y0news
AnalyticsDigestsSourcesTopicsRSSAICrypto

#adversarial-attacks News & Analysis

147 articles tagged with #adversarial-attacks. AI-curated summaries with sentiment analysis and key takeaways from 50+ sources.

147 articles
AIBearisharXiv – CS AI · May 17/10
🧠

From Prompt to Physical Actuation: Holistic Threat Modeling of LLM-Enabled Robotic Systems

Researchers present the first comprehensive threat modeling of LLM-enabled robotic systems, mapping three categories of attacks (cyber, adversarial, and conversational) across the perception-planning-actuation pipeline. The analysis reveals critical architectural vulnerabilities where compromised inputs or unsafe model outputs can propagate to unsafe physical actions without proper validation boundaries.

AIBearisharXiv – CS AI · Apr 207/10
🧠

When Search Goes Wrong: Red-Teaming Web-Augmented Large Language Models

Researchers introduce CREST-Search, a red-teaming framework that exposes vulnerabilities in web-augmented LLMs by crafting benign-seeming queries designed to trigger unsafe citations from the internet. The study reveals that integrating web search into language models creates new safety risks beyond traditional LLM harms, requiring specialized defensive strategies.

AIBearisharXiv – CS AI · Apr 207/10
🧠

Power to the Clients: Federated Learning in a Dictatorship Setting

Researchers identify a critical vulnerability in federated learning systems where malicious 'dictator clients' can erase other participants' contributions while preserving their own, compromising the collaborative training process. The study provides theoretical and empirical analysis of single and multiple dictator scenarios, revealing fundamental security weaknesses in decentralized machine learning architectures.

AINeutralarXiv – CS AI · Apr 157/10
🧠

LASA: Language-Agnostic Semantic Alignment at the Semantic Bottleneck for LLM Safety

Researchers have identified a critical vulnerability in large language models where safety guardrails fail across low-resource languages despite strong performance in high-resource ones. The team proposes LASA (Language-Agnostic Semantic Alignment), a new method that anchors safety protocols at the semantic bottleneck layer, dramatically reducing attack success rates from 24.7% to 2.8% on tested models.

AIBearisharXiv – CS AI · Apr 147/10
🧠

Conflicts Make Large Reasoning Models Vulnerable to Attacks

Researchers discovered that large reasoning models (LRMs) like DeepSeek R1 and Llama become significantly more vulnerable to adversarial attacks when presented with conflicting objectives or ethical dilemmas. Testing across 1,300+ prompts revealed that safety mechanisms break down when internal alignment values compete, with neural representations of safety and functionality overlapping under conflict.

🧠 Llama
AIBearisharXiv – CS AI · Apr 147/10
🧠

Beyond A Fixed Seal: Adaptive Stealing Watermark in Large Language Models

Researchers have developed Adaptive Stealing (AS), a novel watermark stealing algorithm that exploits vulnerabilities in LLM watermarking systems by dynamically selecting optimal attack strategies based on contextual token states. This advancement demonstrates that existing fixed-strategy watermark defenses are insufficient, highlighting critical security gaps in protecting proprietary LLM services and raising urgent questions about watermark robustness.

AIBearisharXiv – CS AI · Apr 147/10
🧠

On the Robustness of Watermarking for Autoregressive Image Generation

Researchers demonstrate critical vulnerabilities in watermarking techniques designed for autoregressive image generators, showing that watermarks can be removed or forged with access to only a single watermarked image and no knowledge of model secrets. These findings undermine the reliability of watermarking as a defense against synthetic content in training datasets and enable attackers to manipulate authentic images to falsely appear as AI-generated content.

AIBearisharXiv – CS AI · Apr 137/10
🧠

Re-Mask and Redirect: Exploiting Denoising Irreversibility in Diffusion Language Models

Researchers demonstrate a critical vulnerability in diffusion-based language models where safety mechanisms can be bypassed by re-masking committed refusal tokens and injecting affirmative prefixes, achieving 76-82% attack success rates without gradient optimization. The findings reveal that dLLM safety relies on a fragile architectural assumption rather than robust adversarial defenses.

AINeutralarXiv – CS AI · Apr 107/10
🧠

The Defense Trilemma: Why Prompt Injection Defense Wrappers Fail?

Researchers prove mathematically that no continuous input-preprocessing defense can simultaneously maintain utility, preserve model functionality, and guarantee safety against prompt injection attacks in language models with connected prompt spaces. The findings establish a fundamental trilemma showing that defenses must inevitably fail at some threshold inputs, with results verified in Lean 4 and validated empirically across three LLMs.

AIBearisharXiv – CS AI · Apr 107/10
🧠

Physical Adversarial Attacks on AI Surveillance Systems:Detection, Tracking, and Visible--Infrared Evasion

This research paper examines physical adversarial attacks on AI surveillance systems through a surveillance-oriented lens, emphasizing that robustness cannot be assessed from isolated image benchmarks alone. The study highlights critical gaps in current evaluation practices, including temporal persistence across frames, multi-modal sensing (visible and infrared), realistic attack carriers, and system-level objectives that must be tested under actual deployment constraints.

AIBullisharXiv – CS AI · Apr 77/10
🧠

CoopGuard: Stateful Cooperative Agents Safeguarding LLMs Against Evolving Multi-Round Attacks

Researchers have developed CoopGuard, a new defense framework that uses cooperative AI agents to protect Large Language Models from sophisticated multi-round adversarial attacks. The system employs three specialized agents coordinated by a central system that maintains defense state across interactions, achieving a 78.9% reduction in attack success rates compared to existing defenses.

AIBearisharXiv – CS AI · Apr 67/10
🧠

Understanding the Effects of Safety Unalignment on Large Language Models

Research reveals that two methods for removing safety guardrails from large language models - jailbreak-tuning and weight orthogonalization - have significantly different impacts on AI capabilities. Weight orthogonalization produces models that are far more capable of assisting with malicious activities while retaining better performance, though supervised fine-tuning can help mitigate these risks.

AIBearisharXiv – CS AI · Mar 277/10
🧠

The System Prompt Is the Attack Surface: How LLM Agent Configuration Shapes Security and Creates Exploitable Vulnerabilities

Research reveals that LLM system prompt configuration creates massive security vulnerabilities, with the same model's phishing detection rates ranging from 1% to 97% based solely on prompt design. The study PhishNChips demonstrates that more specific prompts can paradoxically weaken AI security by replacing robust multi-signal reasoning with exploitable single-signal dependencies.

AINeutralarXiv – CS AI · Mar 277/10
🧠

Beyond Content Safety: Real-Time Monitoring for Reasoning Vulnerabilities in Large Language Models

Researchers have identified a new category of AI safety called 'reasoning safety' that focuses on protecting the logical consistency and integrity of LLM reasoning processes. They developed a real-time monitoring system that can detect unsafe reasoning behaviors with over 84% accuracy, addressing vulnerabilities beyond traditional content safety measures.

AIBearisharXiv – CS AI · Mar 277/10
🧠

PIDP-Attack: Combining Prompt Injection with Database Poisoning Attacks on Retrieval-Augmented Generation Systems

Researchers have developed PIDP-Attack, a new cybersecurity threat that combines prompt injection with database poisoning to manipulate AI responses in Retrieval-Augmented Generation (RAG) systems. The attack method demonstrated 4-16% higher success rates than existing techniques across multiple benchmark datasets and eight different large language models.

AINeutralarXiv – CS AI · Mar 267/10
🧠

Anti-I2V: Safeguarding your photos from malicious image-to-video generation

Researchers developed Anti-I2V, a new defense system that protects personal photos from being used to create malicious deepfake videos through image-to-video AI models. The system works across different AI architectures by operating in multiple domains and targeting specific network layers to degrade video generation quality.

AINeutralarXiv – CS AI · Mar 267/10
🧠

Mitigating Many-Shot Jailbreaking

Researchers have developed techniques to mitigate many-shot jailbreaking (MSJ) attacks on large language models, where attackers use numerous examples to override safety training. Combined fine-tuning and input sanitization approaches significantly reduce MSJ effectiveness while maintaining normal model performance.

AIBearisharXiv – CS AI · Mar 267/10
🧠

Claudini: Autoresearch Discovers State-of-the-Art Adversarial Attack Algorithms for LLMs

Researchers demonstrate that Claude Code AI agent can autonomously discover novel adversarial attack algorithms against large language models, achieving significantly higher success rates than existing methods. The discovered attacks achieve up to 40% success rate on CBRN queries and 100% attack success rate against Meta-SecAlign-70B, compared to much lower rates from traditional methods.

🧠 Claude
AIBearisharXiv – CS AI · Mar 177/10
🧠

Cheating Stereo Matching in Full-scale: Physical Adversarial Attack against Binocular Depth Estimation in Autonomous Driving

Researchers have developed the first physical adversarial attack targeting stereo-based depth estimation in autonomous vehicles, using 3D camouflaged objects that can fool binocular vision systems. The attack employs global texture patterns and a novel merging technique to create nearly invisible threats that cause stereo matching models to produce incorrect depth information.

AIBearisharXiv – CS AI · Mar 177/10
🧠

DECEIVE-AFC: Adversarial Claim Attacks against Search-Enabled LLM-based Fact-Checking Systems

Researchers developed DECEIVE-AFC, an adversarial attack framework that can significantly compromise AI-based fact-checking systems by manipulating claims to disrupt evidence retrieval and reasoning. The attacks reduced fact-checking accuracy from 78.7% to 53.7% in testing, highlighting major vulnerabilities in LLM-based verification systems.

AIBullisharXiv – CS AI · Mar 177/10
🧠

RESQ: A Unified Framework for REliability- and Security Enhancement of Quantized Deep Neural Networks

Researchers propose RESQ, a three-stage framework that enhances both security and reliability of quantized deep neural networks through specialized fine-tuning techniques. The framework demonstrates up to 10.35% improvement in attack resilience and 12.47% in fault resilience while maintaining competitive accuracy across multiple neural network architectures.

AIBearisharXiv – CS AI · Mar 177/10
🧠

AI Evasion and Impersonation Attacks on Facial Re-Identification with Activation Map Explanations

Researchers developed a novel framework for generating adversarial patches that can fool facial recognition systems through both evasion and impersonation attacks. The method reduces facial recognition accuracy from 90% to 0.4% in white-box settings and demonstrates strong cross-model generalization, highlighting critical vulnerabilities in surveillance systems.

AIBearisharXiv – CS AI · Mar 167/10
🧠

Purify Once, Edit Freely: Breaking Image Protections under Model Mismatch

Researchers have identified a critical vulnerability in image protection systems that use adversarial perturbations to prevent unauthorized AI editing. Two new purification methods can effectively remove these protections, creating a 'purify-once, edit-freely' attack where images become vulnerable to unlimited manipulation.

AIBearisharXiv – CS AI · Mar 167/10
🧠

Altered Thoughts, Altered Actions: Probing Chain-of-Thought Vulnerabilities in VLA Robotic Manipulation

Research reveals critical vulnerabilities in Vision-Language-Action robotic models that use chain-of-thought reasoning, where corrupting object names in internal reasoning traces can reduce task success rates by up to 45%. The study shows these AI systems are vulnerable to attacks on their internal reasoning processes, even when primary inputs remain untouched.

AIBearisharXiv – CS AI · Mar 127/10
🧠

Amnesia: Adversarial Semantic Layer Specific Activation Steering in Large Language Models

Researchers have developed 'Amnesia,' a lightweight adversarial attack that bypasses safety mechanisms in open-weight Large Language Models by manipulating internal transformer states. The attack enables generation of harmful content without requiring fine-tuning or additional training, highlighting vulnerabilities in current LLM safety measures.

← PrevPage 4 of 6Next →