Daily Arxiv

전 세계에서 발간되는 인공지능 관련 논문을 정리하는 페이지 입니다.
본 페이지는 Google Gemini를 활용해 요약 정리하며, 비영리로 운영 됩니다.
논문에 대한 저작권은 저자 및 해당 기관에 있으며, 공유 시 출처만 명기하면 됩니다.

Knockout LLM Assessment: Using Large Language Models for Evaluations through Iterative Pairwise Comparisons

MambaNeXt-YOLO: A Hybrid State Space Model for Real-time Object Detection

Confidence-Guided Human-AI Collaboration: Reinforcement Learning with Distributional Proxy Value Propagation for Autonomous Driving

FOLIAGE: Towards Physical Intelligence World Models Via Unbounded Surface Evolution

UniWorld-V1: High-Resolution Semantic Encoders for Unified Visual Understanding and Generation

Retrieval-Augmented Generation as Noisy In-Context Learning: A Unified Theory and Risk Bounds

DGMO: Training-Free Audio Source Separation through Diffusion-Guided Mask Optimization

EvaLearn: Quantifying the Learning Capability and Efficiency of LLMs via Sequential Problem Solving

Flexiffusion: Training-Free Segment-Wise Neural Architecture Search for Efficient Diffusion Models

Psi-Sampler: Initial Particle Sampling for SMC-Based Inference-Time Reward Alignment in Score Models

NTPP: Generative Speech Language Modeling for Dual-Channel Spoken Dialogue via Next-Token-Pair Prediction

Linear Representation Transferability Hypothesis: Leveraging Small Models to Steer Large Models

Aligned but Blind: Alignment Increases Implicit Bias by Reducing Awareness of Race

Supervised Quantum Machine Learning: A Future Outlook from Qubits to Enterprise Applications

Train One Sparse Autoencoder Across Multiple Sparsity Budgets to Preserve Interpretability and Accuracy

ReCalKV: Low-Rank KV Cache Compression via Head Reordering and Offline Calibration

ADG: Ambient Diffusion-Guided Dataset Recovery for Corruption-Robust Offline Reinforcement Learning

Seven Security Challenges That Must be Solved in Cross-domain Multi-agent LLM Systems

Breaking the Cloak! Unveiling Chinese Cloaked Toxicity with Homophone Graph and Toxic Lexicon

Inclusive, Differentially Private Federated Learning for Clinical Data

Position is Power: System Prompts as a Mechanism of Bias in Large Language Models (LLMs)

Electrolyzers-HSI: Close-Range Multi-Scene Hyperspectral Imaging Benchmark Dataset

In-context Language Learning for Endangered Languages in Speech Recognition

Rethinking Text-based Protein Understanding: Retrieval or LLM?

DreamPRM: Domain-Reweighted Process Reward Model for Multimodal Reasoning

Deconstructing Obfuscation: A four-dimensional framework for evaluating Large Language Models assembly code deobfuscation capabilities

STOPA: A Database of Systematic VariaTion Of DeePfake Audio for Open-Set Source Tracing and Attribution

FlowCut: Rethinking Redundancy via Information Flow for Efficient Vision-Language Models

Deriving Strategic Market Insights with Large Language Models: A Benchmark for Forward Counterfactual Generation

The Role of Diversity in In-Context Learning for Large Language Models

MetaGen Blended RAG: Unlocking Zero-Shot Precision for Specialized Domain Question-Answering

Bottlenecked Transformers: Periodic KV Cache Abstraction for Generalised Reasoning

AceReason-Nemotron: Advancing Math and Code Reasoning through Reinforcement Learning

SUS backprop: linear backpropagation algorithm for long inputs in transformers

Optimizing Anytime Reasoning via Budget Relative Policy Optimization

Information Science Principles of Machine Learning: A Causal Chain Meta-Framework Based on Formalized Information Mapping

MiMo: Unlocking the Reasoning Potential of Language Model -- From Pretraining to Posttraining

Piloting Structure-Based Drug Design via Modality-Specific Optimal Schedule

Full-Parameter Continual Pretraining of Gemma2: Insights into Fluency and Domain Knowledge

AGENTFUZZER: Generic Black-Box Fuzzing for Indirect Prompt Injection against LLM Agents

Rethinking LLM Advancement: Compute-Dependent and Independent Paths to Progress

Addressing Concept Mislabeling in Concept Bottleneck Models Through Preference Optimization

Goal-Oriented Time-Series Forecasting: Foundation Framework Design

Biased by Design: Leveraging Inherent AI Biases to Enhance Critical Thinking of News Readers

Hearing Anywhere in Any Environment

NorEval: A Norwegian Language Understanding and Generation Evaluation Benchmark

LLM Social Simulations Are a Promising Research Method

Firm or Fickle? Evaluating Large Language Models Consistency in Sequential Interactions

COMI-LINGUA: Expert Annotated Large-Scale Dataset for Multitask NLP in Hindi-English Code-Mixing

On The Sample Complexity Bounds In Bilevel Reinforcement Learning

TinySQL: A Progressive Text-to-SQL Dataset for Mechanistic Interpretability Research

ChatWise: A Strategy-Guided Chatbot for Enhancing Cognitive Support in Older Adults

Implicit Cross-Lingual Rewarding for Efficient Multilingual Preference Alignment

Knowledge Retention for Continual Model-Based Reinforcement Learning

When Claims Evolve: Evaluating and Enhancing the Robustness of Embedding Models Against Misinformation Edits

ATLaS: Agent Tuning via Learning Critical Steps

Safety Tax: Safety Alignment Makes Your Large Reasoning Models Less Reasonable

From Benign import Toxic: Jailbreaking the Language Model via Adversarial Metaphors

TurboFuzzLLM: Turbocharging Mutation-based Fuzzing for Effectively Jailbreaking Large Language Models in Practice

SpargeAttention: Accurate and Training-free Sparse Attention Accelerating Any Model Inference

Contrastive Visual Data Augmentation

SNaRe: Domain-aware Data Generation for Low-Resource Event Detection

AnyTop: Character Animation Diffusion with Any Topology

Towards Robust ESG Analysis Against Greenwashing Risks: Aspect-Action Analysis with Cross-Category Generalization

GoRA: Gradient-driven Adaptive Low Rank Adaptation

Mind the Confidence Gap: Overconfidence, Calibration, and Distractor Effects in Large Language Models

Bandit Multiclass List Classification

CurvGAD: Leveraging Curvature for Enhanced Graph Anomaly Detection

Can Large Language Models Understand Intermediate Representations in Compilers?

Contrastive Representation Distillation via Multi-Scale Feature Decoupling

Blackout DIFUSCO

Multiple Invertible and Partial-Equivariant Function for Latent Vector Transformation to Enhance Disentanglement in VAEs

Analytical Lyapunov Function Discovery: An RL-based Generative Approach

Explainability in Practice: A Survey of Explainable NLP Across Various Domains

Representations Shape Weak-to-Strong Generalization: Theoretical Insights and Empirical Predictions

Spectro-Riemannian Graph Neural Networks

The Lessons of Developing Process Reward Models in Mathematical Reasoning

Efficiently Serving Large Multimodal Models Using EPD Disaggregation

Hybrid deep convolution model for lung cancer detection with transfer learning

Uncovering Memorization Effect in the Presence of Spurious Correlations

OCRBench v2: An Improved Benchmark for Evaluating Large Multimodal Models on Visual Text Localization and Reasoning

An analytic theory of creativity in convolutional diffusion models

HashEvict: A Pre-Attention KV Cache Eviction Strategy using Locality-Sensitive Hashing

From Intention To Implementation: Automating Biomedical Research via LLMs

Proactive Model Adaptation Against Concept Drift for Online Time Series Forecasting

MuLan: Adapting Multilingual Diffusion Models for Hundreds of Languages with Negligible Cost

Functional relevance based on the continuous Shapley value

Empower Structure-Based Molecule Optimization with Gradient Guided Bayesian Flow Networks

What Happened in LLMs Layers when Trained for Fast vs. Slow Thinking: A Gradient Perspective

Focus On This, Not That! Steering LLMs with Adaptive Feature Specification

A Large Recurrent Action Model: xLSTM enables Fast Inference for Robotics Tasks

David and Goliath: Small One-step Model Beats Large Diffusion with Score Post-training

Context is Key: A Benchmark for Forecasting with Essential Textual Information

Diff-Instruct++: Training One-step Text-to-image Generator Model to Align with Human Preferences

Beyond Position: the emergence of wavelet-like properties in Transformers

The Disparate Benefits of Deep Ensembles

Not All Options Are Created Equal: Textual Option Weighting for Token-Efficient LLM-Based Knowledge Tracing

Evaluating Morphological Compositional Generalization in Large Language Models

Stein Variational Evolution Strategies

Biased AI can Influence Political Decision-Making

AGENTFUZZER: Generic Black-Box Fuzzing for Indirect Prompt Injection against LLM Agents

Created by

Haebom

저자

Zhun Wang, Vincent Siu, Zhe Ye, Tianneng Shi, Yuzhou Nie, Xuandong Zhao, Chenguang Wang, Wenbo Guo, Dawn Song

개요

본 논문은 대규모 언어 모델(LLM) 기반 에이전트 시스템의 간접 프롬프트 주입 취약성을 자동으로 발견하고 악용하기 위한 블랙박스 퍼징 프레임워크인 AgentFuzzer를 제안한다. AgentFuzzer는 고품질 초기 시드 코퍼스를 생성하고, Monte Carlo Tree Search (MCTS) 기반 시드 선택 알고리즘을 사용하여 입력을 반복적으로 개선함으로써 에이전트의 취약점을 발견할 가능성을 극대화한다. AgentDojo와 VWA-adv 벤치마크에서 o3-mini 및 GPT-4o 기반 에이전트에 대해 각각 71%와 70%의 성공률을 달성하여 기존 공격 방식보다 성능을 거의 두 배 향상시켰다. 또한, AgentFuzzer는 보이지 않는 작업과 내부 LLM에 대한 강력한 전이성과 방어 메커니즘에 대한 유망한 결과를 보여준다. 실제 환경에서의 실험을 통해 악의적인 사이트를 포함한 임의의 URL로 에이전트를 유도하는 데 성공했다.

시사점, 한계점

•

시사점:

◦

LLM 기반 에이전트 시스템의 간접 프롬프트 주입 취약성에 대한 효과적인 블랙박스 퍼징 기법을 제시한다.

◦

기존 공격 방식보다 월등히 높은 성공률을 달성하여 실질적인 위협을 보여준다.

◦

다양한 LLM과 작업에 대한 전이성을 확인하여 범용성을 입증한다.

◦

실제 환경에서의 공격 성공을 통해 그 위험성을 실증적으로 보여준다.

•

한계점:

◦

특정 벤치마크 및 LLM에 대한 평가 결과이므로, 다른 시스템이나 LLM에 대한 일반화 가능성은 추가 연구가 필요하다.

◦

AgentFuzzer의 성능 향상을 위한 추가적인 최적화 가능성이 존재할 수 있다.

◦

방어 메커니즘에 대한 효과는 아직 초기 단계이며, 더욱 강력한 방어 메커니즘에 대한 추가적인 테스트가 필요하다.

Made with Slashpage