Misleading Large Language Models used (or misused) in Scientific Peer-Reviewing via Hidden Prompt-Injection Attacks

Everything about this event was done at the last possible moment—but this did not diminish its quality! I was incredibly happy to receive an invitation to participate… less than one month before the event! Thankfully, it occurred when I had some breathing room (amidst my relocation to Iceland, and the various courses I was teaching at both RU and UniLie).

This “retreat” was truly great. The location was wonderful, and so were the other attendees. Indeed, I got the opportunity of meeting and exchanging ideas with many researchers that I had never interacted before. It’s amazing how much one can learn when discussing with “new” people, especially if they have slightly different backgrounds than yours.

About my talk. I originally planned to give a talk similar to the one I gave at the latest Dagstuhl Seminar I attended—which was about LLM and Phishing. However, after talking with the attendees, I decided that it would be much more interesting if I talked about another work which got accepted to ACM TAISAP just a few days before the event—which was about security issues of LLMs used in peer-review contexts.

The decision to change the subject occurred less than 24h before the talk. There was no time to prepare a proper slide deck, so I simply used the paper itself as anchor. It was the first time I gave a “slideless” talk—but I enjoyed the experience. The many questions that followed make me believe that the talk was appreciated.

Update: I gave a more refined version of this talk, this time with a proper slide deck, at the Politecnico of Milano. This happened just a couple of months after the SERICS retreat. This talk stems from me meeting Prof. Stefano Zanero at the SERICS Retreat for the first time. I hope this will be the start of a long-lasting collaboration—which would be only thanks to the SERICS Retreat!

Paper Venue Slides