{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,14]],"date-time":"2026-05-14T01:13:37Z","timestamp":1778721217410,"version":"3.51.4"},"publisher-location":"New York, NY, USA","reference-count":31,"publisher":"ACM","funder":[{"name":"National Key Research and Development Program of China","award":["2023YFF0905300"],"award-info":[{"award-number":["2023YFF0905300"]}]},{"name":"National Natural Science Foundation of China","award":["U2468205"],"award-info":[{"award-number":["U2468205"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2026,4,13]]},"DOI":"10.1145\/3774904.3792200","type":"proceedings-article","created":{"date-parts":[[2026,4,27]],"date-time":"2026-04-27T13:28:36Z","timestamp":1777296516000},"page":"2661-2672","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Combating Knowledge Corruption in Agent Systems: A Byzantine-Tolerant Secure Collaborative RAG Framework"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0004-0987-0093","authenticated-orcid":false,"given":"Zhaoqi","family":"Wang","sequence":"first","affiliation":[{"name":"Beijing Institute of Technology, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0001-4712-9077","authenticated-orcid":false,"given":"Daqing","family":"He","sequence":"additional","affiliation":[{"name":"Beijing Institute of Technology, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6313-4407","authenticated-orcid":false,"given":"Zijian","family":"Zhang","sequence":"additional","affiliation":[{"name":"Beijing Institute of Technology, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6709-3721","authenticated-orcid":false,"given":"Ye","family":"Liu","sequence":"additional","affiliation":[{"name":"Singapore Management University, Singapore, Singapore"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0824-0899","authenticated-orcid":false,"given":"Jiamou","family":"Liu","sequence":"additional","affiliation":[{"name":"The University of Auckland, Auckland, New Zealand"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0001-9934-9549","authenticated-orcid":false,"given":"Zhirui","family":"Zeng","sequence":"additional","affiliation":[{"name":"The University of Auckland, Auckland, New Zealand"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7872-6969","authenticated-orcid":false,"given":"Zhan","family":"Qin","sequence":"additional","affiliation":[{"name":"Zhejiang University, Hangzhou, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2597-8932","authenticated-orcid":false,"given":"Zhen","family":"Li","sequence":"additional","affiliation":[{"name":"Beijing Institute of Technology, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4257-4347","authenticated-orcid":false,"given":"Xin","family":"Li","sequence":"additional","affiliation":[{"name":"Beijing Institute of Technology, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4680-5536","authenticated-orcid":false,"given":"Hongwei","family":"Yao","sequence":"additional","affiliation":[{"name":"City University of Hong Kong, Hong Kong, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0004-6607-5993","authenticated-orcid":false,"given":"Jincheng","family":"An","sequence":"additional","affiliation":[{"name":"Qi An Xin Technology Group Inc, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0004-8426-1976","authenticated-orcid":false,"given":"Yong","family":"Liu","sequence":"additional","affiliation":[{"name":"Qianxin Technology Group Company Inc, Beijing, China and Zhongguancun Laboratory, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4562-8208","authenticated-orcid":false,"given":"Yi","family":"Li","sequence":"additional","affiliation":[{"name":"Nanyang Technological University, Singapore, Singapore"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9130-0476","authenticated-orcid":false,"given":"Qi","family":"Sun","sequence":"additional","affiliation":[{"name":"Hangzhou Nuowei Information Technology Company, Hangzhou, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9303-3682","authenticated-orcid":false,"given":"Xiulei","family":"Liu","sequence":"additional","affiliation":[{"name":"Beijing Information Science and Technology University, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3277-3887","authenticated-orcid":false,"given":"Liehuang","family":"Zhu","sequence":"additional","affiliation":[{"name":"Beijing Institute of Technology, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2026,4,12]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Diogo Almeida, Janko Altenschmidt, Sam Altman, Shyamal Anadkat, et al.","author":"Achiam Josh","year":"2023","unstructured":"Josh Achiam, Steven Adler, Sandhini Agarwal, Lama Ahmad, Ilge Akkaya, Florencia Leoni Aleman, Diogo Almeida, Janko Altenschmidt, Sam Altman, Shyamal Anadkat, et al., 2023. Gpt-4 technical report. arXiv preprint arXiv:2303.08774 (2023)."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/3637528.3671900"},{"key":"e_1_3_2_1_3_1","unstructured":"Daniel Alexander Alber Zihao Yang Anton Alyakin Eunice Yang Sumedha Rai Aly A Valliani Jeff Zhang Gabriel R Rosenbaum Ashley K Amend-Thomas David B Kurland et al. 2025. Medical large language models are vulnerable to data-poisoning attacks. Nature Medicine (2025) 1-9."},{"key":"e_1_3_2_1_4_1","unstructured":"Anthropic. 2024. Model Context Protocol. https:\/\/modelcontextprotocol.io\/introduction"},{"key":"e_1_3_2_1_5_1","volume-title":"Finbert: Financial sentiment analysis with pre-trained language models. arXiv preprint arXiv:1908.10063","author":"Araci Dogu","year":"2019","unstructured":"Dogu Araci. 2019. Finbert: Financial sentiment analysis with pre-trained language models. arXiv preprint arXiv:1908.10063 (2019)."},{"key":"e_1_3_2_1_6_1","volume-title":"Nicol\u00f2 De Sabbata, Henrique da Silva Gameiro, Yixuan Xu, Farouk Boukil, Antonin Faure, Amin Asadi Sariialou, Yanan Niu, Zeming Chen, Antoine Bosselut, and Martin Jaggi.","author":"Bonnet Antoine","year":"2024","unstructured":"Antoine Bonnet, Paul Boulenger, Haotian Wu, Max Conti, Joao Prado, Omar El Malki, Nicol\u00f2 De Sabbata, Henrique da Silva Gameiro, Yixuan Xu, Farouk Boukil, Antonin Faure, Amin Asadi Sariialou, Yanan Niu, Zeming Chen, Antoine Bosselut, and Martin Jaggi. 2024. MEDINOTE: Automated Clinical Notes. https:\/\/huggingface.co\/datasets\/AGBonnet\/augmented-clinical-notes"},{"key":"e_1_3_2_1_7_1","unstructured":"Abhimanyu Dubey Abhinav Jauhri Abhinav Pandey Abhishek Kadian Ahmad Al-Dahle Aiesha Letman Akhil Mathur Alan Schelten Amy Yang Angela Fan et al. 2024. The llama 3 herd of models. arXiv e-prints (2024) arXiv-2407."},{"key":"e_1_3_2_1_8_1","volume-title":"Defending against knowledge poisoning attacks during retrieval-augmented generation. arXiv preprint arXiv:2508.02835","author":"Edemacu Kennedy","year":"2025","unstructured":"Kennedy Edemacu, Vinay M Shashidhar, Micheal Tuape, Dan Abudu, Beakcheol Jang, and Jong Wook Kim. 2025. Defending against knowledge poisoning attacks during retrieval-augmented generation. arXiv preprint arXiv:2508.02835 (2025)."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/TKDE.2024.3512793"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/2024.findings-acl.608"},{"key":"e_1_3_2_1_11_1","unstructured":"Invariant Labs. 2025. MCP Security Notification. https:\/\/invariantlabs.ai\/blog\/mcp-security-notification-tool-poisoning-attacks"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","unstructured":"Gautier Izacard Mathilde Caron Lucas Hosseini Sebastian Riedel Piotr Bojanowski Armand Joulin and Edouard Grave. 2021. Unsupervised Dense Information Retrieval with Contrastive Learning. doi:10.48550\/ARXIV.2112.09118","DOI":"10.48550\/ARXIV.2112.09118"},{"key":"e_1_3_2_1_13_1","unstructured":"Patrick Marlow Julia Wiesinger and Vladimir Vuskovic. 2023. Agents. https:\/\/www.kaggle.com\/whitepaper-agents"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1162\/tacl_a_00276"},{"key":"e_1_3_2_1_15_1","volume-title":"Clinical ModernBERT: An efficient and long context encoder for biomedical text. arXiv preprint arXiv:2504.03964","author":"Lee Simon A","year":"2025","unstructured":"Simon A Lee, Anthony Wu, and Jeffrey N Chiang. 2025. Clinical ModernBERT: An efficient and long context encoder for biomedical text. arXiv preprint arXiv:2504.03964 (2025)."},{"key":"e_1_3_2_1_16_1","unstructured":"Patrick Lewis Ethan Perez Aleksandra Piktus Fabio Petroni Vladimir Karpukhin Naman Goyal Heinrich K\u00fcttler Mike Lewis Wen-tau Yih Tim Rockt\u00e4schel et al. 2020. Retrieval-augmented generation for knowledge-intensive nlp tasks. Advances in neural information processing systems Vol. 33 (2020) 9459-9474."},{"key":"e_1_3_2_1_17_1","unstructured":"Aixin Liu Bei Feng Bing Xue Bingxuan Wang Bochao Wu Chengda Lu Chenggang Zhao Chengqi Deng Chenyu Zhang Chong Ruan et al. 2024. Deepseek-v3 technical report. arXiv preprint arXiv:2412.19437 (2024)."},{"key":"e_1_3_2_1_18_1","volume-title":"Group BFT: Two-Round BFT Protocols via Replica Grouping","author":"Liu Xuyang","year":"2025","unstructured":"Xuyang Liu, Zijian Zhang, Zhen Li, Xin Lu, Meng Li, Lei Xu, Meng Ao, and Liehuang Zhu. 2025a. Group BFT: Two-Round BFT Protocols via Replica Grouping. IEEE Transactions on Dependable and Secure Computing (2025)."},{"key":"e_1_3_2_1_19_1","volume-title":"ABSE: Adaptive Baseline Score-based Election for Leader-based BFT Systems","author":"Liu Xuyang","year":"2025","unstructured":"Xuyang Liu, Zijian Zhang, Zhen Li, Hao Yin, Meng Li, Jiamou Liu, Mauro Conti, and Liehuang Zhu. 2025b. ABSE: Adaptive Baseline Score-based Election for Leader-based BFT Systems. IEEE Transactions on Parallel and Distributed Systems (2025)."},{"key":"e_1_3_2_1_20_1","unstructured":"K. Saw. 2023. Finance Alpaca Dataset. https:\/\/huggingface.co\/datasets\/ksaw008\/finance_alpaca. Accessed: 2025-08-07."},{"key":"e_1_3_2_1_21_1","volume-title":"DePrompt: Desensitization and Evaluation of Personal Identifiable Information in Large Language Model Prompts. arXiv preprint arXiv:2408.08930","author":"Sun Xiongtao","year":"2024","unstructured":"Xiongtao Sun, Gan Liu, Zhipeng He, Hui Li, and Xiaoguang Li. 2024. DePrompt: Desensitization and Evaluation of Personal Identifiable Information in Large Language Model Prompts. arXiv preprint arXiv:2408.08930 (2024)."},{"key":"e_1_3_2_1_22_1","volume-title":"Certifiably robust rag against retrieval corruption. arXiv preprint arXiv:2405.15556","author":"Xiang Chong","year":"2024","unstructured":"Chong Xiang, Tong Wu, Zexuan Zhong, David Wagner, Danqi Chen, and Prateek Mittal. 2024. Certifiably robust rag against retrieval corruption. arXiv preprint arXiv:2405.15556 (2024)."},{"key":"e_1_3_2_1_23_1","volume-title":"Differentially private generative adversarial network. arXiv preprint arXiv:1802.06739","author":"Xie Liyang","year":"2018","unstructured":"Liyang Xie, Kaixiang Lin, Shu Wang, Fei Wang, and Jiayu Zhou. 2018. Differentially private generative adversarial network. arXiv preprint arXiv:1802.06739 (2018)."},{"key":"e_1_3_2_1_24_1","volume-title":"Communication Network: A Comprehensive Survey","author":"Xing Zhibo","year":"2025","unstructured":"Zhibo Xing, Zijian Zhang, Ziang Zhang, Zhen Li, Meng Li, Jiamou Liu, Zongyang Zhang, Yi Zhao, Qi Sun, Liehuang Zhu, et al., 2025. Zero-Knowledge Proof-Based Verifiable Decentralized Machine Learning in Communication Network: A Comprehensive Survey. IEEE Communications Surveys & Tutorials (2025)."},{"key":"e_1_3_2_1_25_1","volume-title":"Privacy-preserving machine learning: Methods, challenges and directions. arXiv preprint arXiv:2108.04417","author":"Xu Runhua","year":"2021","unstructured":"Runhua Xu, Nathalie Baracaldo, and James Joshi. 2021. Privacy-preserving machine learning: Methods, challenges and directions. arXiv preprint arXiv:2108.04417 (2021)."},{"key":"e_1_3_2_1_26_1","unstructured":"An Yang Baosong Yang Binyuan Hui Bo Zheng Bowen Yu Chang Zhou Chengpeng Li Chengyuan Li Dayiheng Liu Fei Huang Guanting Dong Haoran Wei Huan Lin Jialong Tang Jialin Wang Jian Yang Jianhong Tu Jianwei Zhang Jianxin Ma Jin Xu Jingren Zhou Jinze Bai Jinzheng He Junyang Lin Kai Dang Keming Lu Keqin Chen Kexin Yang Mei Li Mingfeng Xue Na Ni Pei Zhang Peng Wang Ru Peng Rui Men Ruize Gao Runji Lin Shijie Wang Shuai Bai Sinan Tan Tianhang Zhu Tianhao Li Tianyu Liu Wenbin Ge Xiaodong Deng Xiaohuan Zhou Xingzhang Ren Xinyu Zhang Xipin Wei Xuancheng Ren Yang Fan Yang Yao Yichang Zhang Yu Wan Yunfei Chu Yuqiong Liu Zeyu Cui Zhenru Zhang and Zhihao Fan. 2024. Qwen2 Technical Report. arXiv preprint arXiv:2407.10671 (2024)."},{"key":"e_1_3_2_1_27_1","volume-title":"HotpotQA: A dataset for diverse, explainable multi-hop question answering. arXiv preprint arXiv:1809.09600","author":"Yang Zhilin","year":"2018","unstructured":"Zhilin Yang, Peng Qi, Saizheng Zhang, Yoshua Bengio, William W Cohen, Ruslan Salakhutdinov, and Christopher D Manning. 2018. HotpotQA: A dataset for diverse, explainable multi-hop question answering. arXiv preprint arXiv:1809.09600 (2018)."},{"key":"e_1_3_2_1_28_1","unstructured":"Wayne Xin Zhao Kun Zhou Junyi Li Tianyi Tang Xiaolei Wang Yupeng Hou Yingqian Min Beichen Zhang Junjie Zhang Zican Dong et al. 2023. A survey of large language models. arXiv preprint arXiv:2303.18223 Vol. 1 2 (2023)."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"crossref","unstructured":"Lianmin Zheng Wei-Lin Chiang Ying Sheng Siyuan Zhuang Zhanghao Wu Yonghao Zhuang Zi Lin Zhuohan Li Dacheng Li Eric Xing et al. 2023. Judging llm-as-a-judge with mt-bench and chatbot arena. Advances in neural information processing systems Vol. 36 (2023) 46595-46623.","DOI":"10.52202\/075280-2020"},{"key":"e_1_3_2_1_30_1","volume-title":"Poisoning retrieval corpora by injecting adversarial passages. arXiv preprint arXiv:2310.19156","author":"Zhong Zexuan","year":"2023","unstructured":"Zexuan Zhong, Ziqing Huang, Alexander Wettig, and Danqi Chen. 2023. Poisoning retrieval corpora by injecting adversarial passages. arXiv preprint arXiv:2310.19156 (2023)."},{"key":"e_1_3_2_1_31_1","volume-title":"Poisonedrag: Knowledge corruption attacks to retrieval-augmented generation of large language models. arXiv preprint arXiv:2402.07867","author":"Zou Wei","year":"2024","unstructured":"Wei Zou, Runpeng Geng, Binghui Wang, and Jinyuan Jia. 2024. Poisonedrag: Knowledge corruption attacks to retrieval-augmented generation of large language models. arXiv preprint arXiv:2402.07867 (2024)."}],"event":{"name":"WWW '26: The ACM Web Conference 2026","location":"Dubai United Arab Emirates","sponsor":["SIGWEB ACM Special Interest Group on Hypertext, Hypermedia, and Web"]},"container-title":["Proceedings of the ACM Web Conference 2026"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3774904.3792200","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,5,14]],"date-time":"2026-05-14T00:56:32Z","timestamp":1778720192000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3774904.3792200"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,4,12]]},"references-count":31,"alternative-id":["10.1145\/3774904.3792200","10.1145\/3774904"],"URL":"https:\/\/doi.org\/10.1145\/3774904.3792200","relation":{},"subject":[],"published":{"date-parts":[[2026,4,12]]},"assertion":[{"value":"2026-04-12","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}