Tootfinder

Towards Robust Artificial Intelligence: Self-Supervised Learning Approach for Out-of-Distribution Detection
Wissam Salhab, Darine Ameyed, Hamid Mcheick, Fehmi Jaafar
https://arxiv.org/abs/2510.12713

Towards Robust Artificial Intelligence: Self-Supervised Learning Approach for Out-of-Distribution Detection
Robustness in AI systems refers to their ability to maintain reliable and accurate performance under various conditions, including out-of-distribution (OOD) samples, adversarial attacks, and environmental changes. This is crucial in safety-critical systems, such as autonomous vehicles, transportation, or healthcare, where malfunctions could have severe consequences. This paper proposes an approach to improve OOD detection without the need of labeled data, thereby increasing the AI systems' robu…

Hamilton-Jacobi Reachability for Viability Analysis of Constrained Waste-to-Energy Systems under Adversarial Uncertainty
Achraf Bouhmady, Othman Cherkaoui Dekkaki
https://arxiv.org/abs/2510.11396

Hamilton-Jacobi Reachability for Viability Analysis of Constrained Waste-to-Energy Systems under Adversarial Uncertainty
This paper investigates the problem of maintaining the safe operation of Waste-to-Energy (WtE) systems under operational constraints and uncertain waste inflows. We model this as a robust viability problem, formulated as a zero-sum differential game between a control policy and an adversarial disturbance. Within a Hamilton-Jacobi framework, the viability kernel is characterized as the zero sublevel set of a value function satisfying a constrained Hamilton-Jacobi-Bellman (HJB) equation in the vi…

Mirage Fools the Ear, Mute Hides the Truth: Precise Targeted Adversarial Attacks on Polyphonic Sound Event Detection Systems
Junjie Su, Weifei Jin, Yuxin Cao, Derui Wang, Kai Ye, Jie Hao
https://arxiv.org/abs/2510.02158

Mirage Fools the Ear, Mute Hides the Truth: Precise Targeted Adversarial Attacks on Polyphonic Sound Event Detection Systems
Sound Event Detection (SED) systems are increasingly deployed in safety-critical applications such as industrial monitoring and audio surveillance. However, their robustness against adversarial attacks has not been well explored. Existing audio adversarial attacks targeting SED systems, which incorporate both detection and localization capabilities, often lack effectiveness due to SED's strong contextual dependencies or lack precision by focusing solely on misclassifying the target region as th…

DecompGAIL: Learning Realistic Traffic Behaviors with Decomposed Multi-Agent Generative Adversarial Imitation Learning
Ke Guo, Haochen Liu, Xiaojun Wu, Chen Lv
https://arxiv.org/abs/2510.06913

DecompGAIL: Learning Realistic Traffic Behaviors with Decomposed Multi-Agent Generative Adversarial Imitation Learning
Realistic traffic simulation is critical for the development of autonomous driving systems and urban mobility planning, yet existing imitation learning approaches often fail to model realistic traffic behaviors. Behavior cloning suffers from covariate shift, while Generative Adversarial Imitation Learning (GAIL) is notoriously unstable in multi-agent settings. We identify a key source of this instability: irrelevant interaction misguidance, where a discriminator penalizes an ego vehicle's reali…

OBJVanish: Physically Realizable Text-to-3D Adv. Generation of LiDAR-Invisible Objects
Bing Li, Wuqi Wang, Yanan Zhang, Jingzheng Li, Haigen Min, Wei Feng, Xingyu Zhao, Jie Zhang, Qing Guo
https://arxiv.org/abs/2510.06952

OBJVanish: Physically Realizable Text-to-3D Adv. Generation of LiDAR-Invisible Objects
LiDAR-based 3D object detectors are fundamental to autonomous driving, where failing to detect objects poses severe safety risks. Developing effective 3D adversarial attacks is essential for thoroughly testing these detection systems and exposing their vulnerabilities before real-world deployment. However, existing adversarial attacks that add optimized perturbations to 3D points have two critical limitations: they rarely cause complete object disappearance and prove difficult to implement in p…

Position: Human Factors Reshape Adversarial Analysis in Human-AI Decision-Making Systems
Shutong Fan, Lan Zhang, Xiaoyong Yuan
https://arxiv.org/abs/2509.21436 https://

Position: Human Factors Reshape Adversarial Analysis in Human-AI Decision-Making Systems
As Artificial Intelligence (AI) increasingly supports human decision-making, its vulnerability to adversarial attacks grows. However, the existing adversarial analysis predominantly focuses on fully autonomous AI systems, where decisions are executed without human intervention. This narrow focus overlooks the complexities of human-AI collaboration, where humans interpret, adjust, and act upon AI-generated decisions. Trust, expectations, and cognitive behaviors influence how humans interact with…

SoK: Systematic analysis of adversarial threats against deep learning approaches for autonomous anomaly detection systems in SDN-IoT networks
Tharindu Lakshan Yasarathna, Nhien-An Le-Khac
https://arxiv.org/abs/2509.26350

SoK: Systematic analysis of adversarial threats against deep learning approaches for autonomous anomaly detection systems in SDN-IoT networks
Integrating SDN and the IoT enhances network control and flexibility. DL-based AAD systems improve security by enabling real-time threat detection in SDN-IoT networks. However, these systems remain vulnerable to adversarial attacks that manipulate input data or exploit model weaknesses, significantly degrading detection accuracy. Existing research lacks a systematic analysis of adversarial vulnerabilities specific to DL-based AAD systems in SDN-IoT environments. This SoK study introduces a stru…

Adversarial Social Influence: Modeling Persuasion in Contested Social Networks
Renukanandan Tumu, Cristian Ioan Vasile, Victor Preciado, Rahul Mangharam
https://arxiv.org/abs/2510.01481

Adversarial Social Influence: Modeling Persuasion in Contested Social Networks
We present the Social Influence Game (SIG), a framework for modeling adversarial persuasion in social networks with an arbitrary number of competing players. Our goal is to provide a tractable and interpretable model of contested influence that scales to large systems while capturing the structural leverage points of networks. Each player allocates influence from a fixed budget to steer opinions that evolve under DeGroot dynamics, and we prove that the resulting optimization problem is a differ…

LegalSim: Multi-Agent Simulation of Legal Systems for Discovering Procedural Exploits
Sanket Badhe
https://arxiv.org/abs/2510.03405 https://arxiv.org/pdf/2…

LegalSim: Multi-Agent Simulation of Legal Systems for Discovering Procedural Exploits
We present LegalSim, a modular multi-agent simulation of adversarial legal proceedings that explores how AI systems can exploit procedural weaknesses in codified rules. Plaintiff and defendant agents choose from a constrained action space (for example, discovery requests, motions, meet-and-confer, sanctions) governed by a JSON rules engine, while a stochastic judge model with calibrated grant rates, cost allocations, and sanction tendencies resolves outcomes. We compare four policies: PPO, a co…

A Bilevel Optimization Framework for Adversarial Control of Gas Pipeline Operations
Tejaswini Sanjay Katale, Lu Gao, Yunpeng Zhang, Alaa Senouci
https://arxiv.org/abs/2510.02503

A Bilevel Optimization Framework for Adversarial Control of Gas Pipeline Operations
Cyberattacks on pipeline operational technology systems pose growing risks to energy infrastructure. This study develops a physics-informed simulation and optimization framework for analyzing cyber-physical threats in petroleum pipeline networks. The model integrates networked hydraulic dynamics, SCADA-based state estimation, model predictive control (MPC), and a bi-level formulation for stealthy false-data injection (FDI) attacks. Pipeline flow and pressure dynamics are modeled on a directed g…

VeriGuard: Enhancing LLM Agent Safety via Verified Code Generation
Lesly Miculicich, Mihir Parmar, Hamid Palangi, Krishnamurthy Dj Dvijotham, Mirko Montanari, Tomas Pfister, Long T. Le
https://arxiv.org/abs/2510.05156

VeriGuard: Enhancing LLM Agent Safety via Verified Code Generation
The deployment of autonomous AI agents in sensitive domains, such as healthcare, introduces critical risks to safety, security, and privacy. These agents may deviate from user objectives, violate data handling policies, or be compromised by adversarial attacks. Mitigating these dangers necessitates a mechanism to formally guarantee that an agent's actions adhere to predefined safety constraints, a challenge that existing systems do not fully address. We introduce VeriGuard, a novel framework th…

A Statistical Method for Attack-Agnostic Adversarial Attack Detection with Compressive Sensing Comparison
Chinthana Wimalasuriya, Spyros Tragoudas
https://arxiv.org/abs/2510.02707

A Statistical Method for Attack-Agnostic Adversarial Attack Detection with Compressive Sensing Comparison
Adversarial attacks present a significant threat to modern machine learning systems. Yet, existing detection methods often lack the ability to detect unseen attacks or detect different attack types with a high level of accuracy. In this work, we propose a statistical approach that establishes a detection baseline before a neural network's deployment, enabling effective real-time adversarial detection. We generate a metric of adversarial presence by comparing the behavior of a compressed/uncompr…

Decoding Deception: Understanding Automatic Speech Recognition Vulnerabilities in Evasion and Poisoning Attacks
Aravindhan G, Yuvaraj Govindarajulu, Parin Shah
https://arxiv.org/abs/2509.22060

Decoding Deception: Understanding Automatic Speech Recognition Vulnerabilities in Evasion and Poisoning Attacks
Recent studies have demonstrated the vulnerability of Automatic Speech Recognition systems to adversarial examples, which can deceive these systems into misinterpreting input speech commands. While previous research has primarily focused on white-box attacks with constrained optimizations, and transferability based black-box attacks against commercial Automatic Speech Recognition devices, this paper explores cost efficient white-box attack and non transferability black-box adversarial attacks o…

Vision Transformers: the threat of realistic adversarial patches
Kasper Cools, Clara Maathuis, Alexander M. van Oers, Claudia S. H\"ubner, Nikos Deligiannis, Marijke Vandewal, Geert De Cubber
https://arxiv.org/abs/2509.21084

Vision Transformers: the threat of realistic adversarial patches
The increasing reliance on machine learning systems has made their security a critical concern. Evasion attacks enable adversaries to manipulate the decision-making processes of AI systems, potentially causing security breaches or misclassification of targets. Vision Transformers (ViTs) have gained significant traction in modern machine learning due to increased 1) performance compared to Convolutional Neural Networks (CNNs) and 2) robustness against adversarial perturbations. However, ViTs rem…

Are Modern Speech Enhancement Systems Vulnerable to Adversarial Attacks?
Rostislav Makarov, Lea Sch\"onherr, Timo Gerkmann
https://arxiv.org/abs/2509.21087 https://

Are Modern Speech Enhancement Systems Vulnerable to Adversarial Attacks?
Machine learning approaches for speech enhancement are becoming increasingly expressive, enabling ever more powerful modifications of input signals. In this paper, we demonstrate that this expressiveness introduces a vulnerability: advanced speech enhancement models can be susceptible to adversarial attacks. Specifically, we show that adversarial noise, carefully crafted and psychoacoustically masked by the original input, can be injected such that the enhanced speech output conveys an entirely…

Physics-Constrained Inc-GAN for Tunnel Propagation Modeling from Sparse Line Measurements
Yang Zhou, Haochang Wu, Yunxi Mu, Hao Qin, Xinyue Zhang, Xingqi Zhang
https://arxiv.org/abs/2510.03019

Physics-Constrained Inc-GAN for Tunnel Propagation Modeling from Sparse Line Measurements
High-speed railway tunnel communication systems require reliable radio wave propagation prediction to ensure operational safety. However, conventional simulation methods face challenges of high computational complexity and inability to effectively process sparse measurement data collected during actual railway operations. This letter proposes an inception-enhanced generative adversarial network (Inc-GAN) that can reconstruct complete electric field distributions across tunnel cross-sections usi…

Incentive-Aligned Multi-Source LLM Summaries
Yanchen Jiang, Zhe Feng, Aranyak Mehta
https://arxiv.org/abs/2509.25184 https://arxiv.org/pdf/2509.25184

Incentive-Aligned Multi-Source LLM Summaries
Large language models (LLMs) are increasingly used in modern search and answer systems to synthesize multiple, sometimes conflicting, texts into a single response, yet current pipelines offer weak incentives for sources to be accurate and are vulnerable to adversarial content. We introduce Truthful Text Summarization (TTS), an incentive-aligned framework that improves factual robustness without ground-truth labels. TTS (i) decomposes a draft synthesis into atomic claims, (ii) elicits each sourc…

Steerable Adversarial Scenario Generation through Test-Time Preference Alignment
Tong Nie, Yuewen Mei, Yihong Tang, Junlin He, Jie Sun, Haotian Shi, Wei Ma, Jian Sun
https://arxiv.org/abs/2509.20102

Steerable Adversarial Scenario Generation through Test-Time Preference Alignment
Adversarial scenario generation is a cost-effective approach for safety assessment of autonomous driving systems. However, existing methods are often constrained to a single, fixed trade-off between competing objectives such as adversariality and realism. This yields behavior-specific models that cannot be steered at inference time, lacking the efficiency and flexibility to generate tailored scenarios for diverse training and testing requirements. In view of this, we reframe the task of adversa…

Modeling the Attack: Detecting AI-Generated Text by Quantifying Adversarial Perturbations
Lekkala Sai Teja, Annepaka Yadagiri, Sangam Sai Anish, Siva Gopala Krishna Nuthakki, Partha Pakray
https://arxiv.org/abs/2510.02319

Modeling the Attack: Detecting AI-Generated Text by Quantifying Adversarial Perturbations
The growth of highly advanced Large Language Models (LLMs) constitutes a huge dual-use problem, making it necessary to create dependable AI-generated text detection systems. Modern detectors are notoriously vulnerable to adversarial attacks, with paraphrasing standing out as an effective evasion technique that foils statistical detection. This paper presents a comparative study of adversarial robustness, first by quantifying the limitations of standard adversarial training and then by introduci…

Generative Adversarial Networks Applied for Privacy Preservation in Biometric-Based Authentication and Identification
Lubos Mjachky, Ivan Homoliak
https://arxiv.org/abs/2509.20024

Generative Adversarial Networks Applied for Privacy Preservation in Biometric-Based Authentication and Identification
Biometric-based authentication systems are getting broadly adopted in many areas. However, these systems do not allow participating users to influence the way their data is used. Furthermore, the data may leak and can be misused without the users' knowledge. In this paper, we propose a new authentication method that preserves the privacy of individuals and is based on a generative adversarial network (GAN). Concretely, we suggest using the GAN for translating images of faces to a visually priva…

The Use of the Simplex Architecture to Enhance Safety in Deep-Learning-Powered Autonomous Systems
Federico Nesti, Niko Salamini, Mauro Marinoni, Giorgio Maria Cicero, Gabriele Serra, Alessandro Biondi, Giorgio Buttazzo
https://arxiv.org/abs/2509.21014

The Use of the Simplex Architecture to Enhance Safety in Deep-Learning-Powered Autonomous Systems
Recently, the outstanding performance reached by neural networks in many tasks has led to their deployment in autonomous systems, such as robots and vehicles. However, neural networks are not yet trustworthy, being prone to different types of misbehavior, such as anomalous samples, distribution shifts, adversarial attacks, and other threats. Furthermore, frameworks for accelerating the inference of neural networks typically run on rich operating systems that are less predictable in terms of tim…

TabVLA: Targeted Backdoor Attacks on Vision-Language-Action Models
Zonghuan Xu, Xiang Zheng, Xingjun Ma, Yu-Gang Jiang
https://arxiv.org/abs/2510.10932 https://

TabVLA: Targeted Backdoor Attacks on Vision-Language-Action Models
With the growing deployment of Vision-Language-Action (VLA) models in real-world embodied AI systems, their increasing vulnerability to backdoor attacks poses a serious safety threat. A backdoored VLA agent can be covertly triggered by a pre-injected backdoor to execute adversarial actions, potentially causing system failures or even physical harm. Although backdoor attacks on VLA models have been explored, prior work has focused only on untargeted attacks, leaving the more practically threaten…

Bridging Batch and Streaming Estimations to System Identification under Adversarial Attacks
Jihun Kim, Javad Lavaei
https://arxiv.org/abs/2509.15794 https://

Bridging Batch and Streaming Estimations to System Identification under Adversarial Attacks
System identification in modern engineering systems faces emerging challenges from unanticipated adversarial attacks beyond existing detection mechanisms. In this work, we obtain a provably accurate estimate of the Markov parameter matrix of order $k$ to identify partially observed linear systems, in which the probability of having an attack at each time is $O(1/k)$. We show that given the batch data accumulated up to time $T^*$, the $\ell_2$-norm estimator achieves an error decaying exponentia…

Steerable Adversarial Scenario Generation through Test-Time Preference Alignment
Tong Nie, Yuewen Mei, Yihong Tang, Junlin He, Jie Sun, Haotian Shi, Wei Ma, Jian Sun
https://arxiv.org/abs/2509.20102

Steerable Adversarial Scenario Generation through Test-Time Preference Alignment
Adversarial scenario generation is a cost-effective approach for safety assessment of autonomous driving systems. However, existing methods are often constrained to a single, fixed trade-off between competing objectives such as adversariality and realism. This yields behavior-specific models that cannot be steered at inference time, lacking the efficiency and flexibility to generate tailored scenarios for diverse training and testing requirements. In view of this, we reframe the task of adversa…

Observation-Free Attacks on Online Learning to Rank
Sameep Chattopadhyay, Nikhil Karamchandani, Sharayu Mohair
https://arxiv.org/abs/2509.22855 https://arx…

Observation-Free Attacks on Online Learning to Rank
Online learning to rank (OLTR) plays a critical role in information retrieval and machine learning systems, with a wide range of applications in search engines and content recommenders. However, despite their extensive adoption, the susceptibility of OLTR algorithms to coordinated adversarial attacks remains poorly understood. In this work, we present a novel framework for attacking some of the widely used OLTR algorithms. Our framework is designed to promote a set of target items so that they …

Experimental insights into data augmentation techniques for deep learning-based multimode fiber imaging: limitations and success
Jawaria Maqbool, M. Imran Cheema
https://arxiv.org/abs/2511.19072 https://arxiv.org/pdf/2511.19072 https://arxiv.org/html/2511.19072
arXiv:2511.19072v1 Announce Type: new
Abstract: Multimode fiber~(MMF) imaging using deep learning has high potential to produce compact, minimally invasive endoscopic systems. Nevertheless, it relies on large, diverse real-world medical data, whose availability is limited by privacy concerns and practical challenges. Although data augmentation has been extensively studied in various other deep learning tasks, it has not been systematically explored for MMF imaging. This work provides the first in-depth experimental and computational study on the efficacy and limitations of augmentation techniques in this field. We demonstrate that standard image transformations and conditional generative adversarial-based synthetic speckle generation fail to improve, or even deteriorate, reconstruction quality, as they neglect the complex modal interference and dispersion that results in speckle formation. To address this, we introduce a physical data augmentation method in which only organ images are digitally transformed, while their corresponding speckles are experimentally acquired via fiber. This approach preserves the physics of light-fiber interaction and enhances the reconstruction structural similarity index measure~(SSIM) by up to 17\%, forming a viable system for reliable MMF imaging under limited data conditions.
toXiv_bot_toot

Adversarial Defense in Cybersecurity: A Systematic Review of GANs for Threat Detection and Mitigation
Tharcisse Ndayipfukamiye, Jianguo Ding, Doreen Sebastian Sarwatt, Adamu Gaston Philipo, Huansheng Ning
https://arxiv.org/abs/2509.20411

Adversarial Defense in Cybersecurity: A Systematic Review of GANs for Threat Detection and Mitigation
Machine learning-based cybersecurity systems are highly vulnerable to adversarial attacks, while Generative Adversarial Networks (GANs) act as both powerful attack enablers and promising defenses. This survey systematically reviews GAN-based adversarial defenses in cybersecurity (2021--August 31, 2025), consolidating recent progress, identifying gaps, and outlining future directions. Using a PRISMA-compliant systematic literature review protocol, we searched five major digital libraries. From 8…

Secrecy-Driven Beamforming for Multi-User Integrated Sensing and Communication
Ali Khandan Boroujeni, Hyeon Seok Rou, Ghazal Bagheri, Kuranage Roche Rayan Ranasinghe, Giuseppe Thadeu Freitas de Abreu, Stefan K\"opsell, Rafael F. Schaefer
https://arxiv.org/abs/2509.26249

Secrecy-Driven Beamforming for Multi-User Integrated Sensing and Communication
This paper proposes a secure integrated sensing and communications (ISAC) framework for multi-user systems with multiple communication users (CUs) and adversarial targets, where the design problem is formulated to maximize secrecy rate under joint sensing and communication constraints. An efficient solution is presented based on an accelerated fractional programming method using a non-homogeneous complex quadratic transform (QT), which decomposes the problem into tractable subproblems for beamf…

Evaluating the Robustness of a Production Malware Detection System to Transferable Adversarial Attacks
Milad Nasr, Yanick Fratantonio, Luca Invernizzi, Ange Albertini, Loua Farah, Alex Petit-Bianco, Andreas Terzis, Kurt Thomas, Elie Bursztein, Nicholas Carlini
https://arxiv.org/abs/2510.01676

Evaluating the Robustness of a Production Malware Detection System to Transferable Adversarial Attacks
As deep learning models become widely deployed as components within larger production systems, their individual shortcomings can create system-level vulnerabilities with real-world impact. This paper studies how adversarial attacks targeting an ML component can degrade or bypass an entire production-grade malware detection system, performing a case study analysis of Gmail's pipeline where file-type identification relies on a ML model. The malware detection pipeline in use by Gmail contains a …

Partial Resilient Leader-Follower Consensus in Time-Varying Graphs
Haejoon Lee, Dimitra Panagou
https://arxiv.org/abs/2510.01144 https://arxiv.org/pdf/2510…

Partial Resilient Leader-Follower Consensus in Time-Varying Graphs
This work studies resilient leader-follower consensus with a bounded number of adversaries. Existing approaches typically require robustness conditions of the entire network to guarantee resilient consensus. However, the behavior of such systems when these conditions are not fully met remains unexplored. To address this gap, we introduce the notion of partial leader-follower consensus, in which a subset of non-adversarial followers successfully tracks the leader's reference state despite insuff…

Joint Optimization of Speaker and Spoof Detectors for Spoofing-Robust Automatic Speaker Verification
O\u{g}uzhan Kurnaz, Jagabandhu Mishra, Tomi H. Kinnunen, Cemal Hanil\c{c}i
https://arxiv.org/abs/2510.01818

Joint Optimization of Speaker and Spoof Detectors for Spoofing-Robust Automatic Speaker Verification
Spoofing-robust speaker verification (SASV) combines the tasks of speaker and spoof detection to authenticate speakers under adversarial settings. Many SASV systems rely on fusion of speaker and spoof cues at embedding, score or decision levels, based on independently trained subsystems. In this study, we respect similar modularity of the two subsystems, by integrating their outputs using trainable back-end classifiers. In particular, we explore various approaches for directly optimizing the ba…

Unified Threat Detection and Mitigation Framework (UTDMF): Combating Prompt Injection, Deception, and Bias in Enterprise-Scale Transformers
Santhosh KumarRavindran
https://arxiv.org/abs/2510.04528

Unified Threat Detection and Mitigation Framework (UTDMF): Combating Prompt Injection, Deception, and Bias in Enterprise-Scale Transformers
The rapid adoption of large language models (LLMs) in enterprise systems exposes vulnerabilities to prompt injection attacks, strategic deception, and biased outputs, threatening security, trust, and fairness. Extending our adversarial activation patching framework (arXiv:2507.09406), which induced deception in toy networks at a 23.9% rate, we introduce the Unified Threat Detection and Mitigation Framework (UTDMF), a scalable, real-time pipeline for enterprise-grade models like Llama-3.1 (405B)…

Crosslisted article(s) found for cs.MA. https://arxiv.org/list/cs.MA/new
[1/1]:
- ORCA: Agentic Reasoning For Hallucination and Adversarial Robustness in Vision-Language Models
Chung-En Johnny Yu (Neil), Hsuan-Chih (Neil), Chen, Brian Jalaian, Nathaniel D. Bastian

Universally Composable Termination Analysis of Tendermint
Zhixin Dong, Xian Xu, Yuhang Zeng, Mingchao Wan, Chunmiao Li
https://arxiv.org/abs/2510.01097 https://

Universally Composable Termination Analysis of Tendermint
Modern blockchain systems operating in adversarial environments require robust consensus protocols that guarantee both safety and termination under network delay attacks. Tendermint, a widely adopted consensus protocol in consortium blockchains, achieves high throughput and finality. However, previous analysis of the safety and termination has been done in a standalone fashion, with no consideration of the composition with other protocols interacting with it in a concurrent manner. Moreover, th…

Integrated Security Mechanisms for Weight Protection in Memristive Crossbar Arrays
Muhammad Faheemur Rahman, Wayne Burleson
https://arxiv.org/abs/2510.01350 https://

Integrated Security Mechanisms for Weight Protection in Memristive Crossbar Arrays
Memristive crossbar arrays enable in-memory computing by performing parallel analog computations directly within memory, making them well-suited for machine learning, neural networks, and neuromorphic systems. However, despite their advantages, non-volatile memristors are vulnerable to security threats (such as adversarial extraction of stored weights when the hardware is compromised. Protecting these weights is essential since they represent valuable intellectual property resulting from length…

Are Robust LLM Fingerprints Adversarially Robust?
Anshul Nasery, Edoardo Contente, Alkin Kaz, Pramod Viswanath, Sewoong Oh
https://arxiv.org/abs/2509.26598 https://

Are Robust LLM Fingerprints Adversarially Robust?
Model fingerprinting has emerged as a promising paradigm for claiming model ownership. However, robustness evaluations of these schemes have mostly focused on benign perturbations such as incremental fine-tuning, model merging, and prompting. Lack of systematic investigations into {\em adversarial robustness} against a malicious model host leaves current systems vulnerable. To bridge this gap, we first define a concrete, practical threat model against model fingerprinting. We then take a critic…