Andrey Labunets

I am a researcher, I apply an adversarial mindset to problems in computer science. My current work focuses on adversarial examples and attacks against AI assistants and large language models. I work with Earlence Fernandes, and I am a part of Systems and Networking and Security and Cryptography groups at UCSD. Sometimes, I do interdisciplinary research, such as on national security letters reporting and natural language processing.

Previously, I worked as a security engineer at Facebook. Our investigation of the NSO Group exploit against WhatsApp has been featured in The New Yorker.

Selected Publications

Fun-tuning: Characterizing the Vulnerability of Proprietary LLMs to Optimization-based Prompt Injection Attacks via the Fine-Tuning Interface
Andrey Labunets, Nishit V. Pandya, Ashish Hooda, Xiaohan Fu, Earlence Fernandes
46th IEEE Symposium on Security and Privacy, San Francisco, CA, May 2025.

An Empirical Analysis on the Use and Reporting of National Security Letters
Alex Bellon, Miro Haller, Andrey Labunets, Enze Liu, Stefan Savage
4th ACM Symposium on Computer Science and Law, Munich, Germany, 2025

Experimental Analyses of the Physical Surveillance Risks in Client-Side Content Scanning
Ashish Hooda, Andrey Labunets, Tadayoshi Kohno, Earlence Fernandes
28th ISOC Network and Distributed Security Symposium (NDSS), San Diego, CA, Feb 2024

OAuth 2.0 security best current practice
Torsten Lodderstedt, John Bradley, Andrey Labunets, Daniel Fett
Internet Engineering Task Force (IETF)