ML Security Papers

Latest papers

11 papers

defense arXiv Feb 2, 2026 · 9w ago

Simplicity Prevails: The Emergence of Generalizable AIGI Detection in Visual Foundation Models

Yue Zhou, Xinan He, Kaiqing Lin et al. · Shenzhen University · NanChang University +1 more

Linear classifiers on frozen Vision Foundation Models outperform specialized AIGI detectors by 30%+ in realistic in-the-wild scenarios

Output Integrity Attack vision

PDF

defense arXiv Jan 29, 2026 · 9w ago

MPF-Net: Exposing High-Fidelity AI-Generated Video Forgeries via Hierarchical Manifold Deviation and Micro-Temporal Fluctuations

Xinan He, Kaiqing Lin, Yue Zhou et al. · NanChang University · Shenzhen University +3 more

Detects AI-generated video forgeries via hierarchical dual-path analysis of manifold deviations and structured inter-frame residual fingerprints

Output Integrity Attack vision

PDF

attack arXiv Jan 27, 2026 · 9w ago

VoxMorph: Scalable Zero-shot Voice Identity Morphing via Disentangled Embeddings

Bharath Krishnamurthy, Ajita Rattani · University of North Texas

Generates disentangled, Slerp-fused synthetic voice morphs that evade speaker verification systems with 67.8% success rate

Input Manipulation Attack audiogenerative

PDF Code

defense arXiv Jan 20, 2026 · 10w ago

SecureSplit: Mitigating Backdoor Attacks in Split Learning

Zhihao Dou, Dongfei Cui, Weida Wang et al. · Case Western Reserve University · Northeast Electric Power University +6 more

Defends split learning against backdoor attacks by transforming embeddings and filtering poisoned ones via majority-voting scheme

Model Poisoning visionfederated-learning

PDF

defense arXiv Jan 13, 2026 · 11w ago

Q-realign: Piggybacking Realignment on Quantization for Safe and Efficient LLM Deployment

Qitao Tan, Xiaoying Song, Ningxi Cheng et al. · University of Georgia · University of North Texas +2 more

Recovers LLM safety alignment eroded by fine-tuning via post-training quantization, without retraining, in 40 minutes on one GPU

Transfer Learning Attack Prompt Injection nlp

PDF Code

defense TIFS Dec 19, 2025 · Dec 2025

Practical Framework for Privacy-Preserving and Byzantine-robust Federated Learning

Baolei Zhang, Minghong Fang, Zhuqing Liu et al. · Nankai University · University of Louisville +1 more

Defends federated learning against Byzantine model corruption and gradient privacy inference using dimensionality reduction and adaptive filtering

Data Poisoning Attack Model Inversion Attack federated-learning

1 citations PDF

defense BigData Congress Oct 28, 2025 · Oct 2025

Secure Retrieval-Augmented Generation against Poisoning Attacks

Zirui Cheng, Jikai Sun, Anjun Gao et al. · National University of Singapore · University of Louisville +2 more

Defends RAG systems against knowledge-base poisoning using perplexity filtering and text similarity detection to flag injected malicious documents

Data Poisoning Attack Prompt Injection nlp

6 citations 1 influentialPDF

attack TrustCom Oct 14, 2025 · Oct 2025

Fairness-Constrained Optimization Attack in Federated Learning

Harsh Kasyap, Minghong Fang, Zhuqing Liu et al. · The Alan Turing Institute · Indian Institute of Technology (BHU) +4 more

Proposes a Byzantine fairness attack in FL that injects bias up to 90% via optimization while evading accuracy-based defenses

Data Poisoning Attack federated-learningtabular

PDF

attack EMNLP Sep 25, 2025 · Sep 2025

Can Federated Learning Safeguard Private Data in LLM Training? Vulnerabilities, Attacks, and Defense Evaluation

Wenkai Guo, Xuefeng Liu, Haolin Wang et al. · Beihang University · Zhongguancun Laboratory +3 more

Demonstrates training data extraction from federated LLM global models and proposes FL-specific attack tracking parameter updates across rounds

Model Inversion Attack Sensitive Information Disclosure nlpfederated-learning

PDF Code

defense arXiv Sep 17, 2025 · Sep 2025

Who Taught the Lie? Responsibility Attribution for Poisoned Knowledge in Retrieval-Augmented Generation

Baolei Zhang, Haoran Xin, Yuxi Chen et al. · Nankai University · University of North Texas +1 more

Detects and attributes poisoned documents in RAG knowledge bases by scoring retrieval ranking, semantics, and generation influence

Data Poisoning Attack Prompt Injection nlp

PDF Code

benchmark arXiv Sep 16, 2025 · Sep 2025

Brought a Gun to a Knife Fight: Modern VFM Baselines Outgun Specialized Detectors on In-the-Wild AI Image Detection

Yue Zhou, Xinan He, Kaiqing Lin et al. · Shenzhen University · NanChang University +2 more

Benchmarks VFM linear probes against specialized AI-image detectors, finding 20%+ accuracy gains on in-the-wild detection with modern models

Output Integrity Attack vision

PDF

Latest papers

Simplicity Prevails: The Emergence of Generalizable AIGI Detection in Visual Foundation Models

MPF-Net: Exposing High-Fidelity AI-Generated Video Forgeries via Hierarchical Manifold Deviation and Micro-Temporal Fluctuations

VoxMorph: Scalable Zero-shot Voice Identity Morphing via Disentangled Embeddings

SecureSplit: Mitigating Backdoor Attacks in Split Learning

Q-realign: Piggybacking Realignment on Quantization for Safe and Efficient LLM Deployment

Practical Framework for Privacy-Preserving and Byzantine-robust Federated Learning

Secure Retrieval-Augmented Generation against Poisoning Attacks

Fairness-Constrained Optimization Attack in Federated Learning

Can Federated Learning Safeguard Private Data in LLM Training? Vulnerabilities, Attacks, and Defense Evaluation

Who Taught the Lie? Responsibility Attribution for Poisoned Knowledge in Retrieval-Augmented Generation

Brought a Gun to a Knife Fight: Modern VFM Baselines Outgun Specialized Detectors on In-the-Wild AI Image Detection

Filters

Time Period

Paper Type

OWASP ML Top 10

OWASP LLM Top 10

Institution

Venue