Genesis: Evolving Attack Strategies for LLM Web Agent Red-Teaming
Zheng Zhang, Jiarui He, Yuchen Cai, Deheng Ye, Peilin Zhao, Ruili Feng, Hao Wang
- 🏛 Institutions
- HKUST(GZ), Tencent, SJTU, Alibaba Group
- 📅 Date
- October 21, 2025
- 📑 Publisher
- ICME 2026
- 💻 Env
- Web
- 🔑 Keywords
TLDR
Genesis studies automated red-teaming for web agents by evolving attack strategies over repeated interactions instead of relying on fixed prompts or manually designed attacks. Its attacker-scorer-strategist loop builds and reuses a growing strategy library, yielding stronger adversarial injections across web tasks.
Related papers
- It's a TRAP! Task-Redirecting Agent Persuasion Benchmark for Web AgentsDecember 29, 2025 · arXiv
- Attacking Vision-Language Computer Agents via Pop-upsNovember 4, 2024 · ACL 2025
- EIA: Environmental Injection Attack on Generalist Web Agents for Privacy LeakageSeptember 17, 2024 · ICLR 2025 (Poster)
- Dissecting Adversarial Robustness of Multimodal LM AgentsJune 18, 2024 · ICLR 2025 (Poster)
- Preference Redirection via Attention Concentration: An Attack on Computer Use AgentsApril 9, 2026 · arXiv
- CaMeLs Can Use Computers Too: System-level Security for Computer Use AgentsJanuary 14, 2026 · arXiv