Large Language Models (LLMs) are progressively being utilized as machine learning services and interface tools for various applications. However, the security implications of LLMs, particularly in relation to adversarial and Trojan attacks, remain insufficiently examined. In this paper, we propose TrojLLM, an automatic and black-box framework to effectively generate universal and stealthy triggers. When these triggers are incorporated into the input data, the LLMs' outputs can be maliciously manipulated. Moreover, the framework also supports embedding Trojans within discrete prompts, enhancing the overall effectiveness and precision of the triggers' attacks. Specifically, we propose a trigger discovery algorithm for generating universal triggers for various inputs by querying victim LLM-based APIs using few-shot data samples. Furthermore, we introduce a novel progressive Trojan poisoning algorithm designed to generate poisoned prompts that retain efficacy and transferability across a diverse range of models. Our experiments and results demonstrate TrojLLM's capacity to effectively insert Trojans into text prompts in real-world black-box LLM APIs including GPT-3.5 and GPT-4, while maintaining exceptional performance on clean test sets. Our work sheds light on the potential security risks in current models and offers a potential defensive approach. The source code of TrojLLM is available at https://github.com/UCF-ML-Research/TrojLLM.

Wheelchair mounted robotic arms can help people with disabilities perform their activities of daily living (ADL). The autonomy of such a system can range from full manual control (both wheelchair and robotic arm controlled by the human) to fully autonomous (with both the wheelchair and the robotic arm under autonomous control). Many ADLs require the robot to pick up an object from a cluttered environment - such as a glass of water from a table where several other objects exist. In this paper, we concentrate on the task of finding the optimal position of the base of the robotic arm (which is normally a rigid point on the wheelchair) such that the end effector can easily reach the target (regardless whether this is done through human or robot control). We introduce the ease-of-reach score ERS, a metric quantifying the preferences for the positioning of the base. As the brute force computation of ERS is computationally expensive, we propose an approach of estimating the ERS through a mixture of Gaussians. The parameters of the component Gaussians are learned offline and depend on the nature of the environment such as properties of the the obstacles. Simulation results show that the estimated ERS closely matches the actual value and the speed of estimation is fast enough for real-time operation.

In this paper we consider a scenario where one or more robotic bodyguards are protecting an important individual (VIP) moving in a public space against harassment or harm from unarmed civilians. In this scenario, the main objective of the robots is to position themselves such that at any given moment they provide maximum physical cover for the VIP. The robots need to follow the VIP in its movement and take into account the movements of the civilians as well. The environment can also contain obstacles which present challenges to movement but also provide natural cover. We designed two algorithms for the movement of the bodyguard robots: Threat Vector Resolution (TVR) for a single robot and Quadrant Load Balancing (QLB) for teams of bodyguard robots. We evaluated the proposed approaches against rigid formations in a simulation study.

Current state-of-the-art AI algorithms outperform humans on several well delimited tasks but have difficulty emulating general human behavior. One of the reasons for this is that human behavior, even in short scenarios, requires the integration of multiple cognitive mechanisms which are deployed simultaneously and are interacting with each other in complex and subtle ways. In this paper we show how a simple scenario of watching television requires at least four different cognitive mechanisms: perception, narrative, premonition and confabulatory continuation. We describe the general requirements of these mechanisms and outline the techniques through which the Xapagy cognitive architecture implements them.

In this paper we are considering an autonomous robot moving purposefully in a crowd of people (a marketplace). The robot should take into consideration the social costs of its movement, expressed in terms of violation of the personal space of the humans, blocking their path or even making physical contact with them. On the other hand, the full avoidance of any social cost might jeopardize the mission of the robot - in a sufficiently dense crowd, movement is impossible without violating at least some social norms. The individuals in the crowd, including the robot, periodically encounter micro-conflicts where they need to change their behavior to avoid large social costs (such as bumping into each other). We model the resolution of micro-conflicts as a series of games where the payoffs integrate the social and mission costs of the action choices. We show that human behavior corresponds to a strategy which is not necessarily optimal on a single-game basis; instead, it reflects the personality and social status of the person and the psychological requirement of consistency in behavior. We describe a robot behavior which classifies the strategy used by the opponent in the micro-conflict and chooses an appropriate counter-strategy which takes into account the urgency of the robot's mission.

We describe an agent-based simulation of a fictional (but feasible) information trading business. The Gas Price Information Trader (GPIT) buys information about real-time gas prices in a metropolitan area from drivers and resells the information to drivers who need to refuel their vehicles. Our simulation uses real world geographic data, lifestyle-dependent driving patterns and vehicle models to create an agent-based model of the drivers. We use real world statistics of gas price fluctuation to create scenarios of temporal and spatial distribution of gas prices. The price of the information is determined on a case-by-case basis through a simple negotiation model. The trader and the customers are adapting their negotiation strategies based on their historical profits. We are interested in the general properties of the emerging information market: the amount of realizable profit and its distribution between the trader and customers, the business strategies necessary to keep the market operational (such as promotional deals), the price elasticity of demand and the impact of pricing strategies on the profit.

This paper argues that the problem of identity is a critical challenge in agents which are able to reason about stories. The Xapagy architecture has been built from scratch to perform narrative reasoning and relies on a somewhat unusual approach to represent instances and identity. We illustrate the approach by a representation of the story of Little Red Riding Hood in the architecture, with a focus on the problem of identity raised by the narrative.

The Xapagy architecture is a story-oriented cognitive system which relies exclusively on the autobiographical memory implemented as a raw collection of events. Reasoning is performed by shadowing current events with events from the autobiography. The shadows are then extrapolated into headless shadows (HLSs). In a story following mood, HLSs can be used to track the level of surprise of the agent, to infer hidden actions or relations between the participants, and to summarize ongoing events. In recall mood, the HLSs can be used to create new stories ranging from exact recall to free-form confabulation.

Many cognitive systems deploy multiple, closed, individually consistent models which can represent interpretations of the present state of the world, moments in the past, possible futures or alternate versions of reality. While they appear under different names, these structures can be grouped under the general term of worlds. The Xapagy architecture is a story-oriented cognitive system which relies exclusively on the autobiographical memory implemented as a raw collection of events organized into world-type structures called {\em scenes}. The system performs reasoning by shadowing current events with events from the autobiography. The shadows are then extrapolated into headless shadows corresponding to predictions, hidden events or inferred relations.

In most cognitive architectures, episodic memory is either not implemented, or plays a secondary role. In contrast, in the Xapagy architecture episodic memory is the primary means of acquiring and using knowledge. Shadowing, the main reasoning method of the system, relies on unprocessed historical recordings of concrete events to determine the agent's behavior. This paper outlines the use of episodic memory in Xapagy, and investigates whether episodic memory might play a wider role in cognitive architectures at large.