SoK: a Systematic Review of Context- and Behavior-Aware Adaptive Authentication in Mobile Environments

As mobile computing becomes central to digital interaction, researchers have turned their attention to adaptive authentication for its real-time, context- and behavior-aware verification capabilities. However, many implementations remain fragmented, inconsistently apply intelligent techniques, an...

ML-Enhanced AES Anomaly Detection for Real-Time Embedded Security

Advanced Encryption Standard AES is a widely adopted cryptographic algorithm, yet its practical implementations remain susceptible to side-channel and fault injection attacks. In this work, we propose a comprehensive framework that enhances AES-128 encryption security through controlled anomaly...

Human-Centered Interactive Anonymization for Privacy-Preserving Machine Learning: a Case for Human-Guided K-Anonymity

Privacy-preserving machine learning ML seeks to balance data utility and privacy, especially as regulations like the GDPR mandate the anonymization of personal data for ML applications. Conventional anonymization approaches often reduce data utility due to indiscriminate generalization or...

Adversarial Threats in Quantum Machine Learning: a Survey of Attacks and Defenses

Quantum Machine Learning QML integrates quantum computing with classical machine learning, primarily to solve classification, regression and generative tasks. However, its rapid development raises critical security challenges in the Noisy Intermediate-Scale Quantum NISQ era. This chapter examines...

Microsoft Azure Machine Learning Environments Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Azure. Authentication is not required to exploit this vulnerability. The specific flaw exists within Azure Machine Learning Environments. The issue results from predictable...

A Hybrid Intrusion Detection System with a New Approach to Protect the Cybersecurity of Cloud Computing

Cybersecurity is one of the foremost challenges facing the world of cloud computing. Recently, the widespread adoption of smart devices in cloud computing environments that provide Internet-based services has become prevalent. Therefore, it is essential to consider the security threats in these...

KnowML: Improving Generalization of ML-NIDS with Attack Knowledge Graphs

Despite extensive research on Machine Learning-based Network Intrusion Detection Systems ML-NIDS, their capability to detect diverse attack variants remains uncertain. Prior studies have largely relied on homogeneous datasets, which artificially inflate performance scores and offer a false sense ...

PhishingHook: Catching Phishing Ethereum Smart Contracts Leveraging EVM Opcodes

The Ethereum Virtual Machine EVM is a decentralized computing engine. It enables the Ethereum blockchain to execute smart contracts and decentralized applications dApps. The increasing adoption of Ethereum sparked the rise of phishing activities. Phishing attacks often target users through...

Google Adds Multi-Layered Defenses to Secure GenAI from Prompt Injection Attacks

Google has revealed the various safety measures that are being incorporated into its generative artificial intelligence AI systems to mitigate emerging attack vectors like indirect prompt injections and improve the overall security posture for agentic AI systems. "Unlike direct prompt injections,...

Towards Provable (In)Secure Model Weight Release Schemes

Recent secure weight release schemes claim to enable open-source model distribution while protecting model ownership and preventing misuse. However, these approaches lack rigorous security foundations and provide only informal security guarantees. Inspired by established works in cryptography, we...

Intelligent ARP Spoofing Detection Using Multi-Layered Machine Learning (ML) Techniques for IoT Networks

Address Resolution Protocol ARP spoofing remains a critical threat to IoT networks, enabling attackers to intercept, modify, or disrupt data transmission by exploiting ARP's lack of authentication. The decentralized and resource-constrained nature of IoT environments amplifies this vulnerability,...

Beyond Laplace and Gaussian: Exploring the Generalized Gaussian Mechanism for Private Machine Learning

Differential privacy DP is obtained by randomizing a data analysis algorithm, which necessarily introduces a tradeoff between its utility and privacy. Many DP mechanisms are built upon one of two underlying tools: Laplace and Gaussian additive noise mechanisms. We expand the search space of...

Quantum Machine Learning

The meteoric rise of artificial intelligence in recent years has seen machine learning methods become ubiquitous in modern science, technology, and industry. Concurrently, the emergence of programmable quantum computers, coupled with the expectation that large-scale fault-tolerant machines will...

Differential Privacy in Machine Learning: from Symbolic AI to LLMs

Machine learning models should not reveal particular information that is not otherwise accessible. Differential privacy provides a formal framework to mitigate privacy risks by ensuring that the inclusion or exclusion of any single data point does not significantly alter the output of an algorith...

Systems-Theoretic and Data-Driven Security Analysis in ML-enabled Medical Devices

The integration of AI/ML into medical devices is rapidly transforming healthcare by enhancing diagnostic and treatment facilities. However, this advancement also introduces serious cybersecurity risks due to the use of complex and often opaque models, extensive interconnectivity, interoperability...

A Comprehensive Survey on Underwater Acoustic Target Positioning and Tracking: Progress, Challenges, and Perspectives

Underwater target tracking technology plays a pivotal role in marine resource exploration, environmental monitoring, and national defense security. Given that acoustic waves represent an effective medium for long-distance transmission in aquatic environments, underwater acoustic target tracking h...

Offensive Robot Cybersecurity

Offensive Robot Cybersecurity introduces a groundbreaking approach by advocating for offensive security methods empowered by means of automation. It emphasizes the necessity of understanding attackers' tactics and identifying vulnerabilities in advance to develop effective defenses, thereby...

Busting the Paper Ballot: Voting Meets Adversarial Machine Learning

We show the security risk associated with using machine learning classifiers in United States election tabulators. The central classification task in election tabulation is deciding whether a mark does or does not appear on a bubble associated to an alternative in a contest on the ballot. Barrett...

Human-Centred AI in FinTech: Developing a User Experience (UX) Research Point of View (PoV) Playbook

Advancements in Artificial Intelligence AI have significantly transformed the financial industry, enabling the development of more personalized and adaptable financial products and services. This research paper explores various instances where Human-Centred AI HCAI has facilitated these...

A Common Pool of Privacy Problems: Legal and Technical Lessons from a Large-Scale Web-Scraped Machine Learning Dataset

We investigate the contents of web-scraped data for training AI systems, at sizes where human dataset curators and compilers no longer manually annotate every sample. Building off of prior privacy concerns in machine learning models, we ask: What are the legal privacy implications of web-scraped...