A security-driven user study (N=58) measuring whether LLM code assistants like OpenAI Codex lead student programmers to write less secure low-level C code. We find the security impact is small.

Recommended citation: Gustavo Sandoval, Hammond Pearce, Teo Nys, Ramesh Karri, Siddharth Garg, and Brendan Dolan-Gavitt. (2023). "Lost at C: A User Study on the Security Implications of Large Language Model Code Assistants." 32nd USENIX Security Symposium. https://www.usenix.org/system/files/sec23summer_sandoval.pdf

Early Approaches to Adversarial Fine-Tuning for Prompt Injection Defense: A 2022 Study of GPT-3 and Contemporary Models

Published in arXiv preprint (arXiv:2509.14271), 2025

A 2022 study of prompt injection and goal hijacking attacks against GPT-3-era models, introducing Adversarial Fine-Tuning as a defense that drove attack success from 31% to near zero on smaller GPT-3 variants.

Recommended citation: Gustavo Sandoval, Denys Fenchenko, and Junyao Chen. (2025). "Early Approaches to Adversarial Fine-Tuning for Prompt Injection Defense: A 2022 Study of GPT-3 and Contemporary Models." arXiv preprint arXiv:2509.14271. https://arxiv.org/abs/2509.14271

Surgical Repair of Insecure Code Generation in LLMs: From Mechanistic Diagnosis to Deployment-Ready Intervention

Published in arXiv preprint (arXiv:2604.16697), 2026

LLMs that write insecure code can often correctly explain the very vulnerability they just introduced — a “Format-Reliability Gap.” We trace this to a single layer and use per-vulnerability steering vectors to cut insecure generation by up to 74%.

Recommended citation: Gustavo Sandoval, Brendan Dolan-Gavitt, and Siddharth Garg. (2026). "Surgical Repair of Insecure Code Generation in LLMs: From Mechanistic Diagnosis to Deployment-Ready Intervention." arXiv preprint arXiv:2604.16697. https://arxiv.org/abs/2604.16697

talks

Talk 1 on Relevant Topic in Your Field

Published: March 01, 2012

This is a description of your talk, which is a markdown files that can be all markdown-ified like any other post. Yay markdown!

Tutorial 1 on Relevant Topic in Your Field

Published: March 01, 2013

More information here

Talk 2 on Relevant Topic in Your Field

Published: February 01, 2014

More information here

Conference Proceeding talk 3 on Relevant Topic in Your Field

Published: March 01, 2014

This is a description of your conference proceedings talk, note the different field in type. You can put anything in this field.

teaching

Teaching experience 2

Workshop, University 1, Department, 2015

This is a description of a teaching experience. You can use markdown like any other post.

Introduction to Operating Systems

Undergraduate course, New York University, Computer Science and Engineering, 2023

This course is an introduction to operating system design and implementation. We study operating systems because they are examples of mature and elegant solutions to a complex design problem: safely and efficiently sharing system resources and providing abstractions helpful to applications.

For the processor, memory, and disks, we discuss how the operating system allocates each resource and explore the design and implementation of related abstractions. We also explore techniques for improving performance and reliability. For example, we discuss scheduling policies for better utilizing the processor, virtual memory techniques for managing memory utilization, and caching techniques for improving disk performance.

Programming assignments using both Assembly and the C programming language will provide hands-on experience implementing core operating system components in a realistic development environment.

Gustavo Sandoval

Sitemap

Pages

Posts

Mechanistic Interpretability as a Security Tool

Prompt Injection, 2022 vs Today: A Retrospective

The Format-Reliability Gap: Diagnosing and Repairing Insecure Code Generation

Does AI Make You Write Insecure Code? A User Study

🛡️ Securing Large Language Models: Adversarial Fine-Tuning Against Prompt Injection

publications

talks

teaching