. Phung , Hoa N. Nguyen