Han Liu

The paper introduces CanaryRAG, a novel dual-path runtime defense mechanism that detects RAG Knowledge Base Leakage attacks by embedding canary tokens into retrieved knowledge chunks.

This survey provides a comprehensive, structured taxonomy of split learning techniques for fine-tuning Large Language Models (LLMs), covering model optimization, system efficiency, and privacy preservation.

AgentVisor is a novel defense framework that uses semantic virtualization, inspired by OS principles, to significantly reduce LLM agent vulnerability to prompt injection while maintaining high utility.

This paper demonstrates that adversarial perturbations possess a low-rank structure, and proposes a two-step method to leverage this property to significantly improve the efficiency and effectiveness of black-box adversarial attacks.

The paper argues that the Authorization-Execution Gap (AEG)—the divergence between intended authorization and actual execution—is a critical safety and security flaw in open-world agents, requiring source-oriented, runtime integrity checks.

The paper proposes FERMI, a method that significantly improves membership inference attacks against tabular diffusion models by leveraging auxiliary relational information available during training, even when only single-table features are visible at inference time.

This paper proposes a cloud-edge-end collaborative defense framework to secure UAV swarms against various threats like GPS spoofing and multi-hop intrusions, demonstrating its effectiveness through experimental validation.

The paper introduces a histogram-regularized latent diffusion model to synthesize highly realistic and subtype-specific pulmonary nodules in 3D CT volumes, addressing the limitations of existing methods that fail to capture accurate lesion-level intensity distributions.

The paper introduces an adaptive interview framework to gather rich persona context, demonstrating that LLMs improve decision alignment in moral dilemmas only when they selectively ground their decisions in follow-up-derived, user-specific evidence.

MemPro introduces a system-level evolution framework that treats the entire memory construction-retrieval pipeline as an evolvable program, significantly improving long-horizon agent performance over fixed-pipeline baselines.

The paper reframes Parameter-Efficient Fine-Tuning (PEFT) from a mere cost-saving alternative to a robust architecture for creating persistent, personalized models that layer specific behaviors onto large shared foundation models.

The paper introduces U4D, an uncertainty-aware framework that synthesizes 4D LiDAR scenes by prioritizing the reconstruction of geometrically difficult and uncertain regions first, leading to state-of-the-art fidelity and temporal consistency.

The paper proposes Credit-Attenuated Privileged Feedback (CAPF), a training-time mechanism that uses verifier-side information to guide LLM search agents, significantly improving their performance on complex QA tasks.

The paper proposes DySCo, a dynamic trust-aware sparse consensus mechanism, to efficiently manage communication in multi-agent LLM systems by selectively connecting agents based on real-time value, thus reducing overhead while maintaining critical cross-validation.

The paper introduces ContinuousBench, a novel benchmark designed to rigorously test if differentially private (DP) synthetic text can genuinely transfer new knowledge, finding that state-of-the-art DP synthesis methods generally fail to achieve this capability gain.

The paper introduces ContinuousBench, a dynamic benchmark designed to rigorously test if differentially private (DP) synthetic text can genuinely transfer new knowledge and capabilities from sensitive source corpora, finding that current state-of-the-art DP methods generally fail to achieve this.