{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,7]],"date-time":"2026-02-07T16:48:39Z","timestamp":1770482919927,"version":"3.49.0"},"reference-count":15,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"1","license":[{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Secur. Privacy"],"published-print":{"date-parts":[[2026,1]]},"DOI":"10.1109\/msec.2025.3622867","type":"journal-article","created":{"date-parts":[[2026,1,30]],"date-time":"2026-01-30T21:05:52Z","timestamp":1769807152000},"page":"53-60","source":"Crossref","is-referenced-by-count":0,"title":["Understanding the Adversarial Landscape of Large Language Models Through the Lens of Attack Objectives"],"prefix":"10.1109","volume":"24","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-5399-1202","authenticated-orcid":false,"given":"Nan","family":"Wang","sequence":"first","affiliation":[{"name":"Data61, Commonwealth Scientific and Industrial Research Organization (CSIRO), Canberra, ACT, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9759-4305","authenticated-orcid":false,"given":"Kane","family":"Walter","sequence":"additional","affiliation":[{"name":"Data61, Commonwealth Scientific and Industrial Research Organization (CSIRO), Sydney, NSW, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6029-5064","authenticated-orcid":false,"given":"Yansong","family":"Gao","sequence":"additional","affiliation":[{"name":"University of Western Australia, Perth, WA, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9695-7947","authenticated-orcid":false,"given":"Alsharif","family":"Abuadbba","sequence":"additional","affiliation":[{"name":"University of New South Wales, Sydney, NSW, Australia"}]}],"member":"263","reference":[{"key":"ref1","article-title":"Privacy side channels in machine learning systems","author":"Debenedetti","year":"2024"},{"key":"ref2","first-page":"14,774","article-title":"Deep leakage from gradients","author":"Zhu","year":"2019","journal-title":"Proc. 33rd Int. Conf. Neural Inf. Process. Syst."},{"key":"ref3","article-title":"Model leeching: An extraction attack targeting LLMs","author":"Birch","year":"2023"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1145\/3658644.3690325"},{"key":"ref5","article-title":"Prompt injection attack against LLM-integrated applications","author":"Liu","year":"2024"},{"key":"ref6","article-title":"BadPre: Task-agnostic backdoor attacks to pre-trained NLP foundation models","author":"Chen","year":"2022","journal-title":"in Proc. 10th Int. Conf. Learn. Representations (ICLR)"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/2020.acl-main.249"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/2024.findings-acl.468"},{"key":"ref9","article-title":"Black box adversarial prompting for foundation models","author":"Maus","year":"2023"},{"key":"ref10","article-title":"Hidden prompts in manuscripts exploit ai-assisted peer review","author":"Lin","year":"2025"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1145\/3605764.3623985"},{"key":"ref12","first-page":"80,079","article-title":"Jailbroken: How does LLM safety training fail?","author":"Wei","year":"2023","journal-title":"Proc. 37th Int. Conf. Neural Inf. Process. Syst. (NIPS)"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/eurosp51992.2021.00024"},{"key":"ref14","article-title":"BadRAG: Identifying vulnerabilities in retrieval augmented generation of large language models","author":"Xue","year":"2024"},{"key":"ref15","article-title":"A novel zero-trust identity framework for agentic AI: Decentralized authentication and fine-grained access control","author":"Huang","year":"2025"}],"container-title":["IEEE Security & Privacy"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/8013\/11369813\/11369832.pdf?arnumber=11369832","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,2,6]],"date-time":"2026-02-06T20:52:45Z","timestamp":1770411165000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/11369832\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,1]]},"references-count":15,"journal-issue":{"issue":"1"},"URL":"https:\/\/doi.org\/10.1109\/msec.2025.3622867","relation":{},"ISSN":["1540-7993","1558-4046"],"issn-type":[{"value":"1540-7993","type":"print"},{"value":"1558-4046","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,1]]}}}