English
Related papers

Related papers: When Benchmarks Lie: Evaluating Malicious Prompt C…

200 papers

Multiple prompt injection attacks have been proposed against web agents. At the same time, various methods have been developed to detect general prompt injection attacks, but none have been systematically evaluated for web agents. In this…

Cryptography and Security · Computer Science 2025-10-03 Yinuo Liu , Ruohan Xu , Xilong Wang , Yuqi Jia , Neil Zhenqiang Gong

Prompt injection and jailbreaking attacks pose persistent security challenges to large language model (LLM)-based systems. We present PromptScreen, an efficient and systematically evaluated defense architecture that mitigates these threats…

Cryptography and Security · Computer Science 2026-01-12 Akshaj Prashanth Rao , Advait Singh , Saumya Kumaar Saksena , Dhruv Kumar

Code-capable large language model (LLM) agents are increasingly embedded into software engineering workflows where they can read, write, and execute code, raising the stakes of safety-bypass ("jailbreak") attacks beyond text-only settings.…

Cryptography and Security · Computer Science 2025-10-03 Shoumik Saha , Jifan Chen , Sam Mayers , Sanjay Krishna Gouda , Zijian Wang , Varun Kumar

Large language models (LLMs) have gained widespread adoption across diverse applications due to their impressive generative capabilities. Their plug-and-play nature enables both developers and end users to interact with these models through…

Cryptography and Security · Computer Science 2025-10-21 Zongze Li , Jiawei Guo , Haipeng Cai

Jailbreak attacks are crucial for identifying and mitigating the security vulnerabilities of Large Language Models (LLMs). They are designed to bypass safeguards and elicit prohibited outputs. However, due to significant differences among…

Application designers have moved to integrate large language models (LLMs) into their products. However, many LLM-integrated applications are vulnerable to prompt injections. While attempts have been made to address this problem by building…

Cryptography and Security · Computer Science 2025-04-15 Dennis Jacob , Hend Alzahrani , Zhanhao Hu , Basel Alomair , David Wagner

Large language models (LLMs) and their applications, such as agents, are highly vulnerable to prompt injection attacks. State-of-the-art prompt injection detection methods have the following limitations: (1) their effectiveness degrades…

Cryptography and Security · Computer Science 2026-04-02 Yanting Wang , Wei Zou , Runpeng Geng , Jinyuan Jia

As deep learning advances, Large Language Models (LLMs) and their multimodal counterparts, Multimodal Large Language Models (MLLMs), have shown exceptional performance in many real-world tasks. However, MLLMs face significant security…

Cryptography and Security · Computer Science 2024-10-23 Fenghua Weng , Yue Xu , Chengyan Fu , Wenjie Wang

Large Language Models face security threats from jailbreak attacks. Existing research has predominantly focused on prompt-level attacks while largely ignoring the underexplored attack surface of user-controlled response prefilling. This…

Cryptography and Security · Computer Science 2025-08-27 Yakai Li , Jiekang Hu , Weiduan Sang , Luping Ma , Dongsheng Nie , Weijuan Zhang , Aimin Yu , Yi Su , Qingjia Huang , Qihang Zhou

While automated vulnerability detection techniques have made promising progress in detecting security vulnerabilities, their scalability and applicability remain challenging. The remarkable performance of Large Language Models (LLMs), such…

Cryptography and Security · Computer Science 2024-10-24 Avishree Khare , Saikat Dutta , Ziyang Li , Alaia Solko-Breslin , Rajeev Alur , Mayur Naik

Detecting jailbreak attempts in clinical training large language models (LLMs) requires accurate modeling of linguistic deviations that signal unsafe or off-task user behavior. Prior work on the 2-Sigma clinical simulation platform showed…

Artificial Intelligence · Computer Science 2026-02-17 Tri Nguyen , Huy Hoang Bao Le , Lohith Srikanth Pentapalli , Laurah Turner , Kelly Cohen

High-privilege LLM agents that autonomously process external documentation are increasingly trusted to automate tasks by reading and executing project instructions, yet they are granted terminal access, filesystem control, and outbound…

Cryptography and Security · Computer Science 2026-03-13 Ching-Yu Kao , Xinfeng Li , Shenyu Dai , Tianze Qiu , Pengcheng Zhou , Eric Hanchen Jiang , Philip Sperl

Jailbreaking in Large Language Models (LLMs) threatens their safe use in sensitive domains like education by allowing users to bypass ethical safeguards. This study focuses on detecting jailbreaks in 2-Sigma, a clinical education platform…

Large language models remain vulnerable to jailbreak attacks, yet we still lack a systematic understanding of how jailbreak success scales with attacker effort across methods, model families, and harm types. We initiate a scaling-law…

Machine Learning · Computer Science 2026-03-20 Xiangwen Wang , Ananth Balashankar , Varun Chandrasekaran

How should we evaluate the robustness of language model defenses? Current defenses against jailbreaks and prompt injections (which aim to prevent an attacker from eliciting harmful knowledge or remotely triggering malicious actions,…

LLM-integrated applications and agents are vulnerable to prompt injection attacks, where adversaries embed malicious instructions within seemingly benign input data to manipulate the LLM's intended behavior. Recent defenses based on…

Cryptography and Security · Computer Science 2025-12-09 Sarthak Choudhary , Divyam Anshumaan , Nils Palumbo , Somesh Jha

Large Language Models (LLMs) have revolutionized various domains but remain vulnerable to prompt injection attacks, where malicious inputs manipulate the model into ignoring original instructions and executing designated action. In this…

Cryptography and Security · Computer Science 2025-04-24 Kuo-Han Hung , Ching-Yun Ko , Ambrish Rawat , I-Hsin Chung , Winston H. Hsu , Pin-Yu Chen

The misuse of large language models (LLMs) has drawn significant attention from the general public and LLM vendors. One particular type of adversarial prompt, known as jailbreak prompt, has emerged as the main attack vector to bypass the…

Cryptography and Security · Computer Science 2024-05-16 Xinyue Shen , Zeyuan Chen , Michael Backes , Yun Shen , Yang Zhang

The increasing adoption of LLM agents with access to numerous tools and sensitive data significantly widens the attack surface for indirect prompt injections. Due to the context-dependent nature of attacks, however, current defenses are…

Cryptography and Security · Computer Science 2025-10-13 Debeshee Das , Luca Beurer-Kellner , Marc Fischer , Maximilian Baader

Leave-one-out (LOO) prediction provides a principled, data-dependent measure of generalization, yet guarantees in fully transductive settings remain poorly understood beyond specialized models. We introduce Median of Level-Set Aggregation…

Machine Learning · Computer Science 2026-03-03 Jian Qian , Jiachen Xu