The paper introduces Oracle Poisoning, an attack that corrupts knowledge graphs used by AI agents, demonstrating that all tested models blindly trust poisoned data at high sophistication levels.

This paper provides a comprehensive, practitioner-oriented framework and survey to guide the selection and evaluation of differentially private methods for releasing sensitive graph data.

The paper introduces GRID, an end-to-end framework that significantly improves the construction of security knowledge graphs from cyber threat intelligence by replacing unstable LLM-based supervision…

The paper proposes TAGBD, a graph-aware backdoor attack that demonstrates that inconspicuous poison text alone can reliably compromise text-attributed graph learning systems.

The paper introduces musicPIIrate, a novel tool that demonstrates how Offensive AI can infer sensitive user attributes (like age, gender, and personality) from public music playlists, and proposes Jam…

This paper introduces GraphSteal, an attack framework demonstrating that Graph RAG systems can leak substantial portions of a hidden knowledge graph by treating them as structural oracles.

EviLink addresses the ambiguity of schema linking in Text-to-SQL by treating it as an uncertainty-aware inference over multiple plausible SQL paths, significantly improving recall and efficiency.

The paper introduces 'contrastive privacy,' a formal, model-agnostic, and quantitative method for evaluating the semantic success of AI-based sanitization across multiple media modalities.

FixV2W introduces a knowledge graph embedding approach to significantly improve the accuracy of inconsistent CVE-CWE mappings in public vulnerability databases, achieving high prediction rates for exp…

This paper demonstrates that retrieval-augmented in-context learning systems for document QA are vulnerable to membership inference attacks, proposing novel black-box methods that exploit query prefix…

The paper introduces the Black-Hole Attack, a poisoning vulnerability that exploits geometric defects in high-dimensional embedding spaces to force malicious vectors into the top-k results of vector d…

The paper evaluates four RAG architectures under knowledge base poisoning, demonstrating that advanced architectures significantly improve robustness against adversarial contradictions, localizing the…

CleanBase is a method that detects malicious documents in RAG knowledge databases by identifying clusters (cliques) of documents that exhibit unusually high semantic similarity.

The paper introduces LLM-CEG, an extended framework that uses membership inference attack success rates and model perplexity to systematically audit and optimize the privacy-utility trade-off when fin…

AEGIS is a novel multi-agent framework that grounds vulnerability reasoning by reconstructing per-variable dependency chains over a Code Property Graph, achieving state-of-the-art performance on the P…

The paper proposes AlertStar, a hyper-relational knowledge graph completion framework, to improve cyber-attack prediction by incorporating rich flow-level metadata (qualifiers) into path reasoning ove…

SentinelRAG introduces a novel watermarking framework that embeds style-consistent, fictitious knowledge entries into RAG databases, allowing for reliable detection of unauthorized redistribution whil…

The paper introduces ANCHOR, a schema-agnostic system that constructs knowledge graphs from Cyber Threat Intelligence by dynamically discovering and validating against large ontologies, overcoming lim…

The paper proposes a universal graph backdoor defense framework that addresses feature-based graph backdoor attacks, which are more challenging than traditional subgraph-based attacks, by leveraging l…

The paper proposes FERMI, a method that significantly improves membership inference attacks against tabular diffusion models by leveraging auxiliary relational information available during training, e…