LLMSEC 2025 URL: https://sig.llmsecurity.net/workshop/ Direct submission deadline: April 15, 2025
LLMSEC is an academic event publishing & presenting work on adversarially-induced failure modes of large language models, the conditions that lead to them, and their mitigations. Date: Aug 1, 2025 Location: Vienna, Austria Co-located with ACL 2025 as a workshop Scope Large Language Models accept a variety of inputs and produce a variety of outputs. It is possible to find inputs that lead to LLM outputs that model creators, owners, or users do not want. Defining and enumerating this space is an open task. We describe LLM security as the field of investigating how models that process text can, by an adversary, be made to behave in unintended and harmful ways. %The field covers both weaknesses and vulnerabilities. Research at LLMSEC includes the entire life cycle of LLMs, from training data through fine-tuning and alignment over to inference-time. It also covers deployment context of LLMs, including risk assessment, release decisions, and use of LLMs in agent-based systems. Event scope is LLM attacks, LLM defence, and the contextualisation of LLM security. LLM attacks are anything that causes LLMs to behave in an unexpected/unintended manner usable by an adversary. In the LLM life cycle, this includes techniques like data poisoning and other model supply chain attacks, as well as the adversarial inputs that yield insecure outputs. Topics include: Adversarial attacks on LLMs Automated and adaptive LLM attacks Data poisoning Data extraction from trained models Defining LLM vulnerabilities Detection of adversarial LLM inputs Ethical aspects of LLM security Legal impacts and debates related to model security LLM Denial-of-service LLM security measurement LLM supply chain attacks Model input/output guardrails Model inversion Model policy Multi-modal and cross-model models (e.g. vision&text-to-text, text-to-speech, speech-to-text) Organising model exploits Organising model failure modes Practical tools for exploiting LLMs Privacy breaches mediated by LLM Privilege escalation and lateral movement mediated by LLMs Prompt injection Proofs-of-concept of LLM exploits Red teaming of LLMs Retrieval Augmented Generation security Secure LLM use and deployment Keynotes 1. Johannes Bjerva, Aalborg University (Denmark). Prof. Bjerva’s research is characterised by an interdisciplinary perspective on NLP, with a focus on the potential for impact in society. His main contributions to my field are to incorporate linguistic information into NLP, including large language models (LLMs), and to improve the state of resource-poor languages. Recent research focuses on embedding inversion and attacks on multi-modal models. 2. Erick Galinkin, NVIDIA Corporation (USA). Erick Galinkin is a Research Scientist at NVIDIA working on the security assessment and protection of large language models. Previously, he led the AI research team at Rapid7 and has extensive experience working in the cybersecurity space. He is an alumnus of Johns Hopkins University and holds degrees in applied mathematics and computer science. Outside of his work, Erick is a lifelong student, currently at Drexel University and is renowned for his ability to be around equestrians. 3. TBA Submission formats Submissions must be anonymised & de-identified following ACL policy, and in the ACL template. Long & Short papers We invite both short and long papers; short papers with a 4 page limit, long papers with an 8 page limit, with references, ethics statements, & other compulsory sections not subjected to this limit. Qualitative work As a relatively new field, still engaged in sense-making of the context of this research, we particularly welcome rigorous qualitative work, and work that provides novel information about LLMSEC practice and context. War stories Following cybersecurity tradition, LLMSEC also welcomes “war stories”, that is, accounts of security investigations or operations that are informative to broader audiences. These are intended to connect researchers and practitioners; LLM security is highly interdisciplinary and we have a lot to share with each other. War story submissions need not provide novel quantitative empirical results, but should be illuminating and helpful to the workshop audience. They may be up to four pages, with references, appendices, and compulsory sections excluded from the limit Submission link Submit via softconf: https://softconf.com/acl2025/llmsec2025/ Important Dates Direct submission deadline: April 15, 2025 Notification of acceptance: May 17, 2025 Camera-ready paper deadline: June 16, 2025 Pre-recorded video due: July 5, 2025 Workshop dates: July 31st / August 1st 2025 TZ: Anywhere on earth Organisation Leon Derczynski. Principal Scientist in LLM Security at NVIDIA Corporation, Associate Professor in NLP at ITU University of Copenhagen, President of ACL SIGSEC. https://www.linkedin.com/in/leon-derczynski/ Jekaterina Novikova. Science Lead at the AI Risk and Vulnerability Alliance (ARVA), Expert Advisor of ACL SIGSEC. https://jeknov.github.io/ Muhao Chen. Assistant Professor of Computer Science at Uuniversity of California, Davis, Secretary of ACL SIGSEC. Prof Chen has considerable organisational and service experience, including SAC and AC at NAACL, ACL, EMNLP, and AAAI, and co-chairing workshops at NAACL 2022 and AKBC 2022. https://muhaochen.github.io/
_______________________________________________ Corpora mailing list -- corpora@list.elra.info https://list.elra.info/mailman3/postorius/lists/corpora.list.elra.info/ To unsubscribe send an email to corpora-le...@list.elra.info
