Abstract: Large Language Models (LLMs) have transitioned from standalone prediction interfaces into integrated systems that incorporate content protection, external knowledge retrieval, and multi-step reasoning. While these functional layers expand model capabilities, they also introduce complex, inter-component dependencies that create novel and systemic security risks. This research provides a systematic deconstruction of the structural vulnerabilities emerging across these functional layers.

In this proposal, we evaluate the security boundaries of LLM systems through three pivotal dimensions:
The Content Layer: We present Watermark under Fire, revealing the inherent fragility of content-based tracing mechanisms under adaptive perturbations and highlighting the limitations of surface-level safety measures.
The Retrieval Layer: We introduce GraphRAG under Fire to examine the security of topology-aware knowledge integration. We reveal how graph-based indexing can be exploited as a structural lever for high-success poisoning attacks.
The Reasoning Layer: We detail AutoRAN, the first framework demonstrating the hijacking of internal safety reasoning in Large Reasoning Models (LRMs). This work proves that the transparency of the reasoning process itself creates a critical and exploitable attack surface.

Collectively, these studies demonstrate a systemic failure of add-on safety mechanisms in securing the broader LLM ecosystem. By identifying recurring patterns of exploitation across different system layers, this research provides the necessary foundation for transitioning from reactive patching to a more unified and architecturally-grounded approach to AI trustworthiness.

Speaker: Jiacheng Liang

Zoom: https://stonybrook.zoom.us/j/6669990420?pwd=dkY0eEw5YXpPSWo3RUE4OE1oVW90UT09&omn=97367037382
Meeting ID: 666 999 0420
Passcode: 075299
CSE 656 Seminars in Computer Vision - Wednesdays 11:30am-12:50pm, Room NCS 120

The overall purpose of this seminar is to bring together people with interests in Computer Vision theory and techniques and to examine current research issues. This course will be appropriate for people who already took a Computer Vision graduate course or already had research experience in Computer Vision. To enroll in this course, you must either: (1) be in the PhD program or (2) receive permission from the instructors.

Each seminar will consist of multiple short talks (around 10 minutes) by multiple people. Students can register for 1 credit for CSE656. Registered students must attend and present a minimum of 2 or 3 talks. Everyone else is welcome to attend. Fill in https://forms.gle/pCVXovgfMfQwGqG38 to subscribe to our mailing list for further announcement.

The first meeting will be Wed Jan 29 at 11.30am, room 120 New CS. The meeting will deal with organizational matters and we will start right away with some presentations. Send David Paredes Merino <dparedesmeri@cs.stonybrook.edu> an email if you are interested but cannot attend the first meeting. Please forward to people outside the CS department that you think might be interested.

Join us to share your thoughts about teaching, learning, and AI!

The landscape of higher education is rapidly evolving with the integration of Artificial Intelligence (AI). Through the Institute on AI, Pedagogy, and the Curriculum with AAC&U, we are exploring ways that we can better address AI in teaching and learning. We want to hear your experiences, your concerns, and your ideas.

This is an open discussion for all faculty and staff to share their perspectives on the opportunities and challenges AI presents in our academic environment.

We'll be exploring critical questions like:

  • In the age of AI, what are the opportunities you see for enriching the classroom and curriculum? How can it enhance student learning or your professional practice?

  • What are the most significant challenges and concerns that AI raises for you regarding academics, student integrity, or your workload?

  • What resources (tools, training, technical support, policy guidance, etc.) do you need to feel confident and successful in the age of AI?

Dates/Times:

  • Tuesday, 2/3 at 2pm

  • Friday, 2/6 at 9:30am

Please register in advance for the Zoom link.

Can't Make It? Share Your Feedback!

We understand schedules are tight. If you cannot attend the live discussion, you can still share your thoughts! Join our AI Zoom Room to share your thoughts via video recording or email rose.tirotta-esposito@stonybrook.edu with your comments and ideas.

Videos will not be shared publicly and comments will only be shared in aggregate.

Your input is vital. From pedagogy to assessment, your insights will be critical. We look forward to a thoughtful and productive conversation!

  • Dr. Rose Tirotta-Esposito (Assistant Provost; Director of CELT)

  • Dr. Elizabeth Hewitt (Associate Professor in the Department of Technology and Society (DTS) in the College of Engineering and Applied Sciences)

  • Chris Kretz (Associate Librarian and Head of Academic Engagement at SBU Libraries)

  • Prof. Rajiv Lajmi (Assistant Professor in the School of Health Professions and Chair of Applied Health Informatics)

  • Dr. Matthew Salzano (Assistant Professor in the Department of Communication in the School of Communication and Journalism)

An interactive session to discover how to create ALT text tags from images and create high-impact visuals, from identification to communicating ideas with images.

Discover how to use AI to create ALT text from images as well as identify objects in your environment, and build relatable visuals for high-impact presentations. Images communicate ideas as a way to understand concepts. AI-generated images have helped allow anyone to create these.

In this session, you will

  1. Creating image ALT Tags
  2. Transform ideas into images that are visually appealing
  3. Identify objects from visuals

Register here.

Scaling the NY AI Innovation Ecosystem

The State University of New York at Stony Brook will bring together leading AI experts to promote a future where AI drives responsible progress. This two-day event will provide a significant opportunity to explore the future of AI, exchange ideas, and connect with those at the forefront of research and deployment. We invite faculty, staff, and students from all SUNY institutions and beyond, as well as industry AI practitioners and policymakers to attend.

Recognized AI experts from academia, industry, and government will present on topics such as AI applications, innovative developments in research and technology, workforce development, as well as ethical and societal impacts.

A 90-minute poster session is included in the schedule. If you would like to submit an abstract for consideration, please see the Call for Abstracts. The poster session segment of the symposium will be held in honor of the Inauguration of Dr. Andrea Goldsmith, the State University of New York at Stony Brook's seventh President. Poster printing for all participants will be covered by the Inauguration Planning Committee. SUNY students presenting posters are also eligible for travel reimbursement.

We kindly ask faculty to encourage their students to attend and to submit their work for presentation.

For additional information and to register, visit the symposium website. Please direct any questions to suny-ai-symposium-sbu@stonybrook.edu.

Register.

CSE 600 Talk: Securing Software-Defined Networking Infrastructure by Dr. Guofei Gu

ABSTRACT: Today's network and computing infrastructure rests on inadequate  foundations. An emerging, promising new foundation for computing is software-defined infrastructure (SDI), which offers a range of  
technologies including: compute, storage and network virtualization;  novel separation of concerns at the systems level; and new approaches to system and device management. As a representative example of SDI,  
software-defined networking (SDN) is a new networking paradigm that decouples the control logic from the closed and proprietary implementations of traditional network data plane infrastructure. SDN is now becoming the networking foundation for data-center/cloud, future Internet and 5G infrastructures.  

We believe that SDN is an impactful technology to drive a variety of innovations in network management and security. It is now clear that security will be a top concern, as well as a new killer app, for SDN. In this talk, I will discuss some new opportunities, as well as challenges, in this new direction and demonstrate with our recent  
research results. I will discuss how SDN can enhance network security. And I will also discuss some unique new security problems inside SDN and introduce some of our work to enhance the security of SDN. Finally, I will share my vision on programmable system security in a software-defined world.  

BIO: Dr. Guofei Gu is a professor in the Department of Computer Science & Engineering at Texas A&M University (TAMU). Before coming to Texas A&M, he received his PhD degree in Computer Science from the College  
of Computing, Georgia Institute of Technology. His research interests are in network and systems security.  
Dr. Gu is a recipient of 2010 NSF CAREER Award, 2013 AFOSR Young  Investigator Award, 2010 IEEE S&P Best Student Paper Award, 2015 ICDCS Best Paper Award, Texas A&M Dean of Engineering Excellence Award,  
Presidential Impact Fellow, Charles H. Barclay Jr. '45 Faculty Fellow and the Google Faculty Research Award. He is an active member of the security research community and has pioneered several new research directions such as botnet detection/defense and SDN security. Dr. Gu has served on the program committees of top-tier security conferences such as IEEE S&P, ACM CCS, USENIX Security and NDSS. He is an ACM Distinguished Member, an Associate Editor for IEEE Transactions on Information Forensics and Security (T-IFS), and the Steering Committee co-chair for SecureComm. He is currently directing the SUCCESS Lab at TAMU.

Abstract:
Deep learning models have achieved remarkable success across a wide range of computer vision tasks, including image classification, semantic segmentation, etc. However, such success highly relies on a large amount of annotated data, which are expensive to obtain. Moreover, their performance often degrades when there exist distribution shifts between training and test data. Domain Adaptation overcomes these issues by transferring knowledge from a label-rich source domain to a related but different target domain. Despite its popularity, domain adaptation is still a challenging task, especially when the data distribution shifts are severe, while the target domain has no or few labeled data.

In this thesis, I develop four efficient domain adaptation approaches to improve model performance on the target domain. Firstly, inspired by the large-scale pretraining of Vision Transformers, I explore Transformer-based domain adaptation for stronger feature representation and design a safe training mechanism to avoid model collapse in the situation of a large domain gap. Secondly, I observe that source models have low confidences on the target data. To address this, I focus on the penultimate activations of target data and propose an adversarial training strategy to enhance model prediction confidences. Thirdly, I study using weak supervision from prior knowledge about target domain label distribution. A novel Knowledge-guided Unsupervised Domain Adaptation paradigm is devised, and a plug-in module is designed to rectify pseudo labels. Lastly, I step into the task of Active Domain Adaptation, where the labels of a small portion of target data can be inquired. I propose a novel active selection criterion based on the local context and devise a progressive augmentation module to better utilize queried target data. The robustness of domain adaptation approaches, in addition to accuracy, is critical yet under-explored. To conclude the thesis, I empirically study set prediction in domain adaptation using the tool of conformal prediction and conformal training.


Location: New Computer Science Bldg., Room 120
Zoom Link: https://stonybrook.zoom.us/j/92736258273?pwd=ipDdh1CTG6dRYmqa3ltUvooei8OfaT.1Meeting ID: 927 3625 8273
Passcode: 466399
Abstract: Modern technologies enable enhanced integrity and privacy guarantees not just for data, but also for computation. This is perhaps most emphatically demonstrated by the steady rise of zero-knowledge proofs, which are short certificates that attest to the correctness of computations (e.g., an age verification check) without revealing any secret inputs (e.g., the birth date on a digital ID). This subtly powerful technology enables anonymous credentials, privacy-preserving machine learning, anonymous blockchains, and much more--making the question of efficient zero-knowledge proofs fundamental to modern secure systems. Echoing Moore's law for computing, zero-knowledge proofs have improved on this front by ten orders of magnitude in the last two decades. In this talk, I will discuss our work on overcoming a key bottleneck that has emerged in this development: memory efficiency.

Speaker: Abhiram Kothapalli is a postdoctoral scholar at the University of California, Berkeley, hosted by Sanjam Garg. He is a recent graduate of Carnegie Mellon University, where he earned his Ph.D. in Computer Science, advised by Bryan Parno. Previously, he was at the University of Illinois at Urbana-Champaign, where he earned his B.S. in Computer Science and B.S. in Mathematics. Kothapalli's research develops cryptographic techniques aimed at scaling expressive privacy and integrity guarantees across the internet.

Location: NCS 120