English
Related papers

Related papers: MalTool: Malicious Tool Attacks on LLM Agents

200 papers

Tool-using LLM agents increasingly coordinate real workloads by selecting and chaining third-party tools based on text-visible metadata such as tool names, descriptions, and return messages. We show that this convenience creates a…

Computation and Language · Computer Science 2026-02-17 Yohan Lee , Jisoo Jang , Seoyeon Choi , Sangyeop Kim , Seungtaek Choi

Open source code is considered a common practice in modern software development. However, reusing other code allows bad actors to access a wide developers' community, hence the products that rely on it. Those attacks are categorized as…

Cryptography and Security · Computer Science 2022-09-19 Chen Tsfaty , Michael Fire

The NPM ecosystem has become a primary target for software supply chain attacks, yet existing detection tools are evaluated in isolation on incompatible datasets, making cross-tool comparison unreliable. We conduct a benchmark-driven…

Software Engineering · Computer Science 2026-03-31 Wenbo Guo , Zhongwen Chen , Zhengzi Xu , Chengwei Liu , Ming Kang , Shiwen Song , Chengyue Liu , Yijia Xu , Weisong Sun , Yang Liu

Tool-calling has changed Large Language Model (LLM) applications by integrating external tools, significantly enhancing their functionality across diverse tasks. However, this integration also introduces new security vulnerabilities,…

Cryptography and Security · Computer Science 2025-06-17 Haowei Wang , Rupeng Zhang , Junjie Wang , Mingyang Li , Yuekai Huang , Dandan Wang , Qing Wang

Malware authors have traditionally relied on polymorphic techniques to produce variants in the same malware family, complicating signature-based detection. Integrating generative AI into offensive toolchains enables attackers to synthesize…

Cryptography and Security · Computer Science 2026-05-07 Gabriel Hortea , Juan Tapiador

With the advent of large language models (LLMs), numerous software service providers (SSPs) are dedicated to developing LLMs customized for code generation tasks, such as CodeLlama and Copilot. However, these LLMs can be leveraged by…

Cryptography and Security · Computer Science 2025-04-22 Kaiwen Ning , Jiachi Chen , Qingyuan Zhong , Tao Zhang , Yanlin Wang , Wei Li , Jingwen Zhang , Jianxing Yu , Yuming Feng , Weizhe Zhang , Zibin Zheng

Malicious package detection has become a critical task in ensuring the security and stability of the PyPI. Existing detection approaches have focused on advancing model selection, evolving from traditional machine learning (ML) models to…

Cryptography and Security · Computer Science 2025-06-18 Xingan Gao , Xiaobing Sun , Sicong Cao , Kaifeng Huang , Di Wu , Xiaolei Liu , Xingwei Lin , Yang Xiang

Spurred by the recent rapid increase in the development and distribution of large language models (LLMs) across industry and academia, much recent work has drawn attention to safety- and security-related threats and vulnerabilities of LLMs,…

Computation and Language · Computer Science 2023-08-25 Maximilian Mozes , Xuanli He , Bennett Kleinberg , Lewis D. Griffin

Driven by the rapid development of Large Language Models (LLMs), LLM-based agents have been developed to handle various real-world applications, including finance, healthcare, and shopping, etc. It is crucial to ensure the reliability and…

Cryptography and Security · Computer Science 2024-10-30 Wenkai Yang , Xiaohan Bi , Yankai Lin , Sishuo Chen , Jie Zhou , Xu Sun

Today's security tools predominantly rely on predefined rules crafted by experts, making them poorly adapted to the emergence of software supply chain attacks. To tackle this limitation, we propose a novel tool, RuleLLM, which leverages…

Software Engineering · Computer Science 2025-04-25 XiangRui Zhang , HaoYu Chen , Yongzhong He , Wenjia Niu , Qiang Li

The proliferation of pre-trained models (PTMs) and datasets has led to the emergence of centralized model hubs like Hugging Face, which facilitate collaborative development and reuse. However, recent security reports have uncovered…

Cryptography and Security · Computer Science 2024-09-17 Jian Zhao , Shenao Wang , Yanjie Zhao , Xinyi Hou , Kailong Wang , Peiming Gao , Yuanchao Zhang , Chen Wei , Haoyu Wang

The Large Language Models (LLMs) are poised to offer efficient and intelligent services for future mobile communication networks, owing to their exceptional capabilities in language comprehension and generation. However, the extremely high…

Cryptography and Security · Computer Science 2023-09-07 Haomiao Yang , Kunlan Xiang , Mengyu Ge , Hongwei Li , Rongxing Lu , Shui Yu

Large language models (LLMs) have democratized software development, reducing the expertise barrier for programming complex applications. This accessibility extends to malicious software development, raising significant security concerns.…

Cryptography and Security · Computer Science 2025-07-04 Lu Yan , Zhuo Zhang , Xiangzhe Xu , Shengwei An , Guangyu Shen , Zhou Xuan , Xuan Chen , Xiangyu Zhang

Large Language Models are expanding beyond being a tool humans use and into independent agents that can observe an environment, reason about solutions to problems, make changes that impact those environments, and understand how their…

Cryptography and Security · Computer Science 2026-02-17 Tailia Malloy , Tegawende F. Bissyande

Large language model (LLM) agents have demonstrated remarkable capabilities in complex reasoning and decision-making by leveraging external tools. However, this tool-centric paradigm introduces a previously underexplored attack surface,…

Artificial Intelligence · Computer Science 2026-01-08 Kanghua Mo , Li Hu , Yucheng Long , Zhihao Li

Instruction-tuned Large Language Models designed for coding tasks are increasingly employed as AI coding assistants. However, the cybersecurity vulnerabilities and implications arising from the widespread integration of these models are not…

Cryptography and Security · Computer Science 2025-03-10 Md Imran Hossen , Sai Venkatesh Chilukoti , Liqun Shan , Sheng Chen , Yinzhi Cao , Xiali Hei

Large language models (LLMs) have demonstrated remarkable potential with code generation/completion tasks for hardware design. In fact, LLM-based hardware description language (HDL) code generation has enabled the industry to realize…

Cryptography and Security · Computer Science 2024-12-16 Lakshmi Likhitha Mankali , Jitendra Bhandari , Manaar Alam , Ramesh Karri , Michail Maniatakos , Ozgur Sinanoglu , Johann Knechtel

With the increasingly rapid development of new malicious computer software by bad faith actors, both commercial and research-oriented antivirus detectors have come to make greater use of machine learning tactics to identify such malware as…

Cryptography and Security · Computer Science 2021-12-07 Hamish Spencer , Wei Wang , Ruoxi Sun , Minhui Xue

Large Language Models (LLMs) have emerged as powerful tools for automating programming tasks, including security-related ones. However, they can also introduce vulnerabilities during code generation, fail to detect existing vulnerabilities,…

Cryptography and Security · Computer Science 2026-03-18 Enna Basic , Alberto Giaretta

Tool-augmented Large Language Model (LLM) agents have demonstrated impressive capabilities in automating complex, multi-step real-world tasks, yet remain vulnerable to indirect prompt injection. Adversaries exploit this weakness by…

Cryptography and Security · Computer Science 2026-05-12 Wei Zhao , Zhe Li , Peixin Zhang , Jun Sun