Skip to content
/ compression-attack Public

HardCom token-level attack implementation as described by Liu et al.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

amaan-19/compression-attack

BranchesTags

Repository files navigation

Compression-Aware Counterfactual Defense

Overview

Implementation of compression-aware counterfactual defense against prompt compression attacks, as described by Liu et al.

Project Structure

  • compression_aware_defense.py - Core defense implementation
  • token_level_attack.py - HardCom token-level attack
  • qa_eval.py - Question answering task evaluation (SQuAD)
  • integrated_evaluation.py - Complete defense evaluation framework

Setup

pip install -r requirements.txt
export OPENAI_API_KEY="your-key-here"

Running Experiments

Product Recommendation Attack

python product_rec_eval.py

QA Attack (SQuAD)

python qa_eval.py

Defense Evaluation

python integrated_evaluation.py

Results

  • integrated_evaluation_results.json - Defense performance metrics
  • squad_qa_attack_results.json - QA attack results across compression rates

Requirements

  • Python 3.10+
  • OpenAI API key
  • See requirements.txt for dependencies

Citation

@misc{liu2025compressionattackexploitingpromptcompression,
      title={CompressionAttack: Exploiting Prompt Compression as a New Attack Surface in LLM-Powered Agents}, 
      author={Zesen Liu and Zhixiang Zhang and Yuchong Xie and Dongdong She},
      year={2025},
      eprint={2510.22963},
      archivePrefix={arXiv},
      primaryClass={cs.CR},
      url={https://arxiv.org/abs/2510.22963}, 
}

About

HardCom token-level attack implementation as described by Liu et al.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Languages