English
Related papers

Related papers: Stateful Agent Backdoor

200 papers

Large language models (LLMs) have demonstrated superior performance compared to previous methods on various tasks, and often serve as the foundation models for many researches and services. However, the untrustworthy third-party LLMs may…

Cryptography and Security · Computer Science 2024-04-02 Hai Huang , Zhengyu Zhao , Michael Backes , Yun Shen , Yang Zhang

Recent work explores agentic inference-time techniques to perform structured, multi-step reasoning. However, stateless inference often struggles on multi-step tasks due to the absence of persistent state. Moreover, task-specific fine-tuning…

Machine Learning · Computer Science 2025-10-09 Arshika Lalan , Rajat Ghosh , Aditya Kolsur , Debojyoti Dutta

Research on large language model (LLM) security is shifting from "will the model leak training data" to a more consequential question: can an agent with persistent, long-term memory be continuously shaped, cross-session poisoned, accessed…

Cryptography and Security · Computer Science 2026-04-21 Zehao Lin , Chunyu Li , Kai Chen

Large Language Models (LLMs) can acquire deceptive behaviors through backdoor attacks, where the model executes prohibited actions whenever secret triggers appear in the input. Existing safety training methods largely fail to address this…

Cryptography and Security · Computer Science 2025-10-08 Guangyu Shen , Siyuan Cheng , Xiangzhe Xu , Yuan Zhou , Hanxi Guo , Zhuo Zhang , Xiangyu Zhang

Agentic AI systems introduce a security surface that is qualitatively different from that of stateless LLMs. They persist memory, invoke external tools, coordinate with peer agents, and operate across sessions, allowing attacks to emerge…

Cryptography and Security · Computer Science 2026-05-07 Kexin Chu

Most discussions about Large Language Model (LLM) safety have focused on single-agent settings but multi-agent LLM systems now create novel adversarial risks because their behavior depends on communication between agents and decentralized…

Multiagent Systems · Computer Science 2025-10-10 Rana Muhammad Shahroz Khan , Zhen Tan , Sukwon Yun , Charles Fleming , Tianlong Chen

Humans are capable of strategically deceptive behavior: behaving helpfully in most situations, but then behaving very differently in order to pursue alternative objectives when given the opportunity. If an AI system learned such a deceptive…

A new generation of language models reasons entirely in continuous hidden states, producing no tokens and leaving no audit trail. We show that this silence creates a fundamentally new attack surface. ThoughtSteer perturbs a single embedding…

Machine Learning · Computer Science 2026-04-02 Swapnil Parekh

Modern language models remain vulnerable to backdoor attacks via poisoned data, where training inputs containing a trigger are paired with a target output, causing the model to reproduce that behavior whenever the trigger appears at…

Cryptography and Security · Computer Science 2026-01-06 Eric Xue , Ruiyi Zhang , Pengtao Xie

Backdoor attacks pose a significant threat to neural networks, enabling adversaries to manipulate model outputs on specific inputs, often with devastating consequences, especially in critical applications. While backdoor attacks have been…

Machine Learning · Computer Science 2025-07-30 Zhen Guo , Abhinav Kumar , Reza Tourani

Tool-use large language model (LLM) agents are increasingly deployed to support sensitive workflows, relying on tool calls for retrieval, external API access, and session memory management. While prior research has examined various threats,…

Cryptography and Security · Computer Science 2026-04-08 Wuyang Zhang , Shichao Pei

Large language models (LLMs) have demonstrated impressive results on natural language tasks, and security researchers are beginning to employ them in both offensive and defensive systems. In cyber-security, there have been multiple research…

Cryptography and Security · Computer Science 2024-03-05 Jiacen Xu , Jack W. Stokes , Geoff McDonald , Xuesong Bai , David Marshall , Siyue Wang , Adith Swaminathan , Zhou Li

Backdoor attacks pose a serious security threat to large language models (LLMs), which are increasingly deployed as general-purpose assistants in safety- and privacy-critical applications. Existing LLM backdoors rely primarily on…

Cryptography and Security · Computer Science 2026-05-15 Rui Wen , Mark Russinovich , Andrew Paverd , Jun Sakuma , Ahmed Salem

Self-evolving LLM agents update their internal state across sessions, often by writing and reusing long-term memory. This design improves performance on long-horizon tasks but creates a security risk: untrusted external content observed…

Cryptography and Security · Computer Science 2026-03-06 Xianglin Yang , Yufei He , Shuo Ji , Bryan Hooi , Jin Song Dong

We present a theoretical study of continual and experiential learning in large language model agents that combine episodic memory with reinforcement learning. We argue that the key mechanism for continual adaptation, without updating model…

Artificial Intelligence · Computer Science 2026-01-30 Jun Wang

Driven by the rapid development of Large Language Models (LLMs), LLM-based agents have been developed to handle various real-world applications, including finance, healthcare, and shopping, etc. It is crucial to ensure the reliability and…

Cryptography and Security · Computer Science 2024-10-30 Wenkai Yang , Xiaohan Bi , Yankai Lin , Sishuo Chen , Jie Zhou , Xu Sun

Backdoor attacks are a kind of insidious security threat against machine learning models. After being injected with a backdoor in training, the victim model will produce adversary-specified outputs on the inputs embedded with predesigned…

Computation and Language · Computer Science 2021-06-04 Fanchao Qi , Mukai Li , Yangyi Chen , Zhengyan Zhang , Zhiyuan Liu , Yasheng Wang , Maosong Sun

Agentic AI will be an essential enabling technology for designing future mobile communication systems, which could provide flexible and customized services, automate complex network operations, and drive autonomous decision-making across…

Networking and Internet Architecture · Computer Science 2026-05-05 Purna Sai Garigipati , Onur Ayan , Kishor Chandra Joshi , Xueli An

Backdoor attacks pose an important security threat to textual large language models. Exploring textual backdoor attacks not only helps reveal the potential security risks of models, but also promotes innovation and development of defense…

Cryptography and Security · Computer Science 2025-07-21 Yang Hou , Qiuling Yue , Lujia Chai , Guozhao Liao , Wenbao Han , Wei Ou

As autonomous agents (e.g., OpenClaw) increasingly operate with deep system-level privileges to execute complex tasks, they introduce severe, unmitigated security risks. Current vulnerability analyses overwhelmingly focus on single-turn,…

Cryptography and Security · Computer Science 2026-05-22 Jianan Ma , Xiaohu Du , Ruixiao Lin , Yaoxiang Bian , Jialuo Chen , Jingyi Wang , Xiaofang Yang , Shiwen Cui , Changhua Meng , Xinhao Deng , Zhen Wang