Prompt Injection Attack
Table of Contents
NeurIPS
ICML
ICLR
KDD
NAACL-HLT
EMNLP
ICSE
ICDM
NeurIPS
Expand NeurIPS
2024
| Title | Venue | Year | Link |
|---|---|---|---|
| AgentDojo: A Dynamic Environment to Evaluate Prompt Injection Attacks and Defenses for LLM Agents. | NeurIPS | 2024 | Link |
ICML
Expand ICML
2025
| Title | Venue | Year | Link |
|---|---|---|---|
| MELON: Provable Defense Against Indirect Prompt Injection Attacks in AI Agents. | ICML | 2025 | Link |
ICLR
Expand ICLR
2024
| Title | Venue | Year | Link |
|---|---|---|---|
| Tensor Trust: Interpretable Prompt Injection Attacks from an Online Game. | ICLR | 2024 | Link |
KDD
Expand KDD
2025
| Title | Venue | Year | Link |
|---|---|---|---|
| Benchmarking and Defending against Indirect Prompt Injection Attacks on Large Language Models. | KDD | 2025 | Link |
| Generalizable Graph Prompt Learning Framework with Model-level Prompt Injection and Two-Stage Prompt Tuning. | KDD | 2025 | Link |
SP
Expand SP
2025
| Title | Venue | Year | Link |
|---|---|---|---|
| DataSentinel: A Game-Theoretic Detection of Prompt Injection Attacks. | SP | 2025 | Link |
| Fun-tuning: Characterizing the Vulnerability of Proprietary LLMs to Optimization-Based Prompt Injection Attacks via the Fine-Tuning Interface. | SP | 2025 | Link |
2024
| Title | Venue | Year | Link |
|---|---|---|---|
| PromptCARE: Prompt Copyright Protection by Watermark Injection and Verification. | SP | 2024 | Link |
CCS
Expand CCS
2025
| Title | Venue | Year | Link |
|---|---|---|---|
| SecAlign: Defending Against Prompt Injection with Preference Optimization. | CCS | 2025 | Link |
2024
| Title | Venue | Year | Link |
|---|---|---|---|
| Optimization-based Prompt Injection Attack to LLM-as-a-Judge. | CCS | 2024 | Link |
USENIX Security Symposium
Expand USENIX Security Symposium
2025
| Title | Venue | Year | Link |
|---|---|---|---|
| StruQ: Defending Against Prompt Injection with Structured Queries. | USENIX Security Symposium | 2025 | Link |
2024
| Title | Venue | Year | Link |
|---|---|---|---|
| Formalizing and Benchmarking Prompt Injection Attacks and Defenses. | USENIX Security Symposium | 2024 | Link |
ACL
Expand ACL
2025
| Title | Venue | Year | Link |
|---|---|---|---|
| Can Indirect Prompt Injection Attacks Be Detected and Removed? | ACL | 2025 | Link |
| Defense Against Prompt Injection Attack by Leveraging Attack Techniques. | ACL | 2025 | Link |
| PIGuard: Prompt Injection Guardrail via Mitigating Overdefense for Free. | ACL | 2025 | Link |
| The Task Shield: Enforcing Task Alignment to Defend Against Indirect Prompt Injection in LLM Agents. | ACL | 2025 | Link |
2024
| Title | Venue | Year | Link |
|---|---|---|---|
| InjecAgent: Benchmarking Indirect Prompt Injections in Tool-Integrated Large Language Model Agents. | ACL | 2024 | Link |
NAACL-HLT
Expand NAACL-HLT
2024
| Title | Venue | Year | Link |
|---|---|---|---|
| Backdooring Instruction-Tuned Large Language Models with Virtual Prompt Injection. | NAACL-HLT | 2024 | Link |
EMNLP
Expand EMNLP
2024
| Title | Venue | Year | Link |
|---|---|---|---|
| Evaluating the Instruction-Following Robustness of Large Language Models to Prompt Injection. | EMNLP | 2024 | Link |
ICSE
Expand ICSE
2025
| Title | Venue | Year | Link |
|---|---|---|---|
| Prompt-to-SQL Injections in LLM-Integrated Web Applications: Risks and Defenses. | ICSE | 2025 | Link |
ICDM
Expand ICDM
2024
| Title | Venue | Year | Link |
|---|---|---|---|
| Goal-Guided Generative Prompt Injection Attack on Large Language Models. | ICDM | 2024 | Link |