English
Related papers

Related papers: Position: AI Security Policy Should Target Systems…

200 papers

Frontier AI developers are relying on layers of safeguards to protect against catastrophic misuse of AI systems. Anthropic and OpenAI guard their latest Opus 4 model and GPT-5 models using such defense pipelines, and other frontier…

Computation and Language · Computer Science 2026-02-06 Ian R. McKenzie , Oskar J. Hollinsworth , Tom Tseng , Xander Davies , Stephen Casper , Aaron D. Tucker , Robert Kirk , Adam Gleave

Recent studies demonstrate that Large Language Models (LLMs) are vulnerable to different prompt-based attacks, generating harmful content or sensitive information. Both closed-source and open-source LLMs are underinvestigated for these…

Cryptography and Security · Computer Science 2025-05-21 Jiawen Wang , Pritha Gupta , Ivan Habernal , Eyke Hüllermeier

Vulnerability of Frontier language models to misuse and jailbreaks has prompted the development of safety measures like filters and alignment training in an effort to ensure safety through robustness to adversarially crafted prompts. We…

Cryptography and Security · Computer Science 2024-10-31 David Glukhov , Ziwen Han , Ilia Shumailov , Vardan Papyan , Nicolas Papernot

Large language models remain vulnerable to jailbreak attacks, yet we still lack a systematic understanding of how jailbreak success scales with attacker effort across methods, model families, and harm types. We initiate a scaling-law…

Machine Learning · Computer Science 2026-03-20 Xiangwen Wang , Ananth Balashankar , Varun Chandrasekaran

Large Language Models (LLMs) are rapidly transitioning from conversational assistants to autonomous agents embedded in critical organizational functions, including Security Operations Centers (SOCs), financial systems, and infrastructure…

Cryptography and Security · Computer Science 2026-01-06 Giuseppe Canale , Kashyap Thimmaraju

Sufficiently capable models could subvert human oversight and decision-making in important contexts. For example, in the context of AI development, models could covertly sabotage efforts to evaluate their own dangerous capabilities, to…

We introduce a reusable framework for auditing whether LLM attack benchmarks collectively cover the threat surface: a 4$\times$6 Target $\times$ Technique matrix grounded in STRIDE, constructed from a 507-leaf taxonomy -- 401 data-populated…

Cryptography and Security · Computer Science 2026-05-15 Karthik Raghu Iyer , Yazdan Jamshidi , Nicholas Bray , Alexey A. Shvets

Autonomous AI agents are being deployed with filesystem access, email control, and multi-step planning. This thesis contributes to four open problems in AI safety: understanding dangerous internal computations, removing dangerous behaviors…

Machine Learning · Computer Science 2026-04-02 Aengus Lynch

AI-assisted code review is widely used to detect vulnerabilities before production release. Prior work shows that adversarial prompt manipulation can degrade large language model (LLM) performance in code generation. We test whether similar…

Cryptography and Security · Computer Science 2026-02-20 Scott Thornton

Backdoor attacks are a significant threat to large language models (LLMs), often embedded via public checkpoints, yet existing defenses rely on impractical assumptions about trigger settings. To address this challenge, we propose…

Computation and Language · Computer Science 2026-05-14 Liang Lin , Miao Yu , Moayad Aloqaily , Zhenhong Zhou , Kun Wang , Linsey Pang , Prakhar Mehrotra , Qingsong Wen

The democratization of pre-trained language models through open-source initiatives has rapidly advanced innovation and expanded access to cutting-edge technologies. However, this openness also brings significant security risks, including…

Computation and Language · Computer Science 2024-06-04 Ansh Arora , Xuanli He , Maximilian Mozes , Srinibas Swain , Mark Dras , Qiongkai Xu

Trustworthy evaluations of dangerous capabilities are increasingly crucial for determining whether an AI system is safe to deploy. One empirically demonstrated threat is sandbagging - the strategic underperformance on evaluations by AI…

Cryptography and Security · Computer Science 2025-11-03 Chloe Li , Mary Phuong , Noah Y. Siegel

Large language models trained for safety and harmlessness remain susceptible to adversarial misuse, as evidenced by the prevalence of "jailbreak" attacks on early releases of ChatGPT that elicit undesired behavior. Going beyond recognition…

Machine Learning · Computer Science 2023-07-06 Alexander Wei , Nika Haghtalab , Jacob Steinhardt

Exploitation is not a binary event. It is a ladder of acquiring progressive capabilities, from executing a single buggy line of code to taking full control of the target. However, existing LLM security benchmarks treat a crash as…

Cryptography and Security · Computer Science 2026-05-15 Seunghyun Lee , David Brumley

With the boom of Large Language Models (LLMs), the research of solving Math Word Problem (MWP) has recently made great progress. However, there are few studies to examine the security of LLMs in math solving ability. Instead of attacking…

Computation and Language · Computer Science 2023-09-06 Zihao Zhou , Qiufeng Wang , Mingyu Jin , Jie Yao , Jianan Ye , Wei Liu , Wei Wang , Xiaowei Huang , Kaizhu Huang

Source Code Model learn the proper embeddings from source codes, demonstrating significant success in various software engineering or security tasks. The recent explosive development of LLM extends the family of SCMs,bringing LLMs for code…

Software Engineering · Computer Science 2025-11-12 Weiye Li , Wenyi Tang

LLM-assisted defect discovery has a precision crisis: plausible-but-wrong reports overwhelm maintainers and degrade credibility for real findings. We present Refute-or-Promote, an inference-time reliability pattern combining Stratified…

Cryptography and Security · Computer Science 2026-04-22 Abhinav Agarwal

Safety mechanisms in LLMs remain vulnerable to attacks that reframe harmful requests through culturally coded structures. We introduce Adversarial Tales, a jailbreak technique that embeds harmful content within cyberpunk narratives and…

Large Language Models (LLMs) exhibit impressive capabilities, but remain susceptible to a growing spectrum of safety risks, including jailbreaks, toxic content, hallucinations, and bias. Existing defenses often address only a single threat…

Computation and Language · Computer Science 2025-11-18 Md Rafi Ur Rashid , Vishnu Asutosh Dasu , Ye Wang , Gang Tan , Shagufta Mehnaz

Persistent memory attacks against LLM agents achieve high attack success rates against open-source models. In these attacks, malicious instructions injected via RAG-retrieved documents are stored in persistent memory and executed in later…

Cryptography and Security · Computer Science 2026-05-12 Jun Wen Leong