English
Related papers

Related papers: Towards Poisoning Robustness Certification for Nat…

200 papers

Large language models (LLMs) increasingly rely on external tools to perform time-sensitive tasks and real-world actions. While tool integration expands LLM capabilities, it also introduces a new prompt-injection attack surface: tool…

Cryptography and Security · Computer Science 2026-04-10 Hengkai Ye , Zhechang Zhang , Jinyuan Jia , Hong Hu

Growing applications of large language models (LLMs) trained by a third party raise serious concerns on the security vulnerability of LLMs.It has been demonstrated that malicious actors can covertly exploit these vulnerabilities in LLMs…

Cryptography and Security · Computer Science 2023-12-11 Shuli Jiang , Swanand Ravindra Kadhe , Yi Zhou , Ling Cai , Nathalie Baracaldo

Data poisoning considers an adversary that distorts the training set of machine learning algorithms for malicious purposes. In this work, we bring to light one conjecture regarding the fundamentals of data poisoning, which we call the…

Machine Learning · Computer Science 2022-10-20 Wenxiao Wang , Alexander Levine , Soheil Feizi

We present $\textbf{P}$robabilistically $\textbf{T}$ightened $\textbf{Li}$near $\textbf{R}$elaxation-based $\textbf{P}$erturbation $\textbf{A}$nalysis ($\texttt{PT-LiRPA}$), a novel framework that combines over-approximation techniques from…

Machine Learning · Computer Science 2026-01-01 Luca Marzari , Ferdinando Cicalese , Alessandro Farinelli

Retrieval-Augmented Generation (RAG) significantly enhances Large Language Models (LLMs), but simultaneously exposes a critical vulnerability to knowledge poisoning attacks. Existing attack methods like PoisonedRAG remain detectable due to…

Cryptography and Security · Computer Science 2026-04-10 Ziye Wang , Guanyu Wang , Kailong Wang

Bootstrap aggregating (bagging) is an effective ensemble protocol, which is believed can enhance robustness by its majority voting mechanism. Recent works further prove the sample-wise robustness certificates for certain forms of bagging…

Cryptography and Security · Computer Science 2022-09-07 Ruoxin Chen , Zenan Li , Jie Li , Chentao Wu , Junchi Yan

Retrieval-augmented generation (RAG) is increasingly deployed in real-world applications, where its reference-grounded design makes outputs appear trustworthy. This trust has spurred research on poisoning attacks that craft malicious…

Cryptography and Security · Computer Science 2026-02-09 Haoyang Hu , Zhejun Jiang , Yueming Lyu , Junyuan Zhang , Yi Liu , Ka-Ho Chow

Sparse or $\ell_0$ adversarial attacks arbitrarily perturb an unknown subset of the features. $\ell_0$ robustness analysis is particularly well-suited for heterogeneous (tabular) data where features have different types or scales.…

Machine Learning · Computer Science 2024-04-09 Zayd Hammoudeh , Daniel Lowd

Large language models (LLMs) have demonstrated impressive natural language processing abilities but face challenges such as hallucination and outdated knowledge. Retrieval-Augmented Generation (RAG) has emerged as a state-of-the-art…

Cryptography and Security · Computer Science 2026-01-09 Baolei Zhang , Yuxi Chen , Zhuqing Liu , Lihai Nie , Tong Li , Zheli Liu , Minghong Fang

With the proliferation of Deep Machine Learning into real-life applications, a particular property of this technology has been brought to attention: robustness Neural Networks notoriously present low robustness and can be highly sensitive…

Computation and Language · Computer Science 2022-07-14 Marco Casadio , Ekaterina Komendantskaya , Verena Rieser , Matthew L. Daggitt , Daniel Kienitz , Luca Arnaboldi , Wen Kokke

Recent studies have adopted pre-trained language models, such as CodeT5 and CodeGPT, for automated program generation tasks like code generation, repair, and translation. Numerous language model-based approaches have been proposed and…

Software Engineering · Computer Science 2024-01-09 Yue Liu , Chakkrit Tantithamthavorn , Yonghui Liu , Li Li

Generation expansion planning (GEP) is a prominent example of capacity expansion problems in operations research. Being generally NP-hard, GEP optimization models can become intractable when nonconvex dynamics, time-coupling constraints,…

Optimization and Control · Mathematics 2025-10-13 Luca Santosuosso , Bettina Klinz , Sonja Wogrin

Neural ranking models have achieved remarkable progress and are now widely deployed in real-world applications such as Retrieval-Augmented Generation (RAG). However, like other neural architectures, they remain vulnerable to adversarial…

Cryptography and Security · Computer Science 2025-12-30 Jiawei Liu , Zhuo Chen , Rui Zhu , Miaokun Chen , Yuyang Gong , Wei Lu , Xiaofeng Wang

Ensuring the reliability of machine learning-based intrusion detection systems remains a critical challenge in Internet of Things (IoT) environments, particularly as data poisoning attacks increasingly threaten the integrity of model…

Machine learning algorithms are vulnerable to poisoning attacks: An adversary can inject malicious points in the training dataset to influence the learning process and degrade the algorithm's performance. Optimal poisoning attacks have…

Machine Learning · Computer Science 2019-09-26 Luis Muñoz-González , Bjarne Pfitzner , Matteo Russo , Javier Carnerero-Cano , Emil C. Lupu

The increasing use of large language models (LLMs) trained by third parties raises significant security concerns. In particular, malicious actors can introduce backdoors through poisoning attacks to generate undesirable outputs. While such…

Cryptography and Security · Computer Science 2024-07-19 Shuli Jiang , Swanand Ravindra Kadhe , Yi Zhou , Farhan Ahmed , Ling Cai , Nathalie Baracaldo

State-of-the-art NLP models can often be fooled by human-unaware transformations such as synonymous word substitution. For security reasons, it is of critical importance to develop models with certified robustness that can provably…

Machine Learning · Computer Science 2020-06-01 Mao Ye , Chengyue Gong , Qiang Liu

Tactics, Techniques and Procedures (TTPs) represent sophisticated attack patterns in the cybersecurity domain, described encyclopedically in textual knowledge bases. Identifying TTPs in cybersecurity writing, often called TTP mapping, is an…

Machine Learning · Computer Science 2025-07-28 Tu Nguyen , Nedim Šrndić , Alexander Neth

Data poisoning causes misclassification of test time target examples by injecting maliciously crafted samples in the training data. Existing defenses are often effective only against a specific type of targeted attack, significantly degrade…

Machine Learning · Computer Science 2022-10-19 Yu Yang , Tian Yu Liu , Baharan Mirzasoleiman

Black-box adversarial attacks have demonstrated strong potential to compromise machine learning models by iteratively querying the target model or leveraging transferability from a local surrogate model. Recently, such attacks can be…

Machine Learning · Computer Science 2024-09-09 Hanbin Hong , Xinyu Zhang , Binghui Wang , Zhongjie Ba , Yuan Hong