LGOct 2, 2025
Securing generative artificial intelligence with parallel magnetic tunnel junction true randomnessYouwei Bao, Shuhan Yang, Hyunsoo Yang
Deterministic pseudo random number generators (PRNGs) used in generative artificial intelligence (GAI) models produce predictable patterns vulnerable to exploitation by attackers. Conventional defences against the vulnerabilities often come with significant energy and latency overhead. Here, we embed hardware-generated true random bits from spin-transfer torque magnetic tunnel junctions (STT-MTJs) to address the challenges. A highly parallel, FPGA-assisted prototype computing system delivers megabit-per-second true random numbers, passing NIST randomness tests after in-situ operations with minimal overhead. Integrating the hardware random bits into a generative adversarial network (GAN) trained on CIFAR-10 reduces insecure outputs by up to 18.6 times compared to the low-quality random number generators (RNG) baseline. With nanosecond switching speed, high energy efficiency, and established scalability, our STT-MTJ-based system holds the potential to scale beyond 106 parallel cells, achieving gigabit-per-second throughput suitable for large language model sampling. This advancement highlights spintronic RNGs as practical security components for next-generation GAI systems.
CRApr 15, 2025
CEE: An Inference-Time Jailbreak Defense for Embodied Intelligence via Subspace Concept RotationJirui Yang, Zheyu Lin, Zhihui Lu et al.
Large Language Models (LLMs) are increasingly becoming the cognitive core of Embodied Intelligence (EI) systems, such as robots and autonomous vehicles. However, this integration also exposes them to serious jailbreak risks, where malicious instructions can be transformed into dangerous physical actions. Existing defense mechanisms suffer from notable drawbacks--including high training costs, significant inference delays, and complex hyperparameter tuning--which limit their practical applicability. To address these challenges, we propose a novel and efficient inference-time defense framework: Concept Enhancement Engineering (CEE). CEE enhances the model's inherent safety mechanisms by directly manipulating its internal representations, requiring neither additional training nor external modules, thereby improving defense efficiency. Furthermore, CEE introduces a rotation-based control mechanism that enables stable and linearly tunable behavioral control of the model. This design eliminates the need for tedious manual tuning and avoids the output degradation issues commonly observed in other representation engineering methods. Extensive experiments across multiple EI safety benchmarks and diverse attack scenarios demonstrate that CEE significantly improves the defense success rates of various multimodal LLMs. It effectively mitigates safety risks while preserving high-quality generation and inference efficiency, offering a promising solution for deploying safer embodied intelligence systems.