Tab-MIA: a Benchmark Dataset for Membership Inference Attacks on Tabular Data in LLMs

Large language models LLMs are increasingly trained on tabular data, which, unlike unstructured text, often contains personally identifiable information PII in a highly structured and explicit format. As a result, privacy risks arise, since sensitive records can be inadvertently retained by the...

Learning-Based Privacy-Preserving Graph Publishing against Sensitive Link Inference Attacks

Publishing graph data is widely desired to enable a variety of structural analyses and downstream tasks. However, it also potentially poses severe privacy leakage, as attackers may leverage the released graph data to launch attacks and precisely infer private information such as the existence of...

GATEBLEED: Exploiting On-Core Accelerator Power Gating for High Performance and Stealthy Attacks on AI

As power consumption from AI training and inference continues to increase, AI accelerators are being integrated directly into the CPU. Intel's Advanced Matrix Extensions AMX is one such example, debuting on the 4th generation Intel Xeon Scalable CPU. We discover a timing side and covert channel,...

When LLMs Copy to Think: Uncovering Copy-Guided Attacks in Reasoning LLMs

Large Language Models LLMs have become integral to automated code analysis, enabling tasks such as vulnerability detection and code comprehension. However, their integration introduces novel attack surfaces. In this paper, we identify and investigate a new class of prompt-based attacks, termed...

CompLeak: Deep Learning Model Compression Exacerbates Privacy Leakage

Model compression is crucial for minimizing memory storage and accelerating inference in deep learning DL models, including recent foundation models like large language models LLMs. Users can access different compressed model versions according to their resources and budget. However, while existi...

Optimizing Canaries for Privacy Auditing with Metagradient Descent

In this work we study black-box privacy auditing, where the goal is to lower bound the privacy parameter of a differentially private learning algorithm using only the algorithm's outputs i.e., final trained model. For DP-SGD the most successful method for training differentially private deep...

HyDRA: a Hybrid Dual-Mode Network for Closed- and Open-Set RFFI with Optimized VMD

Device recognition is vital for security in wireless communication systems, particularly for applications like access control. Radio Frequency Fingerprint Identification RFFI offers a non-cryptographic solution by exploiting hardware-induced signal distortions. This paper proposes HyDRA, a Hybrid...

FacialMotionID: Identifying Users of Mixed Reality Headsets Using Abstract Facial Motion Representations

Facial motion capture in mixed reality headsets enables real-time avatar animation, allowing users to convey non-verbal cues during virtual interactions. However, as facial motion data constitutes a behavioral biometric, its use raises novel privacy concerns. With mixed reality systems becoming...

LRCTI: a Large Language Model-Based Framework for Multi-Step Evidence Retrieval and Reasoning in Cyber Threat Intelligence Credibility Verification

Verifying the credibility of Cyber Threat Intelligence CTI is essential for reliable cybersecurity defense. However, traditional approaches typically treat this task as a static classification problem, relying on handcrafted features or isolated deep learning models. These methods often lack the...

"Is It Always Watching? Is It Always Listening?" Exploring Contextual Privacy and Security Concerns toward Domestic Social Robots

Equipped with artificial intelligence AI and advanced sensing capabilities, social robots are gaining interest among consumers in the United States. These robots seem like a natural evolution of traditional smart home devices. However, their extensive data collection capabilities, anthropomorphic...

Optimal Debiased Inference on Privatized Data Via Indirect Estimation and Parametric Bootstrap

We design a debiased parametric bootstrap framework for statistical inference from differentially private data. Existing usage of the parametric bootstrap on privatized data ignored or avoided handling the effect of clamping, a technique employed by the majority of privacy mechanisms. Ignoring th...

Accelerating Automatic Program Repair with Dual Retrieval-Augmented Fine-Tuning and Patch Generation on Large Language Models

Automated Program Repair APR is essential for ensuring software reliability and quality while enhancing efficiency and reducing developers' workload. Although rule-based and learning-based APR methods have demonstrated their effectiveness, their performance was constrained by the defect type of...

HASSLE: a Self-Supervised Learning Enhanced Hijacking Attack on Vertical Federated Learning

Vertical Federated Learning VFL enables an orchestrating active party to perform a machine learning task by cooperating with passive parties that provide additional task-related features for the same training data entities. While prior research has leveraged the privacy vulnerability of VFL to...

Split Happens: Combating Advanced Threats with Split Learning and Function Secret Sharing

Split Learning SL -- splits a model into two distinct parts to help protect client data while enhancing Machine Learning ML processes. Though promising, SL has proven vulnerable to different attacks, thus raising concerns about how effective it may be in terms of data privacy. Recent works have...

Secure and Efficient UAV-Based Face Detection Via Homomorphic Encryption and Edge Computing

This paper aims to propose a novel machine learning ML approach incorporating Homomorphic Encryption HE to address privacy limitations in Unmanned Aerial Vehicles UAV-based face detection. Due to challenges related to distance, altitude, and face orientation, high-resolution imagery and...

Securing Transformer-Based AI Execution Via Unified TEEs and Crypto-Protected Accelerators

Recent advances in Transformer models, e.g., large language models LLMs, have brought tremendous breakthroughs in various artificial intelligence AI tasks, leading to their wide applications in many security-critical domains. Due to their unprecedented scale and prohibitively high development cos...

Entangled Threats: a Unified Kill Chain Model for Quantum Machine Learning Security

Quantum Machine Learning QML systems inherit vulnerabilities from classical machine learning while introducing new attack surfaces rooted in the physical and algorithmic layers of quantum computing. Despite a growing body of research on individual attack vectors - ranging from adversarial poisoni...

CVE-2025-53630

llama.cpp is an inference of several LLM models in C/C++. Integer Overflow in the ggufinitfromfileimpl function in ggml/src/gguf.cpp can lead to Heap Out-of-Bounds Read/Write. This vulnerability is fixed in commit 26a48ad699d50b6268900062661bd22f3e792579...

Unifying Re-Identification, Attribute Inference, and Data Reconstruction Risks in Differential Privacy

Differentially private DP mechanisms are difficult to interpret and calibrate because existing methods for mapping standard privacy parameters to concrete privacy risks -- re-identification, attribute inference, and data reconstruction -- are both overly pessimistic and inconsistent. In this work...

SUSE CVE-2024-36350

A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information...