Search papers, labs, and topics across Lattice.
Yige Liu, Yiwei Lou, Che Wang, Yongzhi Cao, and Hanpin Wang are with the Key Laboratory of High Confidence Software Technologies (Peking University), Ministry of Education; School of Computer Science, Peking University, Beijing, China. (e-mail: yige.liu@stu.pku.edu.cn; cyfqylyw@gmail.com; wangche02@gmail.com; caoyz@pku.edu.cn; whpxhy@pku.edu.cn)Yongzhi Cao is also with the Zhongguancun Laboratory, Beijing, China.Corresponding author: Yongzhi Cao
3
0
3
1
Trigger-based defenses offer a false sense of security in federated learning, as this new attack shows backdoors can be implanted without any explicit triggers, achieving 2-50x better performance than trigger-based attacks.
LLM agents can now defend against indirect prompt injection attacks without sacrificing task performance, thanks to a new method that surgically manipulates attention based on latent space analysis.
Agentic LLMs are far more vulnerable to indirect prompt injection attacks than previously thought: AdapTools achieves over 2x improvement in attack success while significantly degrading system utility, even against strong defenses.
