Advancements in AI Security and Privacy

The field of AI security and privacy is rapidly evolving, with a growing focus on protecting against threats such as model extraction attacks, indirect prompt injection, and tool poisoning. Recent research has highlighted the importance of developing robust defense strategies to ensure the security and integrity of AI systems. Notably, the development of novel attack surfaces, such as side-channel attacks on Mixture-of-Experts architectures, has emphasized the need for ongoing innovation in AI security. Furthermore, the creation of comprehensive benchmarks, such as MCPSecBench and MCPTox, has facilitated the systematic evaluation of AI systems' security and robustness. Noteworthy papers include MCP-Guard, which proposes a robust defense framework for Model Context Protocol integrity, and MoEcho, which introduces a side-channel analysis-based attack surface that compromises user privacy in Mixture-of-Experts-based systems.

Sources

MCP-Guard: A Defense Framework for Model Context Protocol Integrity in Large Language Model Applications

CrossTrace: Efficient Cross-Thread and Cross-Service Span Correlation in Distributed Tracing for Microservices

WebGeoInfer: A Structure-Free and Multi-Stage Framework for Geolocation Inference of Devices Exposing Information

Ethereum Crypto Wallets under Address Poisoning: How Usable and Secure Are They?

Invitation Is All You Need! Promptware Attacks Against LLM-Powered Assistants in Production Are Practical and Dangerous

Systematic Analysis of MCP Security

DEFENDCLI: {Command-Line} Driven Attack Provenance Examination

Reducing False Positives with Active Behavioral Analysis for Cloud Security

MCPSecBench: A Systematic Security Benchmark and Playground for Testing Model Context Protocols

DDoS Attacks in Cloud Computing: Detection and Prevention

NodeShield: Runtime Enforcement of Security-Enhanced SBOMs for Node.js

Precision over Noise: Tailoring S3 Public Access Detection to Reduce False Positives in Cloud Security Platforms

Foe for Fraud: Transferable Adversarial Attacks in Credit Card Fraud Detection

MCPTox: A Benchmark for Tool Poisoning Attack on Real-World MCP Servers

A Systematic Survey of Model Extraction Attacks and Defenses: State-of-the-Art and Perspectives

MoEcho: Exploiting Side-Channel Attacks to Compromise User Privacy in Mixture-of-Experts LLMs

IPIGuard: A Novel Tool Dependency Graph-Based Defense Against Indirect Prompt Injection in LLM Agents

Built with on top of