Somesh Jha's Avatar

Somesh Jha

@someshjha

I am a professor in the computer sciences at UW-Madison. My technical interests in trustworthy ML, formal methods, and security. My other interests are Indian classical music, mindfulness, tennis, and pickleball.

532
Followers 166
Following 65
Posts 15.11.2024
Joined
Posts Following

Latest posts by Somesh Jha @someshjha

#TPDP2026
One of the co-chairs is Amrita who is alum of our group. Way to go Amrita.

12.01.2026 21:35 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

This is excellent, Tom. On my reading list.

07.01.2026 16:00 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Last year SAGAI workshop had the most attendees out of all the workshops at IEEE S&P.

Don't miss out.

10.12.2025 18:37 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
a man is speaking into a microphone and says happy diwali . ALT: a man is speaking into a microphone and says happy diwali .

Happy Diwali to all. May this coming year be full of joy and prosperity.

20.10.2025 16:30 πŸ‘ 2 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

Congrats. The work looks cool!

16.10.2025 16:28 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Thanks for inviting me @simonsinstitute.bsky.social
The audience interaction was incredible.

04.08.2025 16:28 πŸ‘ 3 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Gorgeous. Where is it?

02.08.2025 17:10 πŸ‘ 2 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

Looks great! What are you making? I can start driving from Madison now.:-)

02.08.2025 17:09 πŸ‘ 1 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0
Preview
How Not to Detect Prompt Injections with an LLM LLM-integrated applications and agents are vulnerable to prompt injection attacks, in which adversaries embed malicious instructions within seemingly benign user inputs to manipulate the LLM's intende...

In this work, we formally characterize the KAD scheme and uncover a structural vulnerability in its design that invalidates some core security principles.
We design a methodical adaptive attack, DataFlip, to exploit this fundamental weakness. Read about the details arxiv.org/abs/2507.05630

21.07.2025 03:25 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Recent defenses based on known-answer detection (KAD) have achieved near-perfect performance by using an LLM to classify inputs as clean or contaminated.

21.07.2025 03:25 πŸ‘ 0 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

LLM-integrated applications and agents are vulnerable to prompt injection attacks, in which adversaries embed malicious instructions within seemingly benign user inputs to manipulate the LLM’s intended behavior.

21.07.2025 03:25 πŸ‘ 2 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

The team is extremely open to working with other industrial and academic teams. Please reach out if you want to collaborate with our team.

16.07.2025 12:57 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Translating Legacy Code for a Safer Future: DARPA Backs Effort to Convert C to Rust The C programming languageβ€”powering everything from operating systems to aircraft control softwareβ€”has long been a cornerstone of modern computing. But its flexibility comes at a cost: memory safety i...

Recently, we received a DARPA grant on the problem of LLM-assisted translation of C to Rust. The team consists of amazing set of PIs from UW, Berkeley, UIUC, and Edinburgh. Really excited about what we can do.

Full article can be found here: www.cs.wisc.edu/2025/07/15/t...

16.07.2025 12:57 πŸ‘ 4 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

I have interacted with @gautamkamath.com and highly recommend him for this position. Please vote for him.

30.06.2025 18:26 πŸ‘ 2 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

This research took a while to complete, but very proud of the result. Will do a detailed post soon.

05.06.2025 15:26 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

SAGAI 2025 program is now complete. What an amazing program! Don't miss it.

sites.google.com/corp/ucsd.ed...

11.05.2025 22:39 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Welcome Lucy.

05.05.2025 23:00 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Air filters are not that expensive. I think even with the price increase you can afford it:-)

24.04.2025 17:30 πŸ‘ 0 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0
Preview
SAGAI'25 @ IEEE S&P Goal The workshop will investigate the safety, security, and privacy of GenAI agents from a system design perspective. We believe that this new category of important and critical system components req...

Co-organized with @earlence.bsky.social @mihaichr.bsky.social Khawaja Shams (Google) and John Mitchell (Stanford).

Details can be found at: sites.google.com/corp/ucsd.ed...

31.03.2025 19:32 πŸ‘ 2 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
SAGAI'25 @ IEEE S&P Goal The workshop will investigate the safety, security, and privacy of GenAI agents from a system design perspective. We believe that this new category of important and critical system components req...

SAGAI'25 will investigate the safety, security, and privacy of GenAI agents from a system design perspective. We are experimenting with a new "Dagstuhl" like seminar with invited speakers and discussion. Really excited about this workshop at IEEE Security and Privacy Symposium.

31.03.2025 19:32 πŸ‘ 3 πŸ” 2 πŸ’¬ 1 πŸ“Œ 1

Interesting! Didn't know that sifr and sunya are connected.

31.03.2025 00:18 πŸ‘ 0 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0
Mubarak Eid Mubarak | 4K Video | Tumko Na Bhool Payenge | Salman Khan, Sushmita Sen | Sonu Nigam
Mubarak Eid Mubarak | 4K Video | Tumko Na Bhool Payenge | Salman Khan, Sushmita Sen | Sonu Nigam YouTube video by HoHo Entertainment

Eid Mubarak to anyone of my friends that celebrate it.

www.youtube.com/watch?v=5hwX...

30.03.2025 16:10 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Looks great! What is in it? Tofu?

25.03.2025 21:14 πŸ‘ 1 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

These kind of comparisons are not very useful. Everyone should be charting their own course!

24.03.2025 15:24 πŸ‘ 4 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Excellent place to work!

20.03.2025 16:29 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Lorenzo graduated from my group and did some cool work on system and network security during his Ph.D. Congrats, Lorenzo!

Proud of you.

19.03.2025 20:59 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

* removes reliance on public datasets, which was assumed in many existing integrity checks.

18.03.2025 22:07 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

* enables advanced integrity checks, such as cross-client validation accuracy, which were impossible in prior secure FL approaches. We show these checks are effective under model poisoning attacks and client data distribution shifts.

18.03.2025 22:06 πŸ‘ 0 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

Why SLVR? Building on secure Multi-party Computation (MPC), SLVR offers a fresh perspective on combining privacy and robustness in federated learning:
* leverages private client data while preserving the privacy guarantee of secure aggregation.

18.03.2025 22:06 πŸ‘ 0 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

Have you ever wondered: In federated learning, what if we could leverage clients' private data without compromising privacyβ€”what more could we achieve?

πŸš€ We're excited to introduce SLVR (Securely Leveraging Client Validation for Robust Federated Learning).
Paper: arxiv.org/pdf/2502.08055

18.03.2025 22:05 πŸ‘ 2 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0