I am pursuing a BS in Cybersecurity Analytics & Operations at Penn State World Campus, following postgraduate research at INRTU on neural networks for industrial control systems. My research looks at behavioral drift under poisoning attacks — how systems degrade under repeated adversarial pressure over many turns or long uptimes, across LLM agent pipelines.

Highlights

  • Published RIPA, the first large-sample (n≥100) study of sensory-vector prompt injection on LLM-controlled ROS 2 robots, spanning visual, audio, and LiDAR injection channels across five models.
  • Published Dynamic Separator Generation with Prof. Peng Liu, closing the pool-reuse blast radius in Polymorphic Prompt Assembling.
  • Developing MCPDrift, a multi-turn behavioral drift benchmark for MCP agents under tool poisoning.

Papers

Strengthening Polymorphic Prompt Assembling: Dynamic Separator Generation Against Emerging Prompt Injection Attacks
N. Dorzhiev, P. Liu
arXiv, 2026  [pdf][code]
RIPA: Sensory-Vector Prompt Injection Attacks on LLM-Controlled ROS 2 Robots
N. Dorzhiev
arXiv, 2026  [pdf] [code]
Requirements for a Neural Network in the Gold Desorption Process from Active Carbons
N. Dorzhiev, V. Elshin
Proc. Conf. on Prospects for the Development of Hydrocarbon and Mineral Processing Technology, pp. 244–247, 2022
Review and Application of Artificial Intelligence Methods in Optimal Control Systems for Metallurgical Processes
N. Dorzhiev, V. Elshin
Proc. Conf. on Prospects for the Development of Hydrocarbon and Mineral Processing Technology, pp. 194–198, 2021

Projects

MCPDrift in progress

A security benchmark measuring how MCP agents degrade across a conversation under repeated tool-poisoning attempts, targeting the multi-turn gap in existing single-turn benchmarks.

Desorption AI Completed

A project for using neural networks in automatizaion of gold desorption process.

Research focus

Most defenses evaluate a single injected prompt against a single response. In practice, agents run for many turns and cyber-physical systems run for long uptimes — a payload that fails once doesn't disappear, it sits in context or in a sensor stream and compounds. That accumulation is the throughline across two projects that don't usually share a literature: agentic tool-poisoning drift (MCPDrift) and using AI in SCADA systems.