AI Is Not Your Security Stack

There's a debate I keep hearing in security circles: now that large language models like Claude are so capable, do we still need dedicated cybersecurity tools? I understand the appeal of the question. AI can summarize threat reports, help write detection logic, interpret vulnerability advisories,...

CIA+TA Risk Assessment for AI Reasoning Vulnerabilities

As AI systems increasingly influence critical decisions, they face threats that exploit reasoning mechanisms rather than technical infrastructure. We present a framework for cognitive cybersecurity, a systematic protection of AI reasoning processes from adversarial manipulation. Our contributions...

Mitigating Watermark Stealing Attacks in Generative Models Via Multi-Key Watermarking

Watermarking offers a promising solution for GenAI providers to establish the provenance of their generated content. A watermark is a hidden signal embedded in the generated content, whose presence can later be verified using a secret watermarking key. A threat to GenAI providers are \emphwaterma...

Bridging Unsupervised and Semi-Supervised Anomaly Detection: a Theoretically-Grounded and Practical Framework with Synthetic Anomalies

Anomaly detection AD is a critical task across domains such as cybersecurity and healthcare. In the unsupervised setting, an effective and theoretically-grounded principle is to train classifiers to distinguish normal data from synthetic anomalies. We extend this principle to semi-supervised AD,...

What Really Is a Member? Discrediting Membership Inference Via Poisoning

Membership inference tests aim to determine whether a particular data point was included in a language model's training set. However, recent works have shown that such tests often fail under the strict definition of membership based on exact matching, and have suggested relaxing this definition t...

GenAI Security: Outsmarting the Bots with a Proactive Testing Framework

The increasing sophistication and integration of Generative AI GenAI models into diverse applications introduce new security challenges that traditional methods struggle to address. This research explores the critical need for proactive security measures to mitigate the risks associated with...

Comparative Analysis of AI-Driven Security Approaches in DevSecOps: Challenges, Solutions, and Future Directions

The integration of security within DevOps, known as DevSecOps, has gained traction in modern software development to address security vulnerabilities while maintaining agility. Artificial Intelligence AI and Machine Learning ML have been increasingly leveraged to enhance security automation, thre...