Search Results for author:
Found 31 papers, 15 papers with code
Co-PatcheR: Collaborative Software Patching with Component(s)-specific Small Reasoning Models
Motivated by the collaborative nature, we propose Co-PatcheR, the first collaborative patching system with small and specialized reasoning models for individual components.
AgentVigil: Generic Black-Box Red-teaming for Indirect Prompt Injection against LLM Agents
The strong planning and reasoning capabilities of Large Language Models (LLMs) have fostered the development of agent-based systems capable of leveraging external tools and interacting with increasingly complex environments.
Progent: Programmable Privilege Control for LLM Agents
At its core is a domain-specific language for flexibly expressing privilege control policies applied during agent execution.
Frontier AI's Impact on the Cybersecurity Landscape
As frontier AI advances rapidly, understanding its impact on cybersecurity and inherent risks is essential to ensuring safe AI evolution (e. g., guiding risk mitigation and informing policymakers).
3CAD: A Large-Scale Real-World 3C Product Dataset for Unsupervised Anomaly
The key features of 3CAD are that it covers anomalous regions of different sizes, multiple anomaly types, and the possibility of multiple anomalous regions and multiple anomaly types per anomaly image.
MELON: Provable Defense Against Indirect Prompt Injection Attacks in AI Agents
Recent research has explored that LLM agents are vulnerable to indirect prompt injection (IPI) attacks, where malicious tasks embedded in tool-retrieved information can redirect the agent to take unauthorized actions.
PatchPilot: A Cost-Efficient Software Engineering Agent with Early Attempts on Formal Verification
Based on how to determine the patching workflows, existing patching agents can be categorized as agent-based planning methods, which rely on LLMs for planning, and rule-based planning methods, which follow a pre-defined workflow.
Data Free Backdoor Attacks
Existing backdoor attacks require either retraining the classifier with some clean data or modifying the model's architecture.
PrivAgent: Agentic-based Red-teaming for LLM Privacy Leakage
We also show PrivAgent's effectiveness in extracting training data from an open-source LLM with a success rate of 5. 9%.
SecCodePLT: A Unified Platform for Evaluating the Security of Code GenAI
Our methodology ensures the data quality while enabling large-scale generation.
BlockFound: Customized blockchain foundation model for anomaly detection
We propose BlockFound, a customized foundation model for anomaly blockchain transaction detection.
F-Fidelity: A Robust Framework for Faithfulness Evaluation of Explainable AI
This approach although efficient suffers the Out-of-Distribution (OOD) problem as the perturbed samples may no longer follow the original data distribution.
Enhancing Jailbreak Attack Against Large Language Models through Silent Tokens
Attackers carefully craft jailbreaking prompts such that a target LLM will respond to the harmful question.
TextGuard: Provable Defense against Backdoor Attacks on Text Classification
In this work, we propose TextGuard, the first provable defense against backdoor attacks on text classification.
netFound: Foundation Model for Network Security
This lack of progress can be attributed to an overreliance on supervised learning techniques and the associated challenges of curating well-specified labeled training data.
In Search of netUnicorn: A Data-Collection Platform to Develop Generalizable ML Models for Network Security Problems
This issue is commonly referred to as the generalizability problem of ML models.
Unique Identification of 50,000+ Virtual Reality Users from Head & Hand Motion Data
With the recent explosive growth of interest and investment in virtual reality (VR) and the so-called "metaverse," public attention has rightly shifted toward the unique security and privacy threats that these platforms may pose.
Are Shortest Rationales the Best Explanations for Human Understanding?
Existing self-explaining models typically favor extracting the shortest possible rationales - snippets of an input text "responsible for" corresponding output - to explain the model prediction, with the assumption that shorter rationales are more intuitive to humans.
EDGE: Explaining Deep Reinforcement Learning Policies
With the rapid development of deep reinforcement learning (DRL) techniques, there is an increasing need to understand and interpret DRL policies.
BACKDOORL: Backdoor Attack against Competitive Reinforcement Learning
Recent research has confirmed the feasibility of backdoor attacks in deep reinforcement learning (RL) systems.
Decoy-enhanced Saliency Maps
Saliency methods can make deep neural network predictions more interpretable by identifying a set of critical features in an input sample, such as pixels that contribute most strongly to a prediction made by an image classifier.
DANCE: Enhancing saliency maps using decoys
Saliency methods can make deep neural network predictions more interpretable by identifying a set of critical features in an input sample, such as pixels that contribute most strongly to a prediction made by an image classifier.
Robust saliency maps with distribution-preserving decoys
In this work, we propose a data-driven technique that uses the distribution-preserving decoys to infer robust saliency scores in conjunction with a pre-trained convolutional neural network classifier and any off-the-shelf saliency method.
TABOR: A Highly Accurate Approach to Inspecting and Restoring Trojan Backdoors in AI Systems
As such, given a deep neural network model and clean input samples, it is very challenging to inspect and determine the existence of a trojan backdoor.
Explaining Deep Learning Models -- A Bayesian Non-parametric Approach
The empirical results indicate that our proposed approach not only outperforms the state-of-the-art techniques in explaining individual decisions but also provides users with an ability to discover the vulnerabilities of the target ML models.
Explaining Deep Learning Models - A Bayesian Non-parametric Approach
The empirical results indicate that our proposed approach not only outperforms the state-of-the-art techniques in explaining individual decisions but also provides users with an ability to discover the vulnerabilities of the target ML models.
Lemna: Explaining deep learning based security applications
The local interpretable modelis specially designed to (1) handle feature dependency to betterwork with security applications (e. g., binary code analysis); and(2) handle nonlinear local boundaries to boost explanation delity. We evaluate our system using two popular deep learning applica-tions in security (a malware classier, and a function start detectorfor binary reverse-engineering).
Towards Interrogating Discriminative Machine Learning Models
Our results indicate that the proposed approach not only outperforms the state-of-the-art technique in explaining individual decisions but also provides users with an ability to discover the vulnerabilities of a learning model.
Learning Adversary-Resistant Deep Neural Networks
Despite the superior performance of DNNs in these applications, it has been recently shown that these models are susceptible to a particular type of attack that exploits a fundamental flaw in their design.
Using Non-invertible Data Transformations to Build Adversarial-Robust Neural Networks
Deep neural networks have proven to be quite effective in a wide variety of machine learning tasks, ranging from improved speech recognition systems to advancing the development of autonomous vehicles.
Adversary Resistant Deep Neural Networks with an Application to Malware Detection
However, after a thorough analysis of the fundamental flaw in DNNs, we discover that the effectiveness of current defenses is limited and, more importantly, cannot provide theoretical guarantees as to their robustness against adversarial sampled-based attacks.
