From Prompt Injections to SQL Injection Attacks: How Protected is Your LLM-Integrated Web Application?

Large Language Models (LLMs) have found widespread applications in various domains, including web applications, where they facilitate human interaction via chatbots with natural language interfaces. Internally, aided by an LLM-integration middleware such as Langchain, user prompts are translated into SQL queries used by the LLM to provide meaningful responses to users. However, unsanitized user prompts can lead to SQL injection attacks, potentially compromising the security of the database. Despite the growing interest in prompt injection vulnerabilities targeting LLMs, the specific risks of generating SQL injection attacks through prompt injections have not been extensively studied. In this paper, we present a comprehensive examination of prompt-to-SQL (P$_2$SQL) injections targeting web applications based on the Langchain framework. Using Langchain as our case study, we characterize P$_2$SQL injections, exploring their variants and impact on application security through multiple concrete examples. Furthermore, we evaluate 7 state-of-the-art LLMs, demonstrating the pervasiveness of P$_2$SQL attacks across language models. Our findings indicate that LLM-integrated applications based on Langchain are highly susceptible to P$_2$SQL injection attacks, warranting the adoption of robust defenses. To counter these attacks, we propose four effective defense techniques that can be integrated as extensions to the Langchain framework. We validate the defenses through an experimental evaluation with a real-world use case application.Comment: 12 pages, 3 figures, 3 tables, 5 listing

Efficient discrete-event based particle tracking simulation for high energy physics

This work presents novel discrete event-based simulation algorithms based on the Quantized State System (QSS) numerical methods. QSS provides attractive features for particle transportation processes, in particular a very efficient handling of discontinuities in the simulation of continuous systems. We focus on High Energy Physics (HEP) particle tracking applications that typically rely on discrete timebased methods, and study the advantages of adopting a discrete event-based numerical approach that resolves efficiently the crossing of geometry boundaries by a traveling particle. For this purpose we follow two complementary strategies. First, a new co-simulation technique connects the Geant4 simulation toolkit with a standalone QSS solver. Second, a new native QSS numerical stepper is embedded into Geant4. We compare both approaches against the latest Geant4 default steppers in different HEP setups, including a complex realistic scenario (the CMS particle detector at CERN). Our techniques achieve relevant simulation speedups in a wide range of scenarios, particularly when the intensity of discrete-event handling dominates performance in the solving of the continuous laws of particle motion.Fil: Santi, Lucio. Consejo Nacional de Investigaciones Científicas y Técnicas. Oficina de Coordinación Administrativa Ciudad Universitaria. Instituto de Investigación en Ciencias de la Computación. Universidad de Buenos Aires. Facultad de Ciencias Exactas y Naturales. Instituto de Investigación en Ciencias de la Computación; ArgentinaFil: Rossi, Lucas Ezequiel. Consejo Nacional de Investigaciones Científicas y Técnicas. Oficina de Coordinación Administrativa Ciudad Universitaria. Instituto de Investigación en Ciencias de la Computación. Universidad de Buenos Aires. Facultad de Ciencias Exactas y Naturales. Instituto de Investigación en Ciencias de la Computación; ArgentinaFil: Castro, Rodrigo Daniel. Consejo Nacional de Investigaciones Científicas y Técnicas. Oficina de Coordinación Administrativa Ciudad Universitaria. Instituto de Investigación en Ciencias de la Computación. Universidad de Buenos Aires. Facultad de Ciencias Exactas y Naturales. Instituto de Investigación en Ciencias de la Computación; Argentin

Potenciación de un motor a gasolina por medio de un generador de hidrógeno

This paper is intended to provide information to the reader on the analysis and feasibility study for the implementation of a hydrogen generator by water electrolysis. This simple chemical process could replace fossil fuel in the near future, and thus radically change the planet's energy matrix. Finally, in this work quickly explained the some alternative energy such as solar panels, biofuels, hybrid vehicles, and a brief overview of the damage they have caused the polluting.El presente trabajo tiene como finalidad proporcionar información al lector sobre el análisis y estudio de factibilidad para la implementación de un generador de hidrógeno a través de la electrólisis del agua. Este proceso químico sencillo podría reemplazar al combustible fósil en un futuro no muy lejano, y de esta manera cambiar radicalmente la matriz energética del planeta. Finalmente, se expondrá brevemente las diversas alternativas energéticas: paneles solares, biocombustibles, vehículos híbridos; además de una reseña de los daños producido por los gases contaminantes

An Integrated Ecological-Social Simulation Model of Farmer Decisions and Cropping System Performance in the Rolling Pampas (Argentina)

Changes in agricultural systems are a multi-causal process involving climate change, globalization and technological change. These complex interactions regulate the landscape transformation process by imposing land use and cover change (LUCC) dynamics. In order to better understand and forecast the LUCC process we developed a spatially explicit agent-based model in the form of a Cellular Automata: the AgroDEVS model. The model was designed to project viable LUCC dynamics along with their associated economic and environmental changes. AgroDEVS is structured with behavioral rules and functions representing a) crop yields, b) weather conditions, c) economic profits, d) farmer preferences, e) adoption of technology levels and f) natural resource consumption based on embodied energy accounting. Using data from a typical location of the Pampa region (Argentina) for the period 1988-2015, simulation exercises showed that economic goals were achieved, on average, each 6 out of 10 years, but environmental thresholds were only achieved in 1.9 out of 10 years. In a set of 50-years simulations, LUCC patterns converge quickly towards the most profitable crop sequences, with no noticeable trade-off between economic and environmental conditions.Fil: Pessah, Sebastián. Consejo Nacional de Investigaciones Científicas y Técnicas. Oficina de Coordinación Administrativa Parque Centenario. Instituto de Investigaciones Fisiológicas y Ecológicas Vinculadas a la Agricultura. Universidad de Buenos Aires. Facultad de Agronomía. Instituto de Investigaciones Fisiológicas y Ecológicas Vinculadas a la Agricultura; ArgentinaFil: Ferraro, Diego Omar. Consejo Nacional de Investigaciones Científicas y Técnicas. Oficina de Coordinación Administrativa Parque Centenario. Instituto de Investigaciones Fisiológicas y Ecológicas Vinculadas a la Agricultura. Universidad de Buenos Aires. Facultad de Agronomía. Instituto de Investigaciones Fisiológicas y Ecológicas Vinculadas a la Agricultura; ArgentinaFil: Blanco, Daniela. Universidad de Buenos Aires. Facultad de Ciencias Exactas y Naturales. Departamento de Computación; ArgentinaFil: Castro, Rodrigo Daniel. Consejo Nacional de Investigaciones Científicas y Técnicas. Oficina de Coordinación Administrativa Ciudad Universitaria. Instituto de Investigación en Ciencias de la Computación. Universidad de Buenos Aires. Facultad de Ciencias Exactas y Naturales. Instituto de Investigación en Ciencias de la Computación; Argentina. Universidad de Buenos Aires. Facultad de Ciencias Exactas y Naturales. Departamento de Computación; Argentin

Discrete-Time Modeling of COVID-19 Propagation in Argentina with Explicit Delays

We present a new deterministic discrete-Time compartmental model of COVID-19 that explicitly takes into account relevant delays related to the stages of the disease, its diagnosis and report system, allowing to represent the presence of imported cases. In addition to developing the model equations, we describe an automatic parameter fitting mechanism using official data on the spread of the virus in Argentina. The result consistently reflects the behavior of the disease with respect to characteristic times: latency, infectious period, report of cases (confirmed and dead), and allows for detecting automatically changes in the reproductive number and in the mortality factor. We also analyse the model´s prediction capability and present simulation results assuming different future scenarios. We discuss usage of the model in a closed-loop control scheme, where the explicit presence of delays plays a key role in projecting more realistic dynamics than that of classic continuous-Time models.Fil: Bergonzi, Mariana. Universidad Nacional de Rosario. Facultad de Ciencias Exactas, Ingeniería y Agrimensura; Argentina. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Rosario. Centro Internacional Franco Argentino de Ciencias de la Información y de Sistemas. Universidad Nacional de Rosario. Centro Internacional Franco Argentino de Ciencias de la Información y de Sistemas; ArgentinaFil: Pecker Marcosig, Ezequiel. Consejo Nacional de Investigaciones Científicas y Técnicas; Argentina. Universidad de Buenos Aires; ArgentinaFil: Kofman, Ernesto Javier. Universidad Nacional de Rosario. Facultad de Ciencias Exactas, Ingeniería y Agrimensura; Argentina. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Rosario. Centro Internacional Franco Argentino de Ciencias de la Información y de Sistemas. Universidad Nacional de Rosario. Centro Internacional Franco Argentino de Ciencias de la Información y de Sistemas; ArgentinaFil: Castro, Rodrigo Daniel. Consejo Nacional de Investigaciones Científicas y Técnicas; Argentina. Universidad de Buenos Aires; Argentin

Evaluation of the rejuvenation of asphalt by means of oil-saturated porous aggregates

Road degradation is an increasing problem for assets managers. Roads deteriorate mainly due to the combination of different factors, such as temperature, climate and traffic loads. This causes the asphalt to age and, consequently, the bituminous mixtures become more fragile and microcracks begin to appear. To eliminate these degradation effects, the most widely used performed actions are based on the renovation of the pavement to achieve an asphalt surface under acceptable conditions of use. In order to reduce the application of corrective measures when the asphalt pavement is already facing significant defects, it is important to perform regular preventive maintenance that minimise the renovation works of the pavement and improves the asphalt durability. This paper shows a method for the continuous rejuvenation of asphalt, by analysing the evolution of asphalt mixture stiffness and the resistance to cracking on asphalt mixtures with rejuvenator added after having been submitted to a laboratory ageing protocol (short and long-term ageing). The rejuvenator was added to the mixtures following either of these two procedures: first, directly added to the mixture and the second, saturated in porous aggregates, what the authors call encapsulated. Results from this study demonstrate the effectiveness of the second method (encapsulated rejuvenator) as an original solution to achieve long-term performance mixtures with reduced cracking.The authors acknowledge the financial support from a National project, REPARA v2.0, funded by the Centre for Industrial Technological Development (CDTI) of the Spanish Government within the programme supporting the Strategic National Consortiums for Technical Investigation (CIEN).Peer ReviewedPostprint (published version

Whole-genome functional characterization of RE1 silencers using a modified massively parallel reporter assay.

Transcriptional silencers are under- studied compared with activating elements. By using MPRAduo, Mouri et al. perform a whole-genome functional characterization screen of RE1 silencers and identify REST-binding motif characteristics and cofactor localization required for a functional silencer. They also identify human genetic variants that impact RE1 activity

A multi-aspect agent-based model of covid-19: disease dynamics, contact tracing interventions and shared space-driven contagions

In the quest to better understand the epidemic dynamics of COVID-19 and possible strategies to mitigate its impact, a wide range of simulation models have been developed for various purposes. Faced with a novel disease with little-known characteristics and an unprecedented impact, the need arises to model multiple aspects with very dissimilar dynamics in a consistent, formal, yet flexible and quick way, in order to then study the combined interaction of these dynamics. We present an agent-based model combining kinematic movement of agents, interaction between them and their surrounding space and a top-down control over the entire population. To achieve this, we extend the retQSS framework to model and simulate particle systems interacting with geometries. In this work, we study different contact tracing strategies and their efficacy in a population undergoing an epidemic process driven mainly by airborne infections in indoor environments.Fil: Lanzarotti, Esteban Omar. Consejo Nacional de Investigaciones Científicas y Técnicas. Oficina de Coordinación Administrativa Ciudad Universitaria. Instituto de Investigación en Ciencias de la Computación. Universidad de Buenos Aires. Facultad de Ciencias Exactas y Naturales. Instituto de Investigación en Ciencias de la Computación; ArgentinaFil: Roslan, Francisco. Universidad de Buenos Aires. Facultad de Ciencias Exactas y Naturales. Departamento de Computación; ArgentinaFil: Groisman, Leandro. Universidad de Buenos Aires. Facultad de Ciencias Exactas y Naturales. Departamento de Computación; ArgentinaFil: Santi, Lucio Emilio. Consejo Nacional de Investigaciones Científicas y Técnicas. Oficina de Coordinación Administrativa Ciudad Universitaria. Instituto de Investigación en Ciencias de la Computación. Universidad de Buenos Aires. Facultad de Ciencias Exactas y Naturales. Instituto de Investigación en Ciencias de la Computación; ArgentinaFil: Castro, Rodrigo Daniel. Consejo Nacional de Investigaciones Científicas y Técnicas. Oficina de Coordinación Administrativa Ciudad Universitaria. Instituto de Investigación en Ciencias de la Computación. Universidad de Buenos Aires. Facultad de Ciencias Exactas y Naturales. Instituto de Investigación en Ciencias de la Computación; ArgentinaWinter Simulation Conference 2021: Simulation for a Smart World: From Smart Devices to Smart CitiesPhoenixEstados UnidosOrganizing Committee of Simulation Conferenc

Systematic data analysis-based validation of simulation models with heterogeneous data sources

Complex networked computer systems are subjected to upgrades on a continuous basis. Modeling and simulation (M&S) of such systems helps with guiding their engineering processes when testing design options on the real system is not an option. Too often many system’s operational conditions need to be assumed in order to focus on the questions at hand, a typical case being the exogenous workload. Meanwhile, soaring amounts of monitoring information is logged to analyze the system’s performance in search for improvement opportunities. Concurrently, research questions mutate as operational conditions vary throughout its lifetime. This context poses many challenges to assess the validity of simulation models. As the empirical knowledge base of the system grows, the question arises whether a simulation model that was once deemed valid could be invalidated in the context of unprecedented operation conditions. This work presents a conceptual framework and a practical prototype that helps with answering this question in a systematic, automated way. MASADA parses recorded operation intervals and automatically parameterizes, launches, and validates simulation experiments. MASADA has been tested in the data acquisition network of the ATLAS particle physics experiment at CERN. The result is an efficient framework for validating our models on a continuous basis as new particle collisions impose unpredictable network workloads.Sociedad Argentina de Informática e Investigación Operativa (SADIO

Proyecto de mejora de procesos en la cadena de valor del Molino Arrocero Monterrico E.I.R.L.

El Molino Arrocero Monterrico E.I.R.L ubicado en la provincia de Camaná, es una empresa familiar que tiene como principal actividad económica el pilado y la comercialización de sacos de arroz al sur del país. Actualmente, la empresa busca incrementar su rentabilidad principalmente a través de la optimización de su proceso productivo el cual tiene importantes oportunidades de mejora. Por ello, el objetivo primario de la investigación se centra en evaluar la mejor alternativa para mejorar el proceso de producción. Se justifica la inversión de una optimización del proceso productivo debido a que en un análisis específico de la demanda nacional tiene una tendencia de crecimiento aproximada de 1,01% por año. Por otro lado, para poder aumentar en rentabilidad la mejor alternativa es disminuir costos y valorizar más el producto, haciéndolo más “añejo”. Con un análisis de Factorial de Klein se identificó que los principales procesos productivos a ser evaluados serían los siguientes: • Procesos de Almacenamiento • Procesos de secado • Proceso productivo de pilado • Orden y limpieza La propuesta de mayor impacto, pero también la de mayor inversión, es la relacionada al proceso de secado. Esta propuesta consiste en la adquisición de un horno de biomasa (secadora), con una inversión aproximada de 490 000 soles. Los principales beneficios relacionados a esta inversión son los siguientes: • Disminución de tiempo necesario para obtener arroz añejo de 1 año a 1 mes el tiempo de obtención del producto final. • Aumento de la productividad. • Aumento del valor del producto terminado en más de 20%. • Disminución de mermas en secado de la materia prima pasan de 3% a 1%, en el proceso de pilado disminuir las mermas de 6% a 3%. Se concluye mediante una evaluación financiera que las sugerencias son viables y que tendrán los siguientes indicadores: • Inversión total 1 124 290 soles aproximadamente. • R B/C Económico= 1,48 y R B/C Financiero= 2,41 • Aumento de Rentabilidad: de 4% a 7,1% • PR económico= 3,34 años y PR financiero= 2,29 años • VAN económico: 537 133 soles y VAN financiero: 634 002 soles • TIR económico= 43% y TIR financiero= 68%.The rice mill Monterrico E.I.R.L located in the province of Camaná, is a family business of Peruvian capitals whose main economic activity is the piling and marketing of rice bags in the south of the country. Currently, the company seeks to increase its profitability mainly through the optimization of its production process, which has been diagnosed as having significant opportunities for improvement. Therefore, the primary objective of the research is to evaluate the best alternative to improve the production process. The investment is justified because a specific analysis of demand concludes that the national population has a growth trend of approximately 1,01% per year, in order to increase profitability the best alternative is to decrease costs and value the product more, making it more "aged". With a Klein Factorial analysis, it was identified that the main production processes to be evaluated would be the following: • Storage processes • Drying processes • Piling production process • Order and cleanliness The big proposal with the greatest impact, but also the one with the highest investment, is the one related to the drying process. This proposal consists of the acquisition of a biomass oven (dryer), with an investment of approximately 490 000 soles. The main benefits related to this investment are the following: • Decrease in the time necessary to obtain aged rice 1 year to 1 month • Increased yield 63% to 66%. • Increase in the value of the finished product 20% higher than the market price of superior rice. • Decrease in losses: Regarding the losses in the drying of the raw material, go from 3% to 1%. With respect to the piling process, decrease the losses from 6% to 3%. Finally, it is concluded through a financial evaluation that the suggestions are viable and that they will have the following indicators: • Total investment 1 124 290 soles approximately. • Economic R B / C= 1.48 Financial R B / C= 2,41 • Increase in Profitability: 4% to 7,1% • Economic PR= 3,34 years Financial PR= 2,29 years • Economic GO: 537 133 soles Financial GO: 634 002 soles • Economic IRR= 43% Financial IRR= 68