SHIELD: a Secure and Highly Enhanced Integrated Learning for Robust Deepfake Detection against Adversarial Attacks

Audio plays a crucial role in applications like speaker verification, voice-enabled smart devices, and audio conferencing. However, audio manipulations, such as deepfakes, pose significant risks by enabling the spread of misinformation. Our empirical analysis reveals that existing methods for...

How to Mitigate and Defend against DDoS Attacks in IoT Devices

Distributed Denial of Service DDoS attacks have become increasingly prevalent and dangerous in the context of Internet of Things IoT networks, primarily due to the low-security configurations of many connected devices. This paper analyzes the nature and impact of DDoS attacks such as those launch...

A Crowdsensing Intrusion Detection Dataset for Decentralized Federated Learning Models

This paper introduces a dataset and experimental study for decentralized federated learning DFL applied to IoT crowdsensing malware detection. The dataset comprises behavioral records from benign and eight malware families. A total of 21,582,484 original records were collected from system calls,...

A Distributed Generative AI Approach for Heterogeneous Multi-Domain Environments under Data Sharing Constraints

Federated Learning has gained increasing attention for its ability to enable multiple nodes to collaboratively train machine learning models without sharing their raw data. At the same time, Generative AI -- particularly Generative Adversarial Networks GANs -- have achieved remarkable success...

A Bayesian Incentive Mechanism for Poison-Resilient Federated Learning

Federated learning FL enables collaborative model training across decentralized clients while preserving data privacy. However, its open-participation nature exposes it to data-poisoning attacks, in which malicious actors submit corrupted model updates to degrade the global model. Existing defens...

Thought Purity: Defense Paradigm for Chain-Of-Thought Attack

While reinforcement learning-trained Large Reasoning Models LRMs, e.g., Deepseek-R1 demonstrate advanced reasoning capabilities in the evolving Large Language Models LLMs domain, their susceptibility to security threats remains a critical vulnerability. This weakness is particularly evident in...

A Privacy-Preserving Framework for Advertising Personalization Incorporating Federated Learning and Differential Privacy

To mitigate privacy leakage and performance issues in personalized advertising, this paper proposes a framework that integrates federated learning and differential privacy. The system combines distributed feature extraction, dynamic privacy budget allocation, and robust model aggregation to balan...

Expanding ML-Documentation Standards for Better Security

This article presents the current state of ML-security and of the documentation of ML-based systems, models and datasets in research and practice based on an extensive review of the existing literature. It shows a generally low awareness of security aspects among ML-practitioners and organization...

Learning-Based Cost-Aware Defense of Parallel Server Systems against Malicious Attacks

We consider the cyber-physical security of parallel server systems, which is relevant for a variety of engineering applications such as networking, manufacturing, and transportation. These systems rely on feedback control and may thus be vulnerable to malicious attacks such as denial-of-service,...

Safeguarding Federated Learning-Based Road Condition Classification

Federated Learning FL has emerged as a promising solution for privacy-preserving autonomous driving, specifically camera-based Road Condition Classification RCC systems, harnessing distributed sensing, computing, and communication resources on board vehicles without sharing sensitive image data...

Split Happens: Combating Advanced Threats with Split Learning and Function Secret Sharing

Split Learning SL -- splits a model into two distinct parts to help protect client data while enhancing Machine Learning ML processes. Though promising, SL has proven vulnerable to different attacks, thus raising concerns about how effective it may be in terms of data privacy. Recent works have...

DNS Tunneling: Threat Landscape and Improved Detection Solutions

Detecting Domain Name System DNS tunneling is a significant challenge in security due to its capacity to hide harmful actions within DNS traffic that appears to be normal and legitimate. Traditional detection methods are based on rule-based approaches or signature matching methods that are often...

HASSLE: a Self-Supervised Learning Enhanced Hijacking Attack on Vertical Federated Learning

Vertical Federated Learning VFL enables an orchestrating active party to perform a machine learning task by cooperating with passive parties that provide additional task-related features for the same training data entities. While prior research has leveraged the privacy vulnerability of VFL to...

Differentially Private Federated Low Rank Adaptation beyond Fixed-Matrix

Large language models LLMs typically require fine-tuning for domain-specific tasks, and LoRA offers a computationally efficient approach by training low-rank adapters. LoRA is also communication-efficient for federated LLMs when multiple users collaboratively fine-tune a global LLM model without...

Reporte De Vulnerabilidades En IIoT. Proyecto DEFENDER

The main objective of this technical report is to conduct a comprehensive study on devices operating within Industrial Internet of Things IIoT environments, describing the scenarios that define this category and analysing the vulnerabilities that compromise their security. To this end, the report...

BandFuzz: an ML-Powered Collaborative Fuzzing Framework

Collaborative fuzzing has recently emerged as a technique that combines multiple individual fuzzers and dynamically chooses the appropriate combinations suited for different programs. Unlike individual fuzzers, which rely on specific assumptions to maintain their effectiveness, collaborative...

Contrastive-KAN: a Semi-Supervised Intrusion Detection Framework for Cybersecurity with Scarce Labeled Data

In the era of the Fourth Industrial Revolution, cybersecurity and intrusion detection systems are vital for the secure and reliable operation of IoT and IIoT environments. A key challenge in this domain is the scarcity of labeled cyber-attack data, as most industrial systems operate under normal...

PLA: Prompt Learning Attack against Text-To-Image Generative Models

Text-to-Image T2I models have gained widespread adoption across various applications. Despite the success, the potential misuse of T2I models poses significant risks of generating Not-Safe-For-Work NSFW content. To investigate the vulnerability of T2I models, this paper delves into adversarial...

EventHunter: Dynamic Clustering and Ranking of Security Events from Hacker Forum Discussions

Hacker forums provide critical early warning signals for emerging cybersecurity threats, but extracting actionable intelligence from their unstructured and noisy content remains a significant challenge. This paper presents an unsupervised framework that automatically detects, clusters, and...

CLIProv: a Contrastive Log-To-Intelligence Multimodal Approach for Threat Detection and Provenance Analysis

With the increasing complexity of cyberattacks, the proactive and forward-looking nature of threat intelligence has become more crucial for threat detection and provenance analysis. However, translating high-level attack patterns described in Tactics, Techniques, and Procedures TTP intelligence...