{"id":"https://openalex.org/W4399911501","doi":"https://doi.org/10.1145/3658644.3670299","title":"Dye4AI: Assuring Data Boundary on Generative AI Services","display_name":"Dye4AI: Assuring Data Boundary on Generative AI Services","publication_year":2024,"publication_date":"2024-12-02","ids":{"openalex":"https://openalex.org/W4399911501","doi":"https://doi.org/10.1145/3658644.3670299"},"language":"en","primary_location":{"id":"doi:10.1145/3658644.3670299","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3658644.3670299","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3670299","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["arxiv","crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3670299","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5070346269","display_name":"Shu Wang","orcid":"https://orcid.org/0000-0002-7920-7025"},"institutions":[{"id":"https://openalex.org/I162714631","display_name":"George Mason University","ror":"https://ror.org/02jqj7156","country_code":"US","type":"education","lineage":["https://openalex.org/I162714631"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Shu Wang","raw_affiliation_strings":["George Mason University, Fairfax, VA, USA"],"affiliations":[{"raw_affiliation_string":"George Mason University, Fairfax, VA, USA","institution_ids":["https://openalex.org/I162714631"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5026728546","display_name":"Kun Sun","orcid":"https://orcid.org/0000-0003-4152-2107"},"institutions":[{"id":"https://openalex.org/I162714631","display_name":"George Mason University","ror":"https://ror.org/02jqj7156","country_code":"US","type":"education","lineage":["https://openalex.org/I162714631"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Kun Sun","raw_affiliation_strings":["George Mason University, Fairfax, VA, USA"],"affiliations":[{"raw_affiliation_string":"George Mason University, Fairfax, VA, USA","institution_ids":["https://openalex.org/I162714631"]}]},{"author_position":"last","author":{"id":null,"display_name":"Yan Zhai","orcid":"https://orcid.org/0009-0001-4301-9831"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Yan Zhai","raw_affiliation_strings":["Visa Inc., Ashburn, VA, USA"],"affiliations":[{"raw_affiliation_string":"Visa Inc., Ashburn, VA, USA","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5070346269"],"corresponding_institution_ids":["https://openalex.org/I162714631"],"apc_list":null,"apc_paid":null,"fwci":0.3407,"has_fulltext":true,"cited_by_count":1,"citation_normalized_percentile":{"value":0.63409318,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"2281","last_page":"2295"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10883","display_name":"Ethics and Social Impacts of AI","score":0.9979000091552734,"subfield":{"id":"https://openalex.org/subfields/3311","display_name":"Safety Research"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7778030633926392},{"id":"https://openalex.org/keywords/leverage","display_name":"Leverage (statistics)","score":0.7030165195465088},{"id":"https://openalex.org/keywords/generative-model","display_name":"Generative model","score":0.5979022979736328},{"id":"https://openalex.org/keywords/generative-grammar","display_name":"Generative grammar","score":0.5977681875228882},{"id":"https://openalex.org/keywords/session","display_name":"Session (web analytics)","score":0.5971707105636597},{"id":"https://openalex.org/keywords/conversation","display_name":"Conversation","score":0.5797989368438721},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.472647100687027},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.4135916531085968},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.1627369225025177}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7778030633926392},{"id":"https://openalex.org/C153083717","wikidata":"https://www.wikidata.org/wiki/Q6535263","display_name":"Leverage (statistics)","level":2,"score":0.7030165195465088},{"id":"https://openalex.org/C167966045","wikidata":"https://www.wikidata.org/wiki/Q5532625","display_name":"Generative model","level":3,"score":0.5979022979736328},{"id":"https://openalex.org/C39890363","wikidata":"https://www.wikidata.org/wiki/Q36108","display_name":"Generative grammar","level":2,"score":0.5977681875228882},{"id":"https://openalex.org/C2779182362","wikidata":"https://www.wikidata.org/wiki/Q17126187","display_name":"Session (web analytics)","level":2,"score":0.5971707105636597},{"id":"https://openalex.org/C2777200299","wikidata":"https://www.wikidata.org/wiki/Q52943","display_name":"Conversation","level":2,"score":0.5797989368438721},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.472647100687027},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.4135916531085968},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.1627369225025177},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3658644.3670299","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3658644.3670299","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3670299","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},{"id":"pmh:oai:arXiv.org:2406.14114","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2406.14114","pdf_url":"https://arxiv.org/pdf/2406.14114","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"}],"best_oa_location":{"id":"doi:10.1145/3658644.3670299","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3658644.3670299","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3670299","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.6000000238418579}],"awards":[{"id":"https://openalex.org/G8876996369","display_name":null,"funder_award_id":"N00014","funder_id":"https://openalex.org/F4320337345","funder_display_name":"Office of Naval Research"}],"funders":[{"id":"https://openalex.org/F4320337345","display_name":"Office of Naval Research","ror":"https://ror.org/00rk2pe57"}],"has_content":{"grobid_xml":false,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4399911501.pdf"},"referenced_works_count":37,"referenced_works":["https://openalex.org/W2103154003","https://openalex.org/W2529831505","https://openalex.org/W2603766943","https://openalex.org/W2606882085","https://openalex.org/W2766393794","https://openalex.org/W2934843808","https://openalex.org/W2962763344","https://openalex.org/W2969695741","https://openalex.org/W2970335439","https://openalex.org/W2985913519","https://openalex.org/W2986013765","https://openalex.org/W2989885118","https://openalex.org/W3012113073","https://openalex.org/W3083045783","https://openalex.org/W3091870957","https://openalex.org/W3096328345","https://openalex.org/W3106646114","https://openalex.org/W3111943226","https://openalex.org/W3114686421","https://openalex.org/W3117572899","https://openalex.org/W3138815606","https://openalex.org/W3152758407","https://openalex.org/W3158542464","https://openalex.org/W3178386862","https://openalex.org/W3198262235","https://openalex.org/W3214399478","https://openalex.org/W3216267608","https://openalex.org/W4281758439","https://openalex.org/W4283172211","https://openalex.org/W4286421857","https://openalex.org/W4288057793","https://openalex.org/W4320560161","https://openalex.org/W4322736917","https://openalex.org/W4382317564","https://openalex.org/W4387848745","https://openalex.org/W4389518784","https://openalex.org/W6950191292"],"related_works":["https://openalex.org/W4365211920","https://openalex.org/W3014948380","https://openalex.org/W4380551139","https://openalex.org/W4317695495","https://openalex.org/W4395044357","https://openalex.org/W4287117424","https://openalex.org/W4387506531","https://openalex.org/W2087346071","https://openalex.org/W2967848559","https://openalex.org/W4299831724"],"abstract_inverted_index":{"Generative":[0],"artificial":[1],"intelligence":[2],"(AI)":[3],"is":[4,27,179],"versatile":[5],"for":[6,29,166,187,205,233],"various":[7,190],"applications,":[8],"but":[9],"security":[10,39],"and":[11,36,62,88,96,126,192,197],"privacy":[12],"concerns":[13],"with":[14,113,146,189,215],"third-party":[15],"AI":[16,34,64,74,161,239],"vendors":[17,162],"hinder":[18],"its":[19],"broader":[20],"adoption":[21],"in":[22,73,135,149,156,181,212,228],"sensitive":[23],"scenarios.":[24],"Hence,":[25],"it":[26],"essential":[28],"users":[30],"to":[31,69,92,108,143,201],"validate":[32],"the":[33,38,128,131,136,183,225],"trustworthiness":[35],"ensure":[37],"of":[40],"data":[41,58,71,165,184],"boundaries.":[42],"In":[43],"this":[44],"paper,":[45],"we":[46,98,119,140,223],"present":[47,155],"a":[48,100,105,109,114],"dye":[49,78,176,229],"testing":[50,79,177,235],"system":[51],"named":[52],"Dye4AI,":[53,206],"which":[54],"injects":[55],"crafted":[56],"trigger":[57,84,86,89,102,122,133,208,220],"into":[59,124],"human-AI":[60],"dialogue":[61,125],"observes":[63],"responses":[65],"towards":[66],"specific":[67,147],"prompts":[68,148],"diagnose":[70],"flow":[72],"model":[75,129,167],"evolution.":[76],"Our":[77],"procedure":[80],"contains":[81],"3":[82],"stages:":[83],"generation,":[85],"insertion,":[87],"retrieval.":[90],"First,":[91],"retain":[93],"both":[94],"uniqueness":[95],"stealthiness,":[97],"design":[99],"new":[101,132,150,157],"that":[103],"transforms":[104],"pseudo-random":[106],"number":[107],"intelligible":[110],"format.":[111],"Second,":[112],"custom-designed":[115],"three-step":[116],"conversation":[117],"strategy,":[118],"insert":[120],"each":[121],"item":[123],"confirm":[127],"memorizes":[130],"knowledge":[134],"current":[137],"session.":[138],"Finally,":[139],"routinely":[141],"try":[142],"recover":[144],"triggers":[145,153],"sessions,":[151],"as":[152],"can":[154,209],"sessions":[158],"only":[159,216],"if":[160],"leverage":[163],"user":[164],"fine-tuning.":[168],"Extensive":[169],"experiments":[170],"on":[171,237],"six":[172],"LLMs":[173],"demonstrate":[174],"our":[175],"scheme":[178],"effective":[180],"ensuring":[182],"boundary,":[185],"even":[186,214],"models":[188,199],"architectures":[191],"parameter":[193],"sizes.":[194],"Also,":[195],"larger":[196],"premier":[198],"tend":[200],"be":[202,210],"more":[203],"suitable":[204],"e.g.,":[207],"retrieved":[211],"OpenLLaMa-13B":[213],"2":[217],"insertions":[218],"per":[219],"item.":[221],"Moreover,":[222],"analyze":[224],"prompt":[226],"selection":[227],"testing,":[230],"providing":[231],"insights":[232],"future":[234],"systems":[236],"generative":[238],"services.":[240]},"counts_by_year":[{"year":2025,"cited_by_count":1}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}