Paper Detail

Don't Click That: Teaching Web Agents to Resist Deceptive Interfaces

Yilin Zhang, Yingkai Hua, Chunyu Wei, Xin Wang, Yueguo Chen

Browse

Workflow Queues

arxiv Score 14.8

Published 2026-05-10 · First seen 2026-05-13

Research Track B · General AI

Open paper source

Abstract

Vision-language model (VLM) based web agents demonstrate impressive autonomous GUI interaction but remain vulnerable to deceptive interface elements. Existing approaches either detect deception without task integration or document attacks without proposing defenses. We formalize deception-aware web agent defense and propose DUDE (Deceptive UI Detector & Evaluator), a two-stage framework combining hybrid-reward learning with asymmetric penalties and experience summarization to distill failure patterns into transferable guidance. We introduce RUC (Real UI Clickboxes), a benchmark of 1,407 scenarios spanning four domains and deception categories. Experiments show DUDE reduces deception susceptibility by 53.8% while maintaining task performance, establishing an effective foundation for robust web agent deployment.

Workflow Status

Review status
pending
Role
unreviewed
Read priority
now
Vote
Not set.
Saved
no
Collections
Not filed yet.
Next action
Not filled yet.

Reading Brief

No structured notes yet. Add `summary_sections`, `why_relevant`, `claim_impact`, or `next_action` in `papers.jsonl` to enrich this view.

Why It Surfaced

No ranking explanation is available yet.

Tags

No tags.

Similar Papers

AutoSurfer -- Teaching Web Agents through Comprehensive Surfing, Learning, and Modeling 2026-04-29 · Score 21.9 Research Track B · General AI WebXSkill: Skill Learning for Autonomous Web Agents 2026-04-14 · Score 21.0 Research Track B · General AI AI Planning Framework for LLM-Based Web Agents 2026-03-13 · Score 20.5 Research Track B · General AI Enhancing Web Agents with a Hierarchical Memory Tree 2026-03-07 · Score 23.8 Research Track B · General AI Region4Web: Rethinking Observation Space Granularity for Web Agents 2026-05-08 · Score 22.5 Research Track B · General AI

BibTeX

@article{zhang2026don,
  title = {Don't Click That: Teaching Web Agents to Resist Deceptive Interfaces},
  author = {Yilin Zhang and Yingkai Hua and Chunyu Wei and Xin Wang and Yueguo Chen},
  year = {2026},
  abstract = {Vision-language model (VLM) based web agents demonstrate impressive autonomous GUI interaction but remain vulnerable to deceptive interface elements. Existing approaches either detect deception without task integration or document attacks without proposing defenses. We formalize deception-aware web agent defense and propose DUDE (Deceptive UI Detector \& Evaluator), a two-stage framework combining hybrid-reward learning with asymmetric penalties and experience summarization to distill failure pat},
  url = {https://arxiv.org/abs/2605.09497},
  keywords = {cs.AI, cs.CR},
  eprint = {2605.09497},
  archiveprefix = {arXiv},
}

Metadata

{}