Papers by Neil Zhenqiang Gong
SafeAgent: Safeguarding LLM Agents via an Automated Risk Simulator (2026.acl-long)
Copied to clipboard
Xueyang Zhou, Weidong Wang, Lin Lu, Jiawen Shi, Guiyao Tie, Xu Yongtian, Lixing Chen, Pan Zhou, Neil Zhenqiang Gong, Lichao Sun
| Challenge: | SafeAgent improves agent safety through fully automated synthetic data generation. |
| Approach: | They propose a framework that improves agent safety through fully automated synthetic data generation. |
| Outcome: | The proposed framework outperforms closed-source models on two safety benchmarks and one real-world task. |
WebInject: Prompt Injection Attack to Web Agents (2025.emnlp-main)
Copied to clipboard
| Challenge: | Despite advanced capabilities of MLLMs, prompt injection attacks remain vulnerable to emerging security and safety threats. |
| Approach: | They propose a prompt injection attack that manipulates webpage environment to induce web agent to perform attacker-specified action. |
| Outcome: | The proposed attack outperforms baselines on multiple datasets and is highly effective. |
Jailbreaking Safeguarded Text-to-Image Models via Large Language Models (2026.findings-eacl)
Copied to clipboard
| Challenge: | Text-to-image models generate harmful content when unsafe prompts are submitted . authors propose a method to jailbreak text-to image models with safety guardrails . |
| Approach: | They propose a method to jailbreak text-to-image models with safety guardrails . they use a fine-tuned large language model to generate adversarial prompts based on unsafe prompts. |
| Outcome: | The proposed method bypasses safety guardrails and outperforms existing no-box attacks . the proposed method generates adversarial prompts efficiently after fine-tuning the model . |
Fingerprinting LLMs via Prompt Injection (2026.acl-long)
Copied to clipboard
Yuepeng Hu, Zhengyuan Jiang, Mengyuan Li, Osama Ahmed, Zhicong Huang, Cheng Hong, Neil Zhenqiang Gong
| Challenge: | Existing provenance detection methods for large language models are infeasible for already published models and compare outputs using hand-crafted or random prompts. |
| Approach: | They propose a detection framework that constructs fingerprints by exploiting LLMs’ inherent vulnerability to prompt injection. |
| Outcome: | The proposed framework achieves high true positive rates while keeping false positive rates near zero. |
Copyright Detective: A Forensic System to Evidence LLMs Flickering Copyright Leakage Risks (2026.acl-demo)
Copied to clipboard
Guangwei Zhang, Jianing Zhu, Cheng Qian, Neil Zhenqiang Gong, Rada Mihalcea, Zhaozhuo Xu, Jingrui He, Jiaqi W. Ma, Chaowei Xiao, Bo Li, Ahmed Abbasi, Dongwon Lee, Heng Ji, Denghui Zhang
| Challenge: | **Copyright Detective** is the first interactive forensic system for detecting, analyzing, and visualizing potential copyright risks in LLM outputs. |
| Approach: | They propose a system that detects copyright infringements and visualizes them . they use content recall testing, paraphrase-level similarity analysis and persuasive jailbreak probing . |
| Outcome: | The proposed system detects, analyzes, and visualizes potential copyright risks in LLM outputs. |
Leave My Images Alone: Preventing Multi-Modal Large Language Models from Analyzing Images via Visual Prompt Injection (2026.acl-long)
Copied to clipboard
| Challenge: | Multimodal large language models are powerful tools for analyzing Internet-scale image data. |
| Approach: | They propose a method to protect images from unauthorized analysis by MLLMs . they embed a perturbation that acts as a visual prompt injection attack on MLMLs if a malicious actor downloads and queries an image . |
| Outcome: | The proposed method protects images from unauthorized analysis by MLLMs . it embeds a perturbation that acts as a visual prompt injection attack on MLMLs if a malicious actor downloads and queries the protected image . |