BZPEERReading, trust and collaboration for research
Menu

Discover

GraphFollow connections around a paper, topic or saved view.

Workspaces

HomePick up where your research flow left off.InboxHandle requests, replies and notifications from one place.CollectionsCurate reading lists, evidence sets and shareable dossiers.ResearchSee your private provenance graph, trail and imports.CollaborationMove from discovery into focused discussion rooms.PublishDraft, preview and publish full-text research articles.

Network

ExpertsFind specialists worth following or asking for help.CommunitiesJoin research circles organized around shared work.PartnersSee external organizations active around the same topics.

Opportunities

ListingsBrowse roles, calls and collaborations with clearer fit signals.

Account

Log inReturn to your reading and collaboration workspace.Create accountStart saving work, following people and joining teams.
Log inCreate account

Researcher profile

Meng Han

Meng Han contributes to research discovery and scholarly infrastructure.

ResearcherAffiliation not importedOpen to collaborate
Artificial IntelligenceCryptography and SecurityComputation and LanguageComputer Visioncond-mat.mes-hallhep-exhep-phMultiagent Systemsphysics.comp-ph

Trust snapshot

Quick read

Trust 21 - EmergingVerification L1Unclaimed author
10works
0followers
9topics
4close collaborators

Actions

Decide how to stay connected

Follow researcher0

Identity and collaboration

How to connect with this researcher

Claiming links this public author record to a researcher profile and unlocks direct collaboration workflows.

Log in to claim

Direct collaboration

Open a focused conversation when the fit is right

Claim this author entity first to unlock direct invitations.

Research graph

See the researcher in context

Open full explorer

Inspect adjacent work, topics, institutions and collaborators without jumping out to a separate graph page.

Building this graph slice

BZPEER is loading the nearby papers, people, topics and institutions for this page.

Published work

10 published item(s)

preprint2026arXiv

AdaMARP: An Adaptive Multi-Agent Interaction Framework for General Immersive Role-Playing

LLM role-playing aims to portray arbitrary characters in interactive narratives, yet existing systems often suffer from limited immersion and adaptability. They typically under-model dynamic environmental information and assume largely static scenes and casts, offering insufficient support for multi-character orchestration, scene transitions, and on-the-fly character introduction. We propose an adaptive multi-agent role-playing framework, AdaMARP, featuring an immersive message format that interleaves [Thought], (Action), <Environment>, and Speech, together with an explicit Scene Manager that governs role-playing through discrete actions (init_scene, pick_speaker, switch_scene, add_role, end) accompanied by rationales. To train these capabilities, we construct AdaRPSet for the Actor Model and AdaSMSet for supervising orchestration decisions, and introduce AdaptiveBench for trajectory-level evaluation. Experiments across multiple backbones and model scales demonstrate consistent improvements: AdaRPSet enhances character consistency, environment grounding, and narrative coherence, with an 8B actor outperforming several commercial LLMs, while AdaSMSet enables smoother scene transitions and more natural role introductions, surpassing Claude Sonnet 4.5 using only a 14B LLM.

0 citations0 reviewsNo code linkedOpen access
preprint2026arXiv

HGMF: A Hierarchical Gaussian Mixture Framework for Scalable Tool Invocation within the Model Context Protocol

Invoking external tools enables Large Language Models (LLMs) to perform complex, real-world tasks, yet selecting the correct tool from large, hierarchically-structured libraries remains a significant challenge. The limited context windows of LLMs and noise from irrelevant options often lead to low selection accuracy and high computational costs. To address this, we propose the Hierarchical Gaussian Mixture Framework (HGMF), a probabilistic pruning method for scalable tool invocation. HGMF first maps the user query and all tool descriptions into a unified semantic space. The framework then operates in two stages: it clusters servers using a Gaussian Mixture Model (GMM) and filters them based on the query&#39;s likelihood. Subsequently, it applies the same GMM-based clustering and filtering to the tools associated with the selected servers. This hierarchical process produces a compact, high-relevance candidate set, simplifying the final selection task for the LLM. Experiments on a public dataset show that HGMF significantly improves tool selection accuracy while reducing inference latency, confirming the framework&#39;s scalability and effectiveness for large-scale tool libraries.

0 citations0 reviewsNo code linkedOpen access
preprint2026arXiv

Latent Fusion Jailbreak: Blending Harmful and Harmless Representations to Elicit Unsafe LLM Outputs

While Large Language Models (LLMs) have achieved remarkable progress, they remain vulnerable to jailbreak attacks. Existing methods, primarily relying on discrete input optimization (e.g., GCG), often suffer from high computational costs and generate high-perplexity prompts that are easily blocked by simple filters. To overcome these limitations, we propose Latent Fusion Jailbreak (LFJ), a stealthy white-box attack that operates in the continuous latent space. Unlike previous approaches, LFJ constructs adversarial representations by mathematically fusing the hidden states of a harmful query with a thematically similar benign query, effectively masking malicious intent while retaining semantic drive. We further introduce a gradient-guided optimization strategy to balance attack success and computational efficiency. Extensive evaluations on Vicuna-7B, LLaMA-2-7B-Chat, Guanaco-7B, LLaMA-3-70B, and Mistral-7B-Instruct show that LFJ achieves an average Attack Success Rate (ASR) of 94.01%, significantly outperforming state-of-the-art baselines like GCG and AutoDAN while avoiding detectable input artifacts. Furthermore, we identify that thematic similarity in the latent space is a critical vulnerability in current safety alignments. Finally, we propose a latent adversarial training defense that reduces LFJ&#39;s ASR by over 80% without compromising model utility.

0 citations0 reviewsNo code linkedOpen access
preprint2026arXiv

MCP-Guard: A Multi-Stage Defense-in-Depth Framework for Securing Model Context Protocol in Agentic AI

While Large Language Models (LLMs) have achieved remarkable performance, they remain vulnerable to jailbreak. The integration of Large Language Models (LLMs) with external tools via protocols such as the Model Context Protocol (MCP) introduces critical security vulnerabilities, including prompt injection, data exfiltration, and other threats. To counter these challenges, we propose MCP-GUARD, a robust, layered defense architecture designed for LLM-tool interactions. MCP-GUARD employs a three-stage detection pipeline that balances efficiency with accuracy: it progresses from lightweight static scanning for overt threats and a deep neural detector for semantic attacks, to our fine-tuned E5-based model which achieves 96.01\% accuracy in identifying adversarial prompts. Finally, an LLM arbitrator synthesizes these signals to deliver the final decision. To enable rigorous training and evaluation, we introduce MCP-ATTACKBENCH, a comprehensive benchmark comprising 70,448 samples augmented by GPT-4. This benchmark simulates diverse real-world attack vectors that circumvent conventional defenses in the MCP paradigm, thereby laying a solid foundation for future research on securing LLM-tool ecosystems.

0 citations0 reviewsNo code linkedOpen access
preprint2026arXiv

SME-YOLO: A Real-Time Detector for Tiny Defect Detection on PCB Surfaces

Surface defects on Printed Circuit Boards (PCBs) directly compromise product reliability and safety. However, achieving high-precision detection is challenging because PCB defects are typically characterized by tiny sizes, high texture similarity, and uneven scale distributions. To address these challenges, this paper proposes a novel framework based on YOLOv11n, named SME-YOLO (Small-target Multi-scale Enhanced YOLO). First, we employ the Normalized Wasserstein Distance Loss (NWDLoss). This metric effectively mitigates the sensitivity of Intersection over Union (IoU) to positional deviations in tiny objects. Second, the original upsampling module is replaced by the Efficient Upsampling Convolution Block (EUCB). By utilizing multi-scale convolutions, the EUCB gradually recovers spatial resolution and enhances the preservation of edge and texture details for tiny defects. Finally, this paper proposes the Multi-Scale Focused Attention (MSFA) module. Tailored to the specific spatial distribution of PCB defects, this module adaptively strengthens perception within key scale intervals, achieving efficient fusion of local fine-grained features and global context information. Experimental results on the PKU-PCB dataset demonstrate that SME-YOLO achieves state-of-the-art performance. Specifically, compared to the baseline YOLOv11n, SME-YOLO improves mAP by 2.2% and Precision by 4%, validating the effectiveness of the proposed method.

0 citations0 reviewsNo code linkedOpen access
preprint2026arXiv

SRAF: Stealthy and Robust Adversarial Fingerprint for Copyright Verification of Large Language Models

The protection of Intellectual Property (IP) for Large Language Models (LLMs) has become a critical concern as model theft and unauthorized commercialization escalate. While adversarial fingerprinting offers a promising black-box solution for ownership verification, existing methods suffer from significant limitations: they are fragile against model modifications, sensitive to system prompt variations, and easily detectable due to high-perplexity input patterns. In this paper, we propose SRAF, which employs a multi-task adversarial optimization strategy that jointly optimizes fingerprints across homologous model variants and diverse chat templates, allowing the fingerprint to anchor onto invariant decision boundary features. Furthermore, we introduce a Perplexity Hiding technique that embeds adversarial perturbations within Markdown tables, effectively aligning the prompt&#39;s statistics with natural language to evade perplexity-based detection. Experiments on Llama-2 variants demonstrate SRAF&#39;s superior robustness and stealthiness compared to state-of-the-art baselines, offering a practical black-box solution for ownership verification.

0 citations0 reviewsNo code linkedOpen access
preprint2026arXiv

Web Fraud Attacks Against LLM-Driven Multi-Agent Systems

With the proliferation of LLM-driven multi-agent systems (MAS), the security of Web links has become a critical concern. Once MAS is induced to trust a malicious link, attackers can use it as a springboard to expand the attack surface. In this paper, we propose Web Fraud Attacks, a novel type of attack manipulating unique structures of web links to deceive MAS. We design 12 representative attack variants that encompass various methods, such as homoglyph deception, sub-directory nesting, and parameter obfuscation. Through extensive experiments on these attack vectors, we demonstrate that Web fraud attacks not only exhibit significant destructive potential across different MAS architectures but also possess a distinct advantage in evasion: they circumvent the need for complex input design, lowering the threshold for attacks significantly. These results underscore the importance of addressing Web fraud attacks, providing new insights into MAS safety. Our code is available at https://github.com/JiangYingEr/Web-Fraud-Attack-in-MAS.

0 citations0 reviewsNo code linkedOpen access
preprint2022arXiv

Abnormally High Thermal Conductivity in Fivefold Twinned Diamond Nanowires

Fivefold twins (5FTs), discovered nearly 200 years ago, are a common multiply twinned structure that usually dramatically deteriorate the thermal transport properties of nanomaterials. Here, we report the anomalous thermal conductivity ($κ$) in a novel fivefold twinned diamond nanowires (5FT-DNWs). The $κ$ of 5FT-DNWs is effectively enhanced by the defects of 5FT boundaries, and non-monotonically changes with the cross-sectional area ($\textit{S}$). Above the critical $\textit{S}$ = 7.1 nm$^{2}$, 5FT-DNWs show a constant value of $κ$, whereas below it, there appears a sharp increase in $κ$ with decreasing $\textit{S}$. More importantly, 5FT-DNWs with minimal $\textit{S}$ show a superior $κ$ over the bulk diamond. By confirming the Normal-process-dominated scattering event, it is demonstrated that the phonon hydrodynamic behavior plays a determinative role in abnormally high $κ$ of 5FT-DNWs with small $\textit{S}$. The super-transported phonon hydrodynamic phenomenon unveiled in the twinned diamond nanowires may provide a new route for pursuing highly thermally conductive nanomaterials.

0 citations0 reviewsNo code linkedOpen access
preprint2022arXiv

The partial waves of $B^{*}_{2}(5747)$ and their contributions in strong decays

By adopting the relativistic Bethe-Salpeter method, the OZI allowed strong decays of the $2^+$ state $B^{*}_{2}(5747)^{0}$ are studied, emphasis is paid to the relativistic corrections. We first study the partial waves in the wave functions used, find that there are $P$, $D$ and $F$ partial waves in $B^{*}_{2}(5747)^{0}$ meson, and the ratios $P:D:F=1:0.421:0.051$. We also find $S:P:D=1:0.354:0.046$ for $B^*$, and $S:P=1:0.343$ for $B$ meson. The large components of the $D$ wave in $B^{*}_{2}(5747)^{0}$ and $P$ wave in $B^{(*)}$ means that large relativistic effects existing in these states. Second, we calculate the strong decays, the obtained total decay width $Γ(B^{*}_{2}(5747)^{0})=25.9$ MeV and the branching fraction $Γ(B^{*}_{2}(5747)^{0} \to B^{*}π)$ / $Γ(B^{*}_{2}(5747)^{0} \to Bπ)=0.96$ are consistent well with experimental data. Third, we study the contributions of different partial waves in the initial and final wave functions, find that the relativistic effects are about $15\%$ and $11\%$ for $B^{*}_{2}(5747)^{0} \to Bπ$ and $B^{*}_{2}(5747)^{0} \to B^{*}π$, respectively, which are much smaller than our expected, showing that the relativistic corrections are cancelled to each other in these decays.

0 citations0 reviewsNo code linkedOpen access
preprint2020arXiv

Blockchain Architecture forAuditing Automation and TrustBuilding in Public Markets

Business transactions by public firms are required to be reported, verified, and audited periodically, which is traditionally a labor-intensive and time-consuming process. To streamline this procedure, we design FutureAB (Future Auditing Blockchain) which aims to automate the reporting and auditing process, thereby allowing auditors to focus on discretionary accounts to better detect and prevent fraud. We demonstrate how distributed-ledger technologies build investor trust and disrupt the auditing industry. Our multi-functional design indicates that auditing firms can automate transaction verification without the need for a trusted third party by collaborating and sharing their information while preserving data privacy (commitment scheme) and security (immutability). We also explore how smart contracts and wallets facilitate the computerization and implementation of our system on Ethereum. Finally, performance evaluation reveals the efficacy and scalability of FutureAB in terms of both encryption (0.012 seconds per transaction) and verification (0.001 seconds per transaction).

0 citations0 reviewsNo code linkedOpen access