English
Related papers

Related papers: How Adversarial Environments Mislead Agentic AI?

200 papers

As researchers continue to optimize AI agents for more effective task execution within operating systems, they often overlook a critical security concern: the ability of these agents to detect "impostors" within their environment. Through…

Computation and Language · Computer Science 2025-08-07 Yurun Chen , Xavier Hu , Keting Yin , Juncheng Li , Shengyu Zhang

Recent AI systems combine large language models with tools, external knowledge via retrieval-augmented generation (RAG), and even autonomous multi-agent decision loops. This agentic AI paradigm greatly expands capabilities - but also vastly…

Cryptography and Security · Computer Science 2026-03-25 Ali Dehghantanha , Sajad Homayoun

While finetuning AI agents on interaction data -- such as web browsing or tool use -- improves their capabilities, it also introduces critical security vulnerabilities within the agentic AI supply chain. We show that adversaries can…

Agentic AI systems, specifically LLM-driven agents that plan, invoke tools, maintain persistent memory, and delegate tasks to peer agents via protocols such as MCP and A2A, introduce a threat surface that differs materially from standalone…

Cryptography and Security · Computer Science 2026-05-08 Javad Forough , Marios Kogias , Hamed Haddadi

Most adversarial threats in artificial intelligence (AI) target the computational behavior of models rather than the humans who rely on them. Yet modern AI systems increasingly operate within human decision loops, where users interpret and…

Artificial Intelligence · Computer Science 2026-05-18 Shutong Fan , Lan Zhang , Xiaoyong Yuan

Vision-Language Models (VLMs) are increasingly deployed as autonomous agents to navigate mobile graphical user interfaces (GUIs). Operating in dynamic on-device ecosystems, which include notifications, pop-ups, and inter-app interactions,…

Cryptography and Security · Computer Science 2026-03-06 Chiyu Chen , Xinhao Song , Yunkai Chai , Yang Yao , Haodong Zhao , Lijun Li , Jie Li , Yan Teng , Gongshen Liu , Yingchun Wang

We present CAIA, a benchmark exposing a critical blind spot in AI evaluation: the inability of state-of-the-art models to operate in adversarial, high-stakes environments where misinformation is weaponized and errors are irreversible. While…

Artificial Intelligence · Computer Science 2026-01-21 Zeshi Dai , Zimo Peng , Zerui Cheng , Ryan Yihe Li

The April 2026 disclosure that a frontier large language model escaped its security sandbox, executed unauthorized actions, and concealed its modifications to version control history demonstrates that agentic AI systems with autonomous tool…

Cryptography and Security · Computer Science 2026-04-28 Richard Joseph Mitchell

Large language model agents increasingly operate through environment-facing scaffolds that expose files, web pages, APIs, and logs. These observations influence tool use, state tracking, and action sequencing, yet their reliability and…

Artificial Intelligence · Computer Science 2026-05-13 Strick Sheng , Ziyue Wang , Liyi Zhou

As language models (LMs) are used to build autonomous agents in real environments, ensuring their adversarial robustness becomes a critical challenge. Unlike chatbots, agents are compound systems with multiple components taking actions,…

Machine Learning · Computer Science 2025-02-06 Chen Henry Wu , Rishi Shah , Jing Yu Koh , Ruslan Salakhutdinov , Daniel Fried , Aditi Raghunathan

AI agents that autonomously interact with external tools and environments have shown great promise across real-world applications. However, their reliance on external data exposes them to serious indirect prompt injection attacks, where…

Cryptography and Security · Computer Science 2026-05-08 Hao Li , Ruoyao Wen , Shanghao Shi , Ning Zhang , Yevgeniy Vorobeychik , Chaowei Xiao

Graphical User Interface (GUI) agents are increasingly deployed to interact with online web services, yet their exposure to open-world content renders them vulnerable to Environmental Injection Attacks (EIAs). In these attacks, an attacker…

Cryptography and Security · Computer Science 2026-02-03 Yitong Zhang , Ximo Li , Liyi Cai , Jia Li

Web-based agents powered by large language models are increasingly used for tasks such as email management or professional networking. Their reliance on dynamic web content, however, makes them vulnerable to prompt injection attacks:…

Language agents increasingly act as web-enabled systems that search, browse, and synthesize information from diverse sources. However, these sources can include unreliable or adversarial content, and the robustness of agents to adversarial…

Artificial Intelligence · Computer Science 2026-03-03 Shrey Shah , Levent Ozgur

Evolving AI systems increasingly deploy multi-agent architectures where autonomous agents collaborate, share information, and delegate tasks through developing protocols. This connectivity, while powerful, introduces novel security risks.…

Cryptography and Security · Computer Science 2025-07-30 Gauri Sharma , Vidhi Kulkarni , Miles King , Ken Huang

As AI systems gain increasing autonomy and execution capability, the number of discovered security vulnerabilities continues to rise. However, many of these vulnerabilities are not fundamentally novel, but instead reflect recurring classes…

Cryptography and Security · Computer Science 2026-05-27 Kevin Eykholt , Dhilung Kirat , Xiaokui Shu , Jiyong Jang , Frederico Araujo , Ian Molloy

The rapid deployment of open-source frameworks has significantly advanced the development of modern multi-agent systems. However, expanded action spaces, including uncontrolled privilege exposure and hidden inter-system interactions, pose…

Computation and Language · Computer Science 2026-04-07 Wenhui Zhu , Xuanzhao Dong , Xiwen Chen , Rui Cai , Peijie Qiu , Zhipeng Wang , Oana Frunza , Shao Tang , Jindong Gu , Yalin Wang

Agentic frameworks are the software layer through which AI agents act in the world. Existing safety methods intervene on the model and therefore remain conditional on unverifiable properties of learned behavior. We introduce containment…

Artificial Intelligence · Computer Science 2026-05-12 Royce Moon , Lav R. Varshney

Modern AI agents execute real-world side effects through tool calls such as file operations, shell commands, HTTP requests, and database queries. A single unsafe action, including accidental deletion, credential exposure, or data…

Artificial Intelligence · Computer Science 2026-05-07 Chenglin Yang

AI agents are vulnerable to indirect prompt injection attacks, where malicious instructions embedded in external content or tool outputs cause unintended or harmful behavior. Inspired by the well-established concept of firewalls, we show…

Cryptography and Security · Computer Science 2026-03-24 Rishika Bhagwatkar , Kevin Kasa , Abhay Puri , Gabriel Huang , Irina Rish , Graham W. Taylor , Krishnamurthy Dj Dvijotham , Alexandre Lacoste
‹ Prev 1 2 3 10 Next ›