{"id":"https://openalex.org/W7131074364","doi":"https://doi.org/10.1109/tifs.2026.3666893","title":"PromptFuzz: Harnessing Fuzzing Techniques for Robust Testing of Prompt Injection in LLMs","display_name":"PromptFuzz: Harnessing Fuzzing Techniques for Robust Testing of Prompt Injection in LLMs","publication_year":2026,"publication_date":"2026-01-01","ids":{"openalex":"https://openalex.org/W7131074364","doi":"https://doi.org/10.1109/tifs.2026.3666893"},"language":null,"primary_location":{"id":"doi:10.1109/tifs.2026.3666893","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2026.3666893","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5039193186","display_name":"Yangguang Shao","orcid":"https://orcid.org/0009-0000-2977-5713"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Yangguang Shao","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China"],"raw_orcid":"https://orcid.org/0009-0006-7743-8096","affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5126658313","display_name":"Jiahao Yu","orcid":null},"institutions":[{"id":"https://openalex.org/I111979921","display_name":"Northwestern University","ror":"https://ror.org/000e0be47","country_code":"US","type":"education","lineage":["https://openalex.org/I111979921"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jiahao Yu","raw_affiliation_strings":["Department of Computer Science, Northwestern University, Evanston, IL, USA"],"raw_orcid":"https://orcid.org/0009-0007-4919-0967","affiliations":[{"raw_affiliation_string":"Department of Computer Science, Northwestern University, Evanston, IL, USA","institution_ids":["https://openalex.org/I111979921"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5115030223","display_name":"Hanwen Miao","orcid":"https://orcid.org/0000-0001-8825-0773"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Hanwen Miao","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5121141750","display_name":"Gaopeng Gou","orcid":null},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Gaopeng Gou","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5126584009","display_name":"Zhen Li","orcid":null},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhen Li","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5020263150","display_name":"Junzheng Shi","orcid":"https://orcid.org/0000-0003-4653-1686"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Junzheng Shi","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China"],"raw_orcid":"https://orcid.org/0000-0003-4653-1686","affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5039193186"],"corresponding_institution_ids":["https://openalex.org/I19820366","https://openalex.org/I4210156404"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.24786915,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"21","issue":null,"first_page":"2727","last_page":"2741"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11032","display_name":"VLSI and Analog Circuit Testing","score":0.7947999835014343,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11032","display_name":"VLSI and Analog Circuit Testing","score":0.7947999835014343,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.08020000159740448,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T13293","display_name":"Engineering and Test Systems","score":0.013899999670684338,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.9611999988555908},{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness (evolution)","score":0.6905999779701233},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.5167999863624573},{"id":"https://openalex.org/keywords/reliability","display_name":"Reliability (semiconductor)","score":0.44200000166893005},{"id":"https://openalex.org/keywords/ranking","display_name":"Ranking (information retrieval)","score":0.41019999980926514},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.40700000524520874}],"concepts":[{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.9611999988555908},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8508999943733215},{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.6905999779701233},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5281000137329102},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.5167999863624573},{"id":"https://openalex.org/C43214815","wikidata":"https://www.wikidata.org/wiki/Q7310987","display_name":"Reliability (semiconductor)","level":3,"score":0.44200000166893005},{"id":"https://openalex.org/C189430467","wikidata":"https://www.wikidata.org/wiki/Q7293293","display_name":"Ranking (information retrieval)","level":2,"score":0.41019999980926514},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.40700000524520874},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.4041000008583069},{"id":"https://openalex.org/C2984328558","wikidata":"https://www.wikidata.org/wiki/Q188522","display_name":"Software testing","level":3,"score":0.3741999864578247},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3693000078201294},{"id":"https://openalex.org/C152124472","wikidata":"https://www.wikidata.org/wiki/Q1204361","display_name":"Redundancy (engineering)","level":2,"score":0.36390000581741333},{"id":"https://openalex.org/C1009929","wikidata":"https://www.wikidata.org/wiki/Q179550","display_name":"Software bug","level":3,"score":0.296999990940094},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.2847000062465668},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.27559998631477356},{"id":"https://openalex.org/C200601418","wikidata":"https://www.wikidata.org/wiki/Q2193887","display_name":"Reliability engineering","level":1,"score":0.26249998807907104},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.26170000433921814},{"id":"https://openalex.org/C107457646","wikidata":"https://www.wikidata.org/wiki/Q207434","display_name":"Human\u2013computer interaction","level":1,"score":0.2574000060558319}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tifs.2026.3666893","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2026.3666893","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G8132961506","display_name":null,"funder_award_id":"2024YFF1401300","funder_id":"https://openalex.org/F4320335777","funder_display_name":"National Key Research and Development Program of China"}],"funders":[{"id":"https://openalex.org/F4320335777","display_name":"National Key Research and Development Program of China","ror":null}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"Large":[0],"Language":[1],"Models":[2],"(LLMs)":[3],"have":[4,39],"gained":[5],"widespread":[6],"use":[7],"in":[8,100,143],"various":[9],"applications":[10,211],"due":[11],"to":[12,16,34,64,92,129,166],"their":[13],"powerful":[14],"capability":[15],"generate":[17,130],"human-like":[18],"text.":[19],"However,":[20],"prompt":[21,72,90,133],"injection":[22,73],"attacks,":[23],"which":[24,108,124],"involve":[25],"overwriting":[26],"a":[27,56,86,144],"model\u2019s":[28],"original":[29],"instructions":[30],"with":[31],"malicious":[32],"prompts":[33,83,140,177],"manipulate":[35],"the":[36,44,67,94,103,119,126,137,149,174],"generated":[37,138,175],"text,":[38],"raised":[40],"significant":[41],"concerns":[42],"about":[43],"security":[45],"and":[46,84,114,118,188,190,212],"reliability":[47],"of":[48,69,89,153,194,216],"LLMs.":[49],"In":[50],"this":[51],"paper,":[52],"we":[53,147,171],"propose":[54],"PromptFuzz,":[55],"novel":[57],"testing":[58],"framework":[59],"that":[60,192,214],"leverages":[61],"fuzzing":[62],"techniques":[63],"systematically":[65],"assess":[66],"robustness":[68],"LLMs":[70],"against":[71],"attacks.":[74],"Inspired":[75],"by":[76,199,223],"software":[77],"fuzzing,":[78],"PromptFuzz":[79,98,142,204],"selects":[80],"promising":[81,111],"seed":[82],"generates":[85],"diverse":[87],"set":[88],"injections":[91],"evaluate":[93],"target":[95],"LLM\u2019s":[96],"resilience.":[97],"operates":[99],"two":[101],"stages:":[102],"<italic":[104,120],"xmlns:mml=\"http://www.w3.org/1998/Math/MathML\"":[105,121],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">prepare":[106],"phase</i>,":[107,123],"involves":[109],"selecting":[110],"initial":[112],"seeds":[113],"collecting":[115],"few-shot":[116],"examples,":[117],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">focus":[122],"uses":[125],"collected":[127],"examples":[128],"diverse,":[131],"high-quality":[132],"injections.":[134],"By":[135],"deploying":[136],"attack":[139,176],"from":[141,186],"real-world":[145],"competition,":[146],"achieved":[148],"7th":[150],"ranking":[151],"out":[152],"over":[154],"4000":[155],"participants":[156],"(top":[157],"0.14%)":[158],"within":[159],"2":[160],"hours,":[161],"demonstrating":[162],"PromptFuzz\u2019s":[163],"effectiveness":[164],"compared":[165],"experienced":[167],"human":[168],"attackers.":[169],"Additionally,":[170],"also":[172,202],"deploy":[173],"on":[178,205],"50":[179],"popular":[180],"LLM-integrated":[181],"online":[182,207],"applications,":[183],"including":[184],"those":[185],"Coze":[187],"OpenAI,":[189],"found":[191,213],"92%":[193],"them":[195],"can":[196,220],"be":[197,221],"exploited":[198],"PromptFuzz.":[200,224],"We":[201],"run":[203],"15":[206],"LLM-based":[208],"resume":[209],"judging":[210],"13":[215],"these":[217],"applications\u2019":[218],"responses":[219],"hijacked":[222]},"counts_by_year":[],"updated_date":"2026-05-05T08:41:31.759640","created_date":"2026-02-24T00:00:00"}