English
Related papers

Related papers: MemPot: Defending Against Memory Extraction Attack…

200 papers

Large Language Models (LLMs) still suffer from severe hallucinations and catastrophic forgetting during causal reasoning over massive, fragmented long contexts. Existing memory mechanisms typically treat retrieval as a static, single-step…

Multiagent Systems · Computer Science 2026-05-19 Haodong Lei , Junming Liu , Yirong Chen , Ding Wang , Hongsong Wang

Modern approaches to enhancing Large Language Models' factual accuracy and knowledge utilization face a fundamental trade-off: non-parametric retrieval-augmented generation (RAG) provides flexible access to external knowledge but suffers…

Computation and Language · Computer Science 2026-03-02 Rubin Wei , Jiaqi Cao , Jiarui Wang , Jushi Kai , Qipeng Guo , Bowen Zhou , Zhouhan Lin

With the development of large language models (LLMs) like ChatGPT, both their vast applications and potential vulnerabilities have come to the forefront. While developers have integrated multiple safety mechanisms to mitigate their misuse,…

Computation and Language · Computer Science 2024-07-23 Xiao Liu , Liangzhi Li , Tong Xiang , Fuying Ye , Lu Wei , Wangyue Li , Noa Garcia

The deployment of Large Language Model (LLM)-generated SQL queries in Artificial Intelligence of Things (AIoT) systems introduces critical security risks, as prompt injection attacks can manipulate LLMs into producing unauthorized queries…

Cryptography and Security · Computer Science 2026-05-08 Wonbae Kim , Hee-Kyong Yoo

Recent advances in large language models (LLMs) have raised concerns about jailbreaking attacks, i.e., prompts that bypass safety mechanisms. This paper investigates the use of multi-agent LLM systems as a defence against such attacks. We…

Artificial Intelligence · Computer Science 2025-07-01 Maria Carolina Cornelia Wit , Jun Pang

Prompt injection attacks represent a major vulnerability in Large Language Model (LLM) deployments, where malicious instructions embedded in user inputs can override system prompts and induce unintended behaviors. This paper presents a…

Cryptography and Security · Computer Science 2025-12-18 S M Asif Hossain , Ruksat Khan Shayoni , Mohd Ruhul Ameen , Akif Islam , M. F. Mridha , Jungpil Shin

Despite efforts to align large language models (LLMs) with human intentions, widely-used LLMs such as GPT, Llama, and Claude are susceptible to jailbreaking attacks, wherein an adversary fools a targeted LLM into generating objectionable…

Machine Learning · Computer Science 2024-06-17 Alexander Robey , Eric Wong , Hamed Hassani , George J. Pappas

Despite significant advancements, large language models (LLMs) still struggle with providing accurate answers when lacking domain-specific or up-to-date knowledge. Retrieval-Augmented Generation (RAG) addresses this limitation by…

Cryptography and Security · Computer Science 2025-04-01 Yuefeng Peng , Junda Wang , Hong Yu , Amir Houmansadr

Large Language Models (LLMs) remain vulnerable to jailbreak attacks, which attempt to elicit harmful responses from LLMs. The evolving nature and diversity of these attacks pose many challenges for defense systems, including (1) adaptation…

Cryptography and Security · Computer Science 2025-11-04 Guangyu Yang , Jinghong Chen , Jingbiao Mei , Weizhe Lin , Bill Byrne

Large Language Models (LLMs) guardrail systems are designed to protect against prompt injection and jailbreak attacks. However, they remain vulnerable to evasion techniques. We demonstrate two approaches for bypassing LLM prompt injection…

Cryptography and Security · Computer Science 2025-07-15 William Hackett , Lewis Birch , Stefan Trawicki , Neeraj Suri , Peter Garraghan

Due to the vast array of Android applications, their multifarious functions and intricate behavioral semantics, attackers can adopt various tactics to conceal their genuine attack intentions within legitimate functions. However, numerous…

Cryptography and Security · Computer Science 2024-10-23 Wenxiang Zhao , Juntao Wu , Zhaoyi Meng

Indirect prompt injection threatens LLM agents by embedding malicious instructions in external content, enabling unauthorized actions and data theft. LLM agents maintain working memory through their context window, which stores interaction…

Cryptography and Security · Computer Science 2026-02-10 Ruoyao Wen , Hao Li , Chaowei Xiao , Ning Zhang

LLM agents have demonstrated remarkable performance across various applications, primarily due to their advanced capabilities in reasoning, utilizing external knowledge and tools, calling APIs, and executing actions to interact with…

Machine Learning · Computer Science 2024-07-18 Zhaorun Chen , Zhen Xiang , Chaowei Xiao , Dawn Song , Bo Li

Model extraction attacks (MEAs) on large language models (LLMs) have received increasing attention in recent research. However, existing attack methods typically adapt the extraction strategies originally developed for deep neural networks…

Cryptography and Security · Computer Science 2025-05-20 Zi Liang , Qingqing Ye , Yanyun Wang , Sen Zhang , Yaxin Xiao , Ronghua Li , Jianliang Xu , Haibo Hu

Memory systems enable otherwise-stateless LLM agents to persist user information across sessions, but also introduce a new attack surface. We characterize the Trojan Hippo attack, a class of persistent memory attacks that operates in a more…

Cryptography and Security · Computer Science 2026-05-18 Debeshee Das , Julien Piet , Darya Kaviani , Luca Beurer-Kellner , Florian Tramèr , David Wagner

Automatically extracting personal information -- such as name, phone number, and email address -- from publicly available profiles at a large scale is a stepstone to many other security attacks including spear phishing. Traditional methods…

Cryptography and Security · Computer Science 2026-04-08 Yupei Liu , Yuqi Jia , Jinyuan Jia , Neil Zhenqiang Gong

The advent of Large Language Models (LLMs) has marked significant achievements in language processing and reasoning capabilities. Despite their advancements, LLMs face vulnerabilities to data poisoning attacks, where the adversary inserts…

Machine Learning · Computer Science 2025-05-30 Xiangyu Zhou , Yao Qiang , Saleh Zare Zade , Mohammad Amin Roshani , Prashant Khanduri , Douglas Zytko , Dongxiao Zhu

System prompts are critical for guiding the behavior of Large Language Models (LLMs), yet they often contain proprietary logic or sensitive information, making them a prime target for extraction attacks. Adversarial queries can successfully…

Cryptography and Security · Computer Science 2026-02-03 Huseein Jawad , Nicolas Brunel

Large language model (LLM) agents achieve impressive single-task performance but commonly exhibit repeated failures, inefficient exploration, and limited cross-task adaptability. Existing reflective strategies (e.g., Reflexion, ReAct)…

Artificial Intelligence · Computer Science 2025-09-09 Chunlong Wu , Ye Luo , Zhibo Qu , Min Wang

Large Language Models (LLMs) increasingly employ alignment techniques to prevent harmful outputs. Despite these safeguards, attackers can circumvent them by crafting prompts that induce LLMs to generate harmful content. Current methods…

Computation and Language · Computer Science 2025-10-21 Jiawei Lian , Jianhong Pan , Lefan Wang , Yi Wang , Shaohui Mei , Lap-Pui Chau