Shailesh Mishra

Kai Greshake, Sahar Abdelnabi, Shailesh Mishra et al.

Large Language Models (LLMs) are increasingly being integrated into various applications. The functionalities of recent LLMs can be flexibly modulated via natural language prompts. This renders them susceptible to targeted adversarial prompting, e.g., Prompt Injection (PI) attacks enable attackers to override original instructions and employed controls. So far, it was assumed that the user is directly prompting the LLM. But, what if it is not the user prompting? We argue that LLM-Integrated Applications blur the line between data and instructions. We reveal new attack vectors, using Indirect Prompt Injection, that enable adversaries to remotely (without a direct interface) exploit LLM-integrated applications by strategically injecting prompts into data likely to be retrieved. We derive a comprehensive taxonomy from a computer security perspective to systematically investigate impacts and vulnerabilities, including data theft, worming, information ecosystem contamination, and other novel security risks. We demonstrate our attacks' practical viability against both real-world systems, such as Bing's GPT-4 powered Chat and code-completion engines, and synthetic applications built on GPT-4. We show how processing retrieved prompts can act as arbitrary code execution, manipulate the application's functionality, and control how and if other APIs are called. Despite the increasing integration and reliance on LLMs, effective mitigations of these emerging threats are currently lacking. By raising awareness of these vulnerabilities and providing key insights into their implications, we aim to promote the safe and responsible deployment of these powerful models and the development of robust defenses that protect users and systems from potential attacks.

Fabrizio Nunnari, Shailesh Mishra, Patrick Gebhard

This paper describes the MMS-Player, an open source software able to synthesise sign language animations from a novel sign language representation format called MMS (MultiModal Signstream). The MMS enhances gloss-based representations by adding information on parallel execution of signs, timing, and inflections. The implementation consists of Python scripts for the popular Blender 3D authoring tool and can be invoked via command line or HTTP API. Animations can be rendered as videos or exported in other popular 3D animation exchange formats. The software is freely available under GPL-3.0 license at https://github.com/DFKI-SignLanguage/MMS-Player.

Louis-Henri Merino, Simone Colombo, Rene Reyes et al.

Online voting is convenient and flexible, but amplifies the risks of voter coercion and vote buying. One promising mitigation strategy enables voters to give a coercer fake voting credentials, which silently cast votes that do not count. Current systems along these lines make problematic assumptions about credential issuance, however, such as strong trust in a registrar and/or in voter-controlled hardware, or expecting voters to interact with multiple registrars. Votegral is the first coercion-resistant voting architecture that leverages the physical security of in-person registration to address these credential-issuance challenges, amortizing the convenience costs of in-person registration by reusing credentials across successive elections. Votegral's registration component, TRIP, gives voters a kiosk in a privacy booth with which to print real and fake credentials on paper, eliminating dependence on trusted hardware in credential issuance. The voter learns and can verify in the privacy booth which credential is real, but real and fake credentials thereafter appear indistinguishable to others. Only voters actually under coercion, a hopefully-rare case, need to trust the kiosk. To achieve verifiability, each paper credential encodes an interactive zero-knowledge proof, which is sound in real credentials but unsound in fake credentials. Voters observe the difference in the order of printing steps, but need not understand the technical details. Experimental results with our prototype suggest that Votegral is practical and sufficiently scalable for real-world elections. User-visible latency of credential issuance in TRIP is at most 19.7 seconds even on resource-constrained kiosk hardware. A companion usability study indicates that TRIP's usability is competitive with other e-voting systems, and formal proofs support TRIP's combination of coercion-resistance and verifiability.

Ilham Qasse, Shailesh Mishra, Mohammad Hamdaqa

The revolutionary potential of automatic code generation tools based on Model-Driven Engineering (MDE) frameworks has yet to be realized. Beyond their ability to help software professionals write more accurate, reusable code, they could make programming accessible for a whole new class of non-technical users. However, non-technical users have been slow to embrace these tools. This may be because their concrete syntax is often patterned after the operations of textual or graphical interfaces. The interfaces are common, but users would need more extensive, precise and detailed knowledge of them than they can be assumed to have, to use them as concrete syntax. Conversational interfaces (chatbots) offer a much more accessible way for non-technical users to generate code. In this paper, we discuss the basic challenge of integrating conversational agents within Model-Driven Engineering (MDE) frameworks, then turn to look at a specific application: the auto-generation of smart contract code in multiple languages by non-technical users, based on conversational syntax. We demonstrate how this can be done, and evaluate our approach by conducting user experience survey to assess the usability and functionality of the chatbot framework.

Ali Dorri, Shailesh Mishra, Raja Jurdak

Blockchain has received tremendous attention as a secure, distributed, and anonymous framework for the Internet of Things (IoT). As a distributed system, blockchain trades off scalability for distribution, which limits the technologys adaptation for large scale networks such as IoT. All transactions and blocks must be broadcast and verified by all participants which limits scalability and incurs computational and communication overheads. The existing solutions to scale blockchains have so far led to partial recentralization, limiting the technologys original appeal. In this paper, we introduce a distributed yet scalable Verification and Communication architecture for blockchain referred to as Vericom. Vericom concurrently achieves high scalability and distribution using hash function outputs to shift blockchains from broadcast to multicast communication. Unlike conventional blockchains where all nodes must verify new transactions/blocks, Vericom uses the hash of IoT traffic to randomly select a set of nodes to verify transactions/blocks which in turn reduces the processing overhead. Vericom incorporates two layers: i) transmission layer where a randomized multicasting method is introduced along with a backbone network to route traffic, i.e., transactions and blocks, from the source to the destination, and ii) verification layer where a set of randomly selected nodes are allocated to verify each transaction or block. The performance evaluation shows that Vericom reduces the packet and processing overhead as compared with conventional blockchains. In the worst case, packet overhead in Vericom scales linearly with the number of nodes while the processing overhead remains scale-independent.

Ilham Qasse, Shailesh Mishra, Mohammad Hamdaqa

Recently, Blockchain technology adoption has expanded to many application areas due to the evolution of smart contracts. However, developing smart contracts is non-trivial and challenging due to the lack of tools and expertise in this field. A promising solution to overcome this issue is to use Model-Driven Engineering (MDE), however, using models still involves a learning curve and might not be suitable for non-technical users. To tackle this challenge, chatbot or conversational interfaces can be used to assess the non-technical users to specify a smart contract in gradual and interactive manner. In this paper, we propose iContractBot, a chatbot for modeling and developing smart contracts. Moreover, we investigate how to integrate iContractBot with iContractML, a domain-specific modeling language for developing smart contracts, and instantiate intention models from the chatbot. The iContractBot framework provides a domain-specific language (DSL) based on the user intention and performs model-to-text transformation to generate the smart contract code. A smart contract use case is presented to demonstrate how iContractBot can be utilized for creating models and generating the deployment artifacts for smart contracts based on a simple conversation.

Shailesh Mishra, Shivam Kumar

Voltage controls the majority of the processes around us, starting from lighting an incandescent lamp to running huge machines in industries. Therefore, voltage monitoring becomes essential, which demands efficient measurement and storage of voltage data. However, there is hardly any system till date that fulfils both the goals of voltage monitoring and voltage data storage. To achieve this goal, we propose the application of the Internet of Things along with the server-based framework and Distributed Ledger Technology to build systems for smart voltage monitoring. Two models - a centralised model and a decentralised model have been presented and analysed thoroughly in this paper. The centralised model is built on client-server architecture, whereas the decentralised model is based on a peer-to-peer architecture. Blockchain and InterPlanetary File System have been used for the implementation of the decentralised system. Potential improvements to make these systems robust have also been discussed. The methods proposed in this paper for voltage monitoring are novel; ensure efficient data storage and can be used for IoT data storage of any form.