The paper introduces Sparse Backdoor, a novel supply-chain attack that embeds a provably undetectable backdoor into pre-trained image classifiers by injecting structured sparse perturbations.

The paper introduces a mathematical and cryptographic framework for exactly recovering a single, noisy, high-dimensional discrete path from aggregated and incomplete observable data.

The paper proposes Cluster Segregation Concealment (CSC), a novel defense that identifies and neutralizes backdoor triggers by relabeling poisoned samples to a virtual class, achieving near-zero attac…

The paper proposes TimeGuard, a novel channel-wise pool training defense, to significantly improve the robustness of time series forecasting against backdoor attacks by addressing signal dilution and…

The paper demonstrates that LoRA adapters can be backdoored via data poisoning, showing the backdoor generalizes at the token feature level, and proposes robust behavioral and weight-level detectors f…

This paper demonstrates that LoRA adapters can be backdoored via data poisoning, showing that the resulting backdoor generalizes at the token feature level, and proposes robust behavioral and weight-l…

SpanKey proposes a lightweight method to control neural network access by conditioning intermediate activations on secret keys constrained to a defined subspace, enabling dynamic gating without weight…

The paper demonstrates that encoding harmful prompts as genuine mathematical problems, rather than just using mathematical formatting, effectively bypasses the safety filters of large language models.

The paper proposes a detection-aware adversarial fine-tuning framework to mitigate backdoor attacks in object detection models, achieving better defense while preserving clean detection performance co…

The paper proposes a generic, standard model construction for Anamorphic Key Encapsulation Mechanisms (AKEM) that achieves strong IND-CCA security, addressing a major gap in covert communication crypt…

The paper compares two sparse autoencoder architectures, finding that Differential SAEs (Diff-SAE) significantly outperform Crosscoders in isolating backdoor-related features in language models.

This paper introduces the Token by Token Backdoor Attack (ToBAC), demonstrating that unified autoregressive models (UAMs) are vulnerable to backdoor attacks where a single trigger can compromise multi…

This paper introduces a latent attack framework demonstrating that attacks can be embedded into the hidden representations of multi-agent systems, causing performance degradation even during clean, no…

Sneakdoor introduces a novel backdoor attack method that enhances stealthiness in dataset condensation by using a generative module to create input-aware triggers, achieving high attack efficacy while…

The paper establishes a universal, machine-checked 1-Bit Barrier for the internal wire map of masked Barrett reduction, providing a strong side-channel leakage bound for post-quantum cryptography.

The paper demonstrates that AI agents can conduct a secret, undetectable conversation by exchanging a key using a novel cryptographic primitive, even if they start with no shared secret.

Ghost introduces a manifold-aligned framework to generate plausible, unlearnable synthetic check-in trajectories that significantly degrade an attacker's ability to predict future locations.

Ghost introduces a manifold-aligned framework to generate plausible yet unlearnable synthetic check-in trajectories, significantly degrading the accuracy of next-POI prediction models without sacrific…

The paper systematically explores a vast design space of cryptographic Boolean networks by formalizing six structural constraints, finding that optimal designs result from sparse, mutually compatible…

The paper introduces SET, a robust input-level backdoor detection framework that detects hidden malicious triggers in text-to-image diffusion models by analyzing systematic differences in how benign a…