Yuan Tian
13 indexed papers
Publications per year
Top categories
Frequent co-authors
Research Timeline
Semia is a novel static auditor that translates complex, prose-defined agent skills into a verifiable Datalog fact base, enabling the detection of critical security vulnerabilities in real-world LLM agents.
The paper introduces PACT, a provenance-aware runtime monitor that enhances agent security by tracking the origin and trust of individual tool arguments, solving the granularity mismatch in LLM agent defenses.
The paper introduces Conleash, a client-side middleware that uses a risk lattice to enforce granular, boundary-scoped authorization for tool invocations, significantly improving user consent and security.
The paper introduces Sefz, a semantic fuzzing framework that automatically discovers specification violations in LLM agent skills, finding a significant number of previously unknown exploitable guardrail breaches.
The paper introduces HIDBench, a new benchmark for evaluating LLMs' ability to perform host-based intrusion detection using complex, noisy system logs, finding that model performance degrades significantly with increased data complexity.
The paper argues that LLM agent security is fundamentally an agent-human interaction (AHI) problem, demonstrating that industry practices rely on human-centric mechanisms while academic research focuses on undeployed approaches.
The paper proposes AuthGraph, a dual-graph defense framework that structurally compares information provenance (what data was used) against a clean authorization baseline to detect fine-grained, parameter-source-level injection attacks on LLM agents.
The paper investigates multimodal jailbreak robustness across various reasoning paradigms and finds that explicit image-tool interaction significantly improves safety by guiding the model's internal representations toward safer directions.
The paper investigates multimodal jailbreak robustness across various reasoning paradigms and finds that explicit image-tool interaction significantly improves safety by shifting the model's internal representations toward a safety-relevant direction.
The paper introduces Agent-Radar, a training-free method that dynamically steers multi-agent attention toward relevant context using a novel decay mechanism, significantly improving performance in long-running LLM conversations.
The paper introduces PIGMENT, a physics-informed foundation model that enables reliable quantitative mapping of brain microstructure from extremely sparse or challenging diffusion MRI scans.
ImageAuditor introduces a novel Membership Inference Attack (MIA) specifically designed for Image-based Retrieval-Augmented Generation (IRAG) systems, achieving high accuracy by addressing cross-modal retrieval and discriminative signal extraction challenges.
RogueMerge introduces a unified framework to robustly attack LLM model merging by addressing the challenges of autoregressive decoding, unknown merging configurations, and prompt generalization, significantly outperforming prior methods.
Papers
ImageAuditor: Membership Inference Attack against Image-based Retrieval-Augmented Generation
Jinghuai Zhang, Pengyue Yu, Zhexiao Lin, Kunlin Cai +2 more
ImageAuditor introduces a novel Membership Inference Attack (MIA) specifically designed for Image-based Retrieval-Augmented Generation (IRAG) systems, achieving high accuracy by addressing cross-modal…