Towards Classifying Benign and Malicious Packages Using Machine Learning

Recently, the number of malicious open-source packages in package repositories has been increasing dramatically. While major security scanners focus on identifying known Common Vulnerabilities and Exposures CVEs in open-source packages, there are very few studies on detecting malicious packages...

Adaptive Dual-Layer Web Application Firewall (ADL-WAF) Leveraging Machine Learning for Enhanced Anomaly and Threat Detection

Web Application Firewalls are crucial for protecting web applications against a wide range of cyber threats. Traditional Web Application Firewalls often struggle to effectively distinguish between malicious and legitimate traffic, leading to limited efficacy in threat detection. To overcome these...

How Worrying Are Privacy Attacks against Machine Learning?

In several jurisdictions, the regulatory framework on the release and sharing of personal data is being extended to machine learning ML. The implicit assumption is that disclosing a trained ML model entails a privacy risk for any personal data used in training comparable to directly releasing tho...

Slice-Aware Spoofing Detection in 5G Networks Using Lightweight Machine Learning

The increasing virtualization of fifth generation 5G networks expands the attack surface of the user plane, making spoofing a persistent threat to slice integrity and service reliability. This study presents a slice-aware lightweight machine-learning framework for detecting spoofing attacks withi...

Endpoint Security Agent: A Comprehensive Approach to Real-Time System Monitoring and Threat Detection

As cyber threats continue to evolve in complexity and frequency, robust endpoint protection is essential for organizational security. This paper presents "Endpoint Security Agent: A Comprehensive Approach to Real-time System Monitoring and Threat Detection" a modular, real-time security solution...

A Secured Intent-Based Networking (SIBN) with Data-Driven Time-Aware Intrusion Detection

While Intent-Based Networking IBN promises operational efficiency through autonomous and abstraction-driven network management, a critical unaddressed issue lies in IBN's implicit trust in the integrity of intent ingested by the network. This inherent assumption of data reliability creates a blin...

Automated and Explainable Denial of Service Analysis for AI-Driven Intrusion Detection Systems

With the increasing frequency and sophistication of Distributed Denial of Service DDoS attacks, it has become critical to develop more efficient and interpretable detection methods. Traditional detection systems often struggle with scalability and transparency, hindering real-time response and...

Adversarially Robust and Interpretable Magecart Malware Detection

Magecart skimming attacks have emerged as a significant threat to client-side security and user trust in online payment systems. This paper addresses the challenge of achieving robust and explainable detection of Magecart attacks through a comparative study of various Machine Learning ML models...

WordPress OOPSpam Anti-Spam plugin IP Header Forgery Vulnerability

WordPress OOPSpam Anti-Spam plugin is an anti-spam plugin designed for WordPress that protects forms and comments from spam through AI and machine learning techniques without the use of CAPTCHA validation. The WordPress OOPSpam Anti-Spam plugin suffers from an IP header forgery vulnerability that...

SHIELD: Securing Healthcare IoT with Efficient Machine Learning Techniques for Anomaly Detection

The integration of IoT devices in healthcare introduces significant security and reliability challenges, increasing susceptibility to cyber threats and operational anomalies. This study proposes a machine learning-driven framework for 1 detecting malicious cyberattacks and 2 identifying faulty...

Machine and Deep Learning for Indoor UWB Jammer Localization

Ultra-wideband UWB localization delivers centimeter-scale accuracy but is vulnerable to jamming attacks, creating security risks for asset tracking and intrusion detection in smart buildings. Although machine learning ML and deep learning DL methods have improved tag localization, localizing...

Detecting Vulnerabilities from Issue Reports for Internet-Of-Things

Timely identification of issue reports reflecting software vulnerabilities is crucial, particularly for Internet-of-Things IoT where analysis is slower than non-IoT systems. While Machine Learning ML and Large Language Models LLMs detect vulnerability-indicating issues in non-IoT systems, their I...

Android Malware Detection: A Machine Learning Approach

This study examines machine learning techniques like Decision Trees, Support Vector Machines, Logistic Regression, Neural Networks, and ensemble methods to detect Android malware. The study evaluates these models on a dataset of Android applications and analyzes their accuracy, efficiency, and...

MH-1M: A 1.34 Million-Sample Comprehensive Multi-Feature Android Malware Dataset for Machine Learning, Deep Learning, Large Language Models, and Threat Intelligence Research

We present MH-1M, one of the most comprehensive and up-to-date datasets for advanced Android malware research. The dataset comprises 1,340,515 applications, encompassing a wide range of features and extensive metadata. To ensure accurate malware classification, we employ the VirusTotal API,...

EUVD-2025-36706

MLflow Weak Password Requirements Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of MLflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of passwords...

An In-Depth Analysis of Cyber Attacks in Secured Platforms

There is an increase in global malware threats. To address this, an encryption-type ransomware has been introduced on the Android operating system. The challenges associated with malicious threats in phone use have become a pressing issue in mobile communication, disrupting user experiences and...

The Attribution Story of WhisperGate: An Academic Perspective

This paper explores the challenges of cyberattack attribution, specifically APTs, applying the case study approach for the WhisperGate cyber operation of January 2022 executed by the Russian military intelligence service GRU and targeting Ukrainian government entities. The study provides a detail...

A Hard-Label Black-Box Evasion Attack against ML-Based Malicious Traffic Detection Systems

Machine Learning ML-based malicious traffic detection is a promising security paradigm. It outperforms rule-based traditional detection by identifying various advanced attacks. However, the robustness of these ML models is largely unexplored, thereby allowing attackers to craft adversarial traffi...

Injection, Attack and Erasure: Revocable Backdoor Attacks Via Machine Unlearning

Backdoor attacks pose a persistent security risk to deep neural networks DNNs due to their stealth and durability. While recent research has explored leveraging model unlearning mechanisms to enhance backdoor concealment, existing attack strategies still leave persistent traces that may be detect...

New Machine Learning Approaches for Intrusion Detection in ADS-B

With the growing reliance on the vulnerable Automatic Dependent Surveillance-Broadcast ADS-B protocol in air traffic management ATM, ensuring security is critical. This study investigates emerging machine learning models and training strategies to improve AI-based intrusion detection systems IDS...