
Academic_LLM_Sec_Papers
Academic Papers about LLM Application on Security
Stars: 54

Academic_LLM_Sec_Papers is a curated collection of academic papers related to LLM Security Application. The repository includes papers sorted by conference name and published year, covering topics such as large language models for blockchain security, software engineering, machine learning, and more. Developers and researchers are welcome to contribute additional published papers to the list. The repository also provides information on listed conferences and journals related to security, networking, software engineering, and cryptography. The papers cover a wide range of topics including privacy risks, ethical concerns, vulnerabilities, threat modeling, code analysis, fuzzing, and more.
README:
A curated LLM Security Application related academic papers. All papers are sorted based on the conference name and published year.
Welcome developers or researchers to add more published papers to this list.
The cryptocurrency donation address: 0xCC28B05fE858CDbc8692E3272A4451111bDCf700.
Welcome to visit my homepage and Google Scholar.
Security & Crypto | Networking & Database | Software Engineering & Programming Language | Machine Learning |
---|---|---|---|
IEEE S&P | SIGMETRICS | ICSE | AAAI |
ACM CCS | ICDE | ESEC/FSE | ACL |
USENIX Security | VLDB | ASE | ICML |
NDSS | ACM SIGMOD | ACM PLDI | NeurIPS |
IEEE DSN | IEEE INFOCOM | ACM OOPSLA | |
SRCS | IMC | ISSTA | |
RAID | WWW | ACM POPL | |
CAV |
Large Language Models for Blockchain Security: A Systematic Literature Review.
A survey on large language model (llm) security and privacy: The good, the bad, and the ugly.
Large language models for software engineering: A systematic literature review.
Securing Large Language Models: Threats, Vulnerabilities and Responsible Practices.
Unveiling security, privacy, and ethical concerns of chatgpt.
On Large Language Models’ Resilience to Coercive Interrogation.
Combing for Credentials: Active Pattern Extraction from Smart Reply.
DrSec: Flexible Distributed Representations for Efficient Endpoint Security.
Moderating New Waves of Online Hate with Chain-of-Thought Reasoning in LargeLanguage Models.
TROJANPUZZLE: Covertly Poisoning Code-Suggestion Models.
Transferable Multimoda!Attack on Vision-LanguagePre-Training Models.
SMARTINV: Multimodal Learning for Smart Contract Invariant Inference.
LLMIF: Augmented Large Language Model for Fuzzing IoT Devices.
Examining zero-shot vulnerability repair with large language models.
Analyzing Leakage of Personally Identifiable Information in Language Models.
Asleep at the Keyboard? Assessing the Security of GitHub Copilot's Code Contributions.
Spinning language models: Risks of propaganda-as-a-service and countermeasures.
Privacy risks of general-purpose language models
PromptFuzz: Prompt Fuzzing for Fuzz Driver Generation.
Stealing the Decoding Algorithms of Language Models.
Large Language Models for Code: Security Hardening and Adversarial Testing.
Protecting intellectual property of large language model-based code generation apis via watermarks.
Dp-forward: Fine-tuning and inference on language models with differential privacy in forward pass.
Rapid Adoption, Hidden Risks: The Dual Impact of Large Language Model Customization.
PENTESTGPT: An LLM-empowered Automatic Penetration Testing Tool
Don't Listen To Me: Understanding and Exploring Jailbreak Prompts of Large Language Models.
Large Language Models for Code Analysis: Do LLMs Really Do Their Job?.
EaTVul: ChatGPT-based Evasion Attack Against Software Vulnerability Detection.
Fuzzing BusyBox: Leveraging LLM and Crash Reuse for Embedded Bug Unearthing.
Prompt Stealing Attacks Against Text-to-Image Generation Models.
Lost at c: A user study on the security implications of large language model code assistants.
CodexLeaks: Privacy Leaks from Code Generation Language Models in GitHub Copilot.
{Two-in-One}: A Model Hijacking Attack Against Text Generation Models.
Extracting Training Data from Large Language Models.
You Autocomplete Me: Poisoning Vulnerabilities in Neural Code Completion.
LMSanitator: Defending Prompt-Tuning Against Task-Agnostic Backdoors
MASTERKEY: Automated Jailbreaking of Large Language Model Chatbots.
DeGPT: Optimizing Decompiler Output with LLM.
DEMASQ: Unmasking the ChatGPT Wordsmith.
Large Language Model guided Protocol Fuzzing.
Facilitating Threat Modeling by Leveraging Large Language Models
Enhancing Static Analysis for Practical Bug Detection: An LLM-Integrated Approach.
PyDex: Repairing Bugs in Introductory Python Assignments using LLMs.
Large Language Models are Edge-Case Fuzzers: Testing Deep Learning Libraries via FuzzGPT
Fuzz4All: Universal Fuzzing with Large Language Models.
LLMParser: An Exploratory Study on Using Large Language Models for Log Parsing.
Exploring the Potential of ChatGPT in Automated Code Refinement: An Empirical Study.
Large Language Models are Edge-Case Fuzzers: Testing Deep Learning Libraries via FuzzGPT.
UniLog: Automatic Logging via LLM and In-Context Learning.
Prompting Is All You Need: Automated Android Bug Replay with Large Language Models.
Large Language Models for Test-Free Fault Localization.
Large language models are few-shot testers: Exploring llm-based general bug reproduction.
GPTScan: Detecting Logic Vulnerabilities in Smart Contracts by Combining GPT with Program Analysis.
Automated Program Repair in the Era of Large Pre-trained Language Models.
Does data sampling improve deep learning-based vulnerability detection? Yeas! and Nays!.
An Empirical Study of Deep Learning Models for Vulnerability Detection.
RepresentThemAll: A Universal Learning Representation of Bug Reports.
Contrabert: Enhancing code pre-trained models via contrastive learning.
On the robustness of code generation techniques: An empirical study on github copilot.
Two sides of the same coin: Exploiting the impact of identifiers in neural code comprehension.
Automated repair of programs from large language models.
Cctest: Testing and repairing code completion systems.
CodaMosa: Escaping Coverage Plateaus in Test Generation with Pre-trained Large Language Models.
Impact of Code Language Models on Automated Program Repair.
ReCode: Robustness Evaluation of Code Generation Models.
Better Patching Using LLM Prompting, via Self-Consistency.
Towards Autonomous Testing Agents via Conversational Large Language Models.
Let's Chat to Find the APIs: Connecting Human, LLM and Knowledge Graph through AI Chain.
Log Parsing: How Far Can ChatGPT Go?.
Robust Learning of Deep Predictive Models from Noisy and Imbalanced Software Engineering Datasets.
How Effective Are Neural Networks for Fixing Security Vulnerabilities.
InferFix: End-to-End Program Repair with LLMs.
Getting pwn'd by ai: Penetration testing with large language models.
Llm-based code generation method for golang compiler testing.
Assisting static analysis with large language models: A chatgpt experiment.
Assess and Summarize: Improve Outage Understanding with Large Language Models.
Generating realistic vulnerabilities via neural code editing: an empirical study.
You see what I want you to see: poisoning vulnerabilities in neural code search.
Vulnerability detection with fine-grained interpretations.
Not the end of story: An evaluation of chatgpt-driven vulnerability description mappings.
Understanding Programs by Exploiting (Fuzzing) Test Cases.
Backdooring Neural Code Search.
Membership inference attacks against language models via neighbourhood comparison.
ReCode: Robustness Evaluation of Code Generation Models.
Knowledge unlearning for mitigating privacy risks in language models.
Contamination attacks and mitigation in multi-party machine learning.
Adversarial Robustness of Deep Code Comment Generation.
Bag of tricks for training data extraction from language models.
Deduplicating training data mitigates privacy risks in language models.
Recovering private text in federated learning of language models.
ZipZap: Efficient Training of Language Models for Large-Scale Fraud Detection on Blockchain.
Coprotector: Protect open-source code against unauthorized training usage with data poisoning.
(Security) Assertions by Large Language Models.
A Performance-Sensitive Malware Detection System Using Deep Learning on Mobile DevicesA Performance-Sensitive Malware Detection System Using Deep Learning on Mobile Devices.
PrivacyAsst: Safeguarding User Privacy in Tool-Using Large Language Model Agents.
CD-VulD: Cross-Domain Vulnerability Discovery Based on Deep Domain Adaptation.
Software Testing with Large Language Models: Survey, Landscape, and Vision.
An Empirical Evaluation of Using Large Language Models for Automated Unit Test Generation.
Deep Learning Based Vulnerability Detection: Are We There Yet?.
On the Value of Oversampling for Deep Learning in Software Defect Prediction.
Prompt Sapper: A LLM-Empowered Production Tool for Building AI Chains.
Adversarial Robustness of Deep Code Comment Generation .
LLM4Fuzz: Guided Fuzzing of Smart Contracts with Large Language Models
CHEMFUZZ: Large Language Models-assisted Fuzzing for Quantum Chemistry Software Bug Detection
Attack Prompt Generation for Red Teaming and Defending Large Language Models
For Tasks:
Click tags to check more tools for each tasksFor Jobs:
Alternative AI tools for Academic_LLM_Sec_Papers
Similar Open Source Tools

Academic_LLM_Sec_Papers
Academic_LLM_Sec_Papers is a curated collection of academic papers related to LLM Security Application. The repository includes papers sorted by conference name and published year, covering topics such as large language models for blockchain security, software engineering, machine learning, and more. Developers and researchers are welcome to contribute additional published papers to the list. The repository also provides information on listed conferences and journals related to security, networking, software engineering, and cryptography. The papers cover a wide range of topics including privacy risks, ethical concerns, vulnerabilities, threat modeling, code analysis, fuzzing, and more.

awesome-MLSecOps
Awesome MLSecOps is a curated list of open-source tools, resources, and tutorials for MLSecOps (Machine Learning Security Operations). It includes a wide range of security tools and libraries for protecting machine learning models against adversarial attacks, as well as resources for AI security, data anonymization, model security, and more. The repository aims to provide a comprehensive collection of tools and information to help users secure their machine learning systems and infrastructure.

Awesome-Embodied-AI
Awesome-Embodied-AI is a curated list of papers on Embodied AI and related resources, tracking and summarizing research and industrial progress in the field. It includes surveys, workshops, tutorials, talks, blogs, and papers covering various aspects of Embodied AI, such as vision-language navigation, large language model-based agents, robotics, and more. The repository welcomes contributions and aims to provide a comprehensive overview of the advancements in Embodied AI.

Next-Generation-LLM-based-Recommender-Systems-Survey
The Next-Generation LLM-based Recommender Systems Survey is a comprehensive overview of the latest advancements in recommender systems leveraging Large Language Models (LLMs). The survey covers various paradigms, approaches, and applications of LLMs in recommendation tasks, including generative and non-generative models, multimodal recommendations, personalized explanations, and industrial deployment. It discusses the comparison with existing surveys, different paradigms, and specific works in the field. The survey also addresses challenges and future directions in the domain of LLM-based recommender systems.

inference
Xorbits Inference (Xinference) is a powerful and versatile library designed to serve language, speech recognition, and multimodal models. With Xorbits Inference, you can effortlessly deploy and serve your or state-of-the-art built-in models using just a single command. Whether you are a researcher, developer, or data scientist, Xorbits Inference empowers you to unleash the full potential of cutting-edge AI models.

AIOS
AIOS, a Large Language Model (LLM) Agent operating system, embeds large language model into Operating Systems (OS) as the brain of the OS, enabling an operating system "with soul" -- an important step towards AGI. AIOS is designed to optimize resource allocation, facilitate context switch across agents, enable concurrent execution of agents, provide tool service for agents, maintain access control for agents, and provide a rich set of toolkits for LLM Agent developers.

SimAI
SimAI is the industry's first full-stack, high-precision simulator for AI large-scale training. It provides detailed modeling and simulation of the entire LLM training process, encompassing framework, collective communication, network layers, and more. This comprehensive approach offers end-to-end performance data, enabling researchers to analyze training process details, evaluate time consumption of AI tasks under specific conditions, and assess performance gains from various algorithmic optimizations.

Grounded_3D-LLM
Grounded 3D-LLM is a unified generative framework that utilizes referent tokens to reference 3D scenes, enabling the handling of sequences that interleave 3D and textual data. It transforms 3D vision tasks into language formats through task-specific prompts, curating grounded language datasets and employing Contrastive Language-Scene Pre-training (CLASP) to bridge the gap between 3D vision and language models. The model covers tasks like 3D visual question answering, dense captioning, object detection, and language grounding.

buffer-of-thought-llm
Buffer of Thoughts (BoT) is a thought-augmented reasoning framework designed to enhance the accuracy, efficiency, and robustness of large language models (LLMs). It introduces a meta-buffer to store high-level thought-templates distilled from problem-solving processes, enabling adaptive reasoning for efficient problem-solving. The framework includes a buffer-manager to dynamically update the meta-buffer, ensuring scalability and stability. BoT achieves significant performance improvements on reasoning-intensive tasks and demonstrates superior generalization ability and robustness while being cost-effective compared to other methods.

terraform-genai-doc-summarization
This solution showcases how to summarize a large corpus of documents using Generative AI. It provides an end-to-end demonstration of document summarization going all the way from raw documents, detecting text in the documents and summarizing the documents on-demand using Vertex AI LLM APIs, Cloud Vision Optical Character Recognition (OCR) and BigQuery.

cambrian
Cambrian-1 is a fully open project focused on exploring multimodal Large Language Models (LLMs) with a vision-centric approach. It offers competitive performance across various benchmarks with models at different parameter levels. The project includes training configurations, model weights, instruction tuning data, and evaluation details. Users can interact with Cambrian-1 through a Gradio web interface for inference. The project is inspired by LLaVA and incorporates contributions from Vicuna, LLaMA, and Yi. Cambrian-1 is licensed under Apache 2.0 and utilizes datasets and checkpoints subject to their respective original licenses.

openrl
OpenRL is an open-source general reinforcement learning research framework that supports training for various tasks such as single-agent, multi-agent, offline RL, self-play, and natural language. Developed based on PyTorch, the goal of OpenRL is to provide a simple-to-use, flexible, efficient and sustainable platform for the reinforcement learning research community. It supports a universal interface for all tasks/environments, single-agent and multi-agent tasks, offline RL training with expert dataset, self-play training, reinforcement learning training for natural language tasks, DeepSpeed, Arena for evaluation, importing models and datasets from Hugging Face, user-defined environments, models, and datasets, gymnasium environments, callbacks, visualization tools, unit testing, and code coverage testing. It also supports various algorithms like PPO, DQN, SAC, and environments like Gymnasium, MuJoCo, Atari, and more.

awesome-flux-ai
Awesome Flux AI is a curated list of resources, tools, libraries, and applications related to Flux AI technology. It serves as a comprehensive collection for developers, researchers, and enthusiasts interested in Flux AI. The platform offers open-source text-to-image AI models developed by Black Forest Labs, aiming to advance generative deep learning models for media, creativity, efficiency, and diversity.

nncf
Neural Network Compression Framework (NNCF) provides a suite of post-training and training-time algorithms for optimizing inference of neural networks in OpenVINO™ with a minimal accuracy drop. It is designed to work with models from PyTorch, TorchFX, TensorFlow, ONNX, and OpenVINO™. NNCF offers samples demonstrating compression algorithms for various use cases and models, with the ability to add different compression algorithms easily. It supports GPU-accelerated layers, distributed training, and seamless combination of pruning, sparsity, and quantization algorithms. NNCF allows exporting compressed models to ONNX or TensorFlow formats for use with OpenVINO™ toolkit, and supports Accuracy-Aware model training pipelines via Adaptive Compression Level Training and Early Exit Training.

AceCoder
AceCoder is a tool that introduces a fully automated pipeline for synthesizing large-scale reliable tests used for reward model training and reinforcement learning in the coding scenario. It curates datasets, trains reward models, and performs RL training to improve coding abilities of language models. The tool aims to unlock the potential of RL training for code generation models and push the boundaries of LLM's coding abilities.

HuatuoGPT-II
HuatuoGPT2 is an innovative domain-adapted medical large language model that excels in medical knowledge and dialogue proficiency. It showcases state-of-the-art performance in various medical benchmarks, surpassing GPT-4 in expert evaluations and fresh medical licensing exams. The open-source release includes HuatuoGPT2 models in 7B, 13B, and 34B versions, training code for one-stage adaptation, partial pre-training and fine-tuning instructions, and evaluation methods for medical response capabilities and professional pharmacist exams. The tool aims to enhance LLM capabilities in the Chinese medical field through open-source principles.
For similar tasks

Academic_LLM_Sec_Papers
Academic_LLM_Sec_Papers is a curated collection of academic papers related to LLM Security Application. The repository includes papers sorted by conference name and published year, covering topics such as large language models for blockchain security, software engineering, machine learning, and more. Developers and researchers are welcome to contribute additional published papers to the list. The repository also provides information on listed conferences and journals related to security, networking, software engineering, and cryptography. The papers cover a wide range of topics including privacy risks, ethical concerns, vulnerabilities, threat modeling, code analysis, fuzzing, and more.

HackBot
HackBot is an AI-powered cybersecurity chatbot designed to provide accurate answers to cybersecurity-related queries, conduct code analysis, and scan analysis. It utilizes the Meta-LLama2 AI model through the 'LlamaCpp' library to respond coherently. The chatbot offers features like local AI/Runpod deployment support, cybersecurity chat assistance, interactive interface, clear output presentation, static code analysis, and vulnerability analysis. Users can interact with HackBot through a command-line interface and utilize it for various cybersecurity tasks.

vulnerability-analysis
The NVIDIA AI Blueprint for Vulnerability Analysis for Container Security showcases accelerated analysis on common vulnerabilities and exposures (CVE) at an enterprise scale, reducing mitigation time from days to seconds. It enables security analysts to determine software package vulnerabilities using large language models (LLMs) and retrieval-augmented generation (RAG). The blueprint is designed for security analysts, IT engineers, and AI practitioners in cybersecurity. It requires NVAIE developer license and API keys for vulnerability databases, search engines, and LLM model services. Hardware requirements include L40 GPU for pipeline operation and optional LLM NIM and Embedding NIM. The workflow involves LLM pipeline for CVE impact analysis, utilizing LLM planner, agent, and summarization nodes. The blueprint uses NVIDIA NIM microservices and Morpheus Cybersecurity AI SDK for vulnerability analysis.
For similar jobs

last_layer
last_layer is a security library designed to protect LLM applications from prompt injection attacks, jailbreaks, and exploits. It acts as a robust filtering layer to scrutinize prompts before they are processed by LLMs, ensuring that only safe and appropriate content is allowed through. The tool offers ultra-fast scanning with low latency, privacy-focused operation without tracking or network calls, compatibility with serverless platforms, advanced threat detection mechanisms, and regular updates to adapt to evolving security challenges. It significantly reduces the risk of prompt-based attacks and exploits but cannot guarantee complete protection against all possible threats.

aircrack-ng
Aircrack-ng is a comprehensive suite of tools designed to evaluate the security of WiFi networks. It covers various aspects of WiFi security, including monitoring, attacking (replay attacks, deauthentication, fake access points), testing WiFi cards and driver capabilities, and cracking WEP and WPA PSK. The tools are command line-based, allowing for extensive scripting and have been utilized by many GUIs. Aircrack-ng primarily works on Linux but also supports Windows, macOS, FreeBSD, OpenBSD, NetBSD, Solaris, and eComStation 2.

reverse-engineering-assistant
ReVA (Reverse Engineering Assistant) is a project aimed at building a disassembler agnostic AI assistant for reverse engineering tasks. It utilizes a tool-driven approach, providing small tools to the user to empower them in completing complex tasks. The assistant is designed to accept various inputs, guide the user in correcting mistakes, and provide additional context to encourage exploration. Users can ask questions, perform tasks like decompilation, class diagram generation, variable renaming, and more. ReVA supports different language models for online and local inference, with easy configuration options. The workflow involves opening the RE tool and program, then starting a chat session to interact with the assistant. Installation includes setting up the Python component, running the chat tool, and configuring the Ghidra extension for seamless integration. ReVA aims to enhance the reverse engineering process by breaking down actions into small parts, including the user's thoughts in the output, and providing support for monitoring and adjusting prompts.

AutoAudit
AutoAudit is an open-source large language model specifically designed for the field of network security. It aims to provide powerful natural language processing capabilities for security auditing and network defense, including analyzing malicious code, detecting network attacks, and predicting security vulnerabilities. By coupling AutoAudit with ClamAV, a security scanning platform has been created for practical security audit applications. The tool is intended to assist security professionals with accurate and fast analysis and predictions to combat evolving network threats.

aif
Arno's Iptables Firewall (AIF) is a single- & multi-homed firewall script with DSL/ADSL support. It is a free software distributed under the GNU GPL License. The script provides a comprehensive set of configuration files and plugins for setting up and managing firewall rules, including support for NAT, load balancing, and multirouting. It offers detailed instructions for installation and configuration, emphasizing security best practices and caution when modifying settings. The script is designed to protect against hostile attacks by blocking all incoming traffic by default and allowing users to configure specific rules for open ports and network interfaces.

watchtower
AIShield Watchtower is a tool designed to fortify the security of AI/ML models and Jupyter notebooks by automating model and notebook discoveries, conducting vulnerability scans, and categorizing risks into 'low,' 'medium,' 'high,' and 'critical' levels. It supports scanning of public GitHub repositories, Hugging Face repositories, AWS S3 buckets, and local systems. The tool generates comprehensive reports, offers a user-friendly interface, and aligns with industry standards like OWASP, MITRE, and CWE. It aims to address the security blind spots surrounding Jupyter notebooks and AI models, providing organizations with a tailored approach to enhancing their security efforts.

Academic_LLM_Sec_Papers
Academic_LLM_Sec_Papers is a curated collection of academic papers related to LLM Security Application. The repository includes papers sorted by conference name and published year, covering topics such as large language models for blockchain security, software engineering, machine learning, and more. Developers and researchers are welcome to contribute additional published papers to the list. The repository also provides information on listed conferences and journals related to security, networking, software engineering, and cryptography. The papers cover a wide range of topics including privacy risks, ethical concerns, vulnerabilities, threat modeling, code analysis, fuzzing, and more.

DeGPT
DeGPT is a tool designed to optimize decompiler output using Large Language Models (LLM). It requires manual installation of specific packages and setting up API key for OpenAI. The tool provides functionality to perform optimization on decompiler output by running specific scripts.