Papers by Đorđe Klisura
Role-Conditioned Refusals: Evaluating Access Control Reasoning in Large Language Models (2026.findings-eacl)
Copied to clipboard
| Challenge: | Large Language Models (LLMs) blur role boundaries by producing unrestricted responses. |
| Approach: | They propose to extend the Spider and BIRD text-to-SQL datasets with real-time PostgreSQl role-based policies at the table and column levels. |
| Outcome: | The proposed model improves refusal precision and lowers false permits. |
Unmasking Database Vulnerabilities: Zero-Knowledge Schema Inference Attacks in Text-to-SQL Systems (2025.findings-naacl)
Copied to clipboard
| Challenge: | Existing text-to-SQL systems rely on database schema information for SQL generation, exposing them to security vulnerabilities. |
| Approach: | They propose a framework for reconstructing database schema of text-to-SQL models without prior knowledge of the database. |
| Outcome: | The proposed framework achieves high accuracy in reconstructing table names, with F1 scores of up to .99 for generative models and .78 for fine-tuned models, underscoring the severity of schema leakage risks. |
A Multi-Agent Framework for Mitigating Dialect Biases in Privacy Policy Question-Answering Systems (2025.acl-long)
Copied to clipboard
Đorđe Klisura, Astrid R Bernaga Torres, Anna Karen Gárate-Escamilla, Rajesh Roshan Biswal, Ke Yang, Hilal Pataci, Anthony Rios
| Challenge: | Existing Privacy Policy Question Answering systems exhibit performance disparities across English dialects, disadvantaging speakers of non-standard varieties. |
| Approach: | They propose a framework that integrates a Dialect Agent and a Privacy Policy Agent to mitigate dialectal biases. |
| Outcome: | The proposed framework improves GPT-4o-mini’s zero-shot accuracy from 0.394 to 0.601 on PrivacyQA and 0.352 to 0.464 on PolicyQA. |