Matan Ben-Tov
I am a Computer Science PhD student at Tel Aviv University and an AI security researcher in the PLUS research group, advised by Dr. Mahmood Sharif. I’m currently interning at Google. During my BSc, I worked as a software engineer in the mobile malware detection team at Check Point Research.
I am interested in the security of NLP systems and models. In particular, I explore the execution, practicality, implications and potential mitigations of attacks against Natural Language Processing (NLP) models, aiming to better understand what makes these models vulnerable to certain attacks.
Selected Publications
Universal Jailbreak Suffixes Are Strong Attention Hijackers
Analyzing the underlying mechanism of suffix-based LLM jailbreaks, we find it relies on aggressively hijacking the model context 🥷, which intensifies with the suffix’s universality. Exploiting this, we enhance and mitigate existing attacks.
GASLITEing the Retrieval: Exploring Vulnerabilities in Dense Embedding-based Search
Through introducing a strong, new SEO attack ⛽💡, we extensively evaluate widely-used embedding-based retrievers’ susceptibility to SEO attacks via corpus poisoning, linking it to key properties in embedding space.
CaFA: Cost-aware, Feasible Attacks With Database Constraints Against Neural Tabular Classifiers
We propose an efficient attack against neural tabular classifiers for automatic robustness evaluation, addressing attacker objectives such as feasibility (via incorporation of database constraints) and cost-efficiency.
Blog
NanoPGD: Minimal Implementation of PGD 🐼➡️🐒
PGD is the perfect [adversarial] example of neural networks’ vulnerabilities. I implemented a compact version of this method, that can be …
Squeezing More Out of Vec2Text with Embedding Space Alignment 🧃
Transferring previously-trained Vec2Text’s embedding inversion to new text encoders, by training a mere affine mapping.