RepuNet: a Reputation System for Mitigating Malicious Clients in DFL

Decentralized Federated Learning DFL enables nodes to collaboratively train models without a central server, introducing new vulnerabilities since each node independently selects peers for model aggregation. Malicious nodes may exploit this autonomy by sending corrupted models model poisoning,...

Privacy-Preserving Federated Learning against Malicious Clients Based on Verifiable Functional Encryption

Federated learning is a promising distributed learning paradigm that enables collaborative model training without exposing local client data, thereby protect data privacy. However, it also brings new threats and challenges. The advancement of model inversion attacks has rendered the plaintext...

EBS-CFL: Efficient and Byzantine-robust Secure Clustered Federated Learning

Despite federated learning FL's potential in collaborative learning, its performance has deteriorated due to the data heterogeneity of distributed users. Recently, clustered federated learning CFL has emerged to address this challenge by partitioning users into clusters according to their...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: bnxten: Fixed the receive ring space parameters when XDP is active. The MTU setting at the time a XDP multi-buffer is attached determines whether the aggregation ring will be used and the rxskbfunc handler. This is done in...

FicGCN: Unveiling the Homomorphic Encryption Efficiency from Irregular Graph Convolutional Networks

Graph Convolutional Neural Networks GCNs have gained widespread popularity in various fields like personal healthcare and financial systems, due to their remarkable performance. Despite the growing demand for cloud-based GCN services, privacy concerns over sensitive graph data remain significant...

Byzantine Outside, Curious Inside: Reconstructing Data through Malicious Updates

Federated learning FL enables decentralized machine learning without sharing raw data, allowing multiple clients to collaboratively learn a global model. However, studies reveal that privacy leakage is possible under commonly adopted FL protocols. In particular, a server with access to client...

cn.herodotus.engine:message-spring-boot-starter (>=2.7.3.4 <=3.0.0-M2), com.airbus-cyber-security.graylog:graylog-plugin-aggregation-count (>=4.0.0 <=4.1.1) +179 more potentially affected by CVE-2025-27819 via org.apache.kafka:kafka_2.13 (>=2.4.0 <=3.3.2)

org.apache.kafka:kafka2.13 MAVEN version =2.4.0, =2.7.3.4, =4.0.0, =4.0.0, =4.0.0, =4.0.1, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =1.0.0, =1.2.0 - com.cerner.c...

SecEmb: Sparsity-Aware Secure Federated Learning of On-Device Recommender System with Large Embedding

Federated recommender system FedRec has emerged as a solution to protect user data through collaborative training techniques. A typical FedRec involves transmitting the full model and entire weight updates between edge devices and the server, causing significant burdens to devices with limited...

Network Hexagons under Attack: Secure Crowdsourcing of Geo-Referenced Data

A critical requirement for modern-day Intelligent Transportation Systems ITS is the ability to collect geo-referenced data from connected vehicles and mobile devices in a safe, secure and anonymous way. The Nexagon protocol, which builds on the IETF Locator/ID Separation Protocol LISP and the...

Client-Side Zero-Shot LLM Inference for Comprehensive In-Browser URL Analysis

Malicious websites and phishing URLs pose an ever-increasing cybersecurity risk, with phishing attacks growing by 40% in a single year. Traditional detection approaches rely on machine learning classifiers or rule-based scanners operating in the cloud, but these face significant challenges in...

Clustering and Median Aggregation Improve Differentially Private Inference

Differentially private DP language model inference is an approach for generating private synthetic text. A sensitive input example is used to prompt an off-the-shelf large language model LLM to produce a similar example. Multiple examples can be aggregated together to formally satisfy the DP...

Secure and Private Federated Learning: Achieving Adversarial Resilience through Robust Aggregation

Federated Learning FL enables collaborative machine learning across decentralized data sources without sharing raw data. It offers a promising approach to privacy-preserving AI. However, FL remains vulnerable to adversarial threats from malicious participants, referred to as Byzantine clients, wh...

SHE-LoRA: Selective Homomorphic Encryption for Federated Tuning with Heterogeneous LoRA

Federated fine-tuning of large language models LLMs is critical for improving their performance in handling domain-specific tasks. However, prior work has shown that clients' private data can actually be recovered via gradient inversion attacks. Existing privacy preservation techniques against su...

VideoMarkBench: Benchmarking Robustness of Video Watermarking

The rapid development of video generative models has led to a surge in highly realistic synthetic videos, raising ethical concerns related to disinformation and copyright infringement. Recently, video watermarking has been proposed as a mitigation strategy by embedding invisible marks into...

Zero-Trust Foundation Models: a New Paradigm for Secure and Collaborative Artificial Intelligence for Internet of Things

This paper focuses on Zero-Trust Foundation Models ZTFMs, a novel paradigm that embeds zero-trust security principles into the lifecycle of foundation models FMs for Internet of Things IoT systems. By integrating core tenets, such as continuous verification, least privilege access LPA, data...

CVE-2013-1167

Cisco IOS XE 3.2 through 3.4 before 3.4.2S, and 3.5, on 1000 series Aggregation Services Routers ASR, when bridge domain interface BDI is enabled, allows remote attackers to cause a denial of service card reload via packets that are not properly handled during the processing of encapsulation, aka...

CVE-2013-2779

Cisco IOS XE 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers ASR does not properly implement the Cisco Multicast Leaf Recycle Elimination MLRE feature, which allows remote attackers to cause a denial of service card reload via fragmented IPv6 MVPN...

Privacy-Aware Cyberterrorism Network Analysis Using Graph Neural Networks and Federated Learning

Cyberterrorism poses a formidable threat to digital infrastructures, with increasing reliance on encrypted, decentralized platforms that obscure threat actor activity. To address the challenge of analyzing such adversarial networks while preserving the privacy of distributed intelligence data, we...

FedGraM: Defending against Untargeted Attacks in Federated Learning Via Embedding Gram Matrix

Federated Learning FL enables geographically distributed clients to collaboratively train machine learning models by sharing only their local models, ensuring data privacy. However, FL is vulnerable to untargeted attacks that aim to degrade the global model's performance on the underlying data...

SVAFD: a Secure and Verifiable Co-Aggregation Protocol for Federated Distillation

Secure Aggregation SA is an indispensable component of Federated Learning FL that concentrates on privacy preservation while allowing for robust aggregation. However, most SA designs rely heavily on the unrealistic assumption of homogeneous model architectures. Federated Distillation FD, which...