An Efficient Private GPT Never Autoregressively Decodes

The wide deployment of the generative pre-trained transformer GPT has raised privacy concerns for both clients and servers. While cryptographic primitives can be employed for secure GPT inference to protect the privacy of both parties, they introduce considerable performance overhead.To accelerat...

MicroCrypt Assumptions with Quantum Input Sampling and Pseudodeterminism: Constructions and Separations

Whitepaper called MicroCrypt Assumptions With Quantum Input Sampling And Pseudodeterminism: Constructions And Separations...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from PEBSENABLE not being masked by vCPU value in perf/x86/intel...

Optimal Client Sampling in Federated Learning with Client-Level Heterogeneous Differential Privacy

Federated Learning with client-level differential privacy DP provides a promising framework for collaboratively training models while rigorously protecting clients' privacy. However, classic approaches like DP-FedAvg struggle when clients have heterogeneous privacy requirements, as they must...

From Trade-Off to Synergy: a Versatile Symbiotic Watermarking Framework for Large Language Models

The rise of Large Language Models LLMs has heightened concerns about the misuse of AI-generated text, making watermarking a promising solution. Mainstream watermarking schemes for LLMs fall into two categories: logits-based and sampling-based. However, current schemes entail trade-offs among...

Enhancing IoT Cyber Attack Detection in the Presence of Highly Imbalanced Data

Due to the rapid growth in the number of Internet of Things IoT networks, the cyber risk has increased exponentially, and therefore, we have to develop effective IDS that can work well with highly imbalanced datasets. A high rate of missed threats can be the result, as traditional machine learnin...

Cape: Context-Aware Prompt Perturbation Mechanism with Differential Privacy

Large Language Models LLMs have gained significant popularity due to their remarkable capabilities in text understanding and generation. However, despite their widespread deployment in inference services such as ChatGPT, concerns about the potential leakage of sensitive user data have arisen...

DNS Query Forgery: a Client-Side Defense against Mobile App Traffic Profiling

Mobile applications continuously generate DNS queries that can reveal sensitive user behavioral patterns even when communications are encrypted. This paper presents a privacy enhancement framework based on query forgery to protect users against profiling attempts that leverage these background...

Energy-Efficient NTT Sampler for Kyber Benchmarked on FPGA

Kyber is a lattice-based key encapsulation mechanism selected for standardization by the NIST Post-Quantum Cryptography PQC project. A critical component of Kyber's key generation process is the sampling of matrix elements from a uniform distribution over the ring Rq . This step is one of the mos...

UBUNTU-CVE-2022-49781

In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: Fix crash due to race between amdpmuenableall, perf NMI and throttling amdpmuenableall does: if !testbitidx, cpuc-activemask continue; amdpmuenableeventcpuc-eventsidx; A perf NMI of another event can come between...

Enhancing Leakage Attacks on Searchable Symmetric Encryption Using LLM-Based Synthetic Data Generation

Searchable Symmetric Encryption SSE enables efficient search capabilities over encrypted data, allowing users to maintain privacy while utilizing cloud storage. However, SSE schemes are vulnerable to leakage attacks that exploit access patterns, search frequency, and volume information. Existing...

Performance of Machine Learning Classifiers for Anomaly Detection in Cyber Security Applications

This work empirically evaluates machine learning models on two imbalanced public datasets KDDCUP99 and Credit Card Fraud 2013. The method includes data preparation, model training, and evaluation, using an 80/20 train/test split. Models tested include eXtreme Gradient Boosting XGB, Multi Layer...

Reveal-Or-Obscure: a Differentially Private Sampling Algorithm for Discrete Distributions

We introduce a differentially private DP algorithm called reveal-or-obscure ROO to generate a single representative sample from a dataset of $n$ observations drawn i.i.d. from an unknown discrete distribution $P$. Unlike methods that add explicit noise to the estimated empirical distribution, ROO...

Provable Secure Steganography Based on Adaptive Dynamic Sampling

The security of private communication is increasingly at risk due to widespread surveillance. Steganography, a technique for embedding secret messages within innocuous carriers, enables covert communication over monitored channels. Provably Secure Steganography PSS is state of the art for making...

Improving Statistical Privacy by Subsampling

Differential privacy DP considers a scenario, where an adversary has almost complete information about the entries of a database This worst-case assumption is likely to overestimate the privacy thread for an individual in real life. Statistical privacy SP denotes a setting where only the...

CVE-2025-30657

An Improper Encoding or Escaping of Output vulnerability in the Sampling Route Record Daemon SRRD of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. When a device configured for flow-monitoring receives a specific BGP update message, i...

Juniper Junos OS Vulnerability (JSA96467)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA96467 advisory. - An Improper Encoding or Escaping of Output vulnerability in the Sampling Route Record Daemon SRRD of Juniper Networks Junos OS allows an unauthenticated, network-based...

Linux Distros Unpatched Vulnerability : CVE-2024-57849

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - s390/cpumsf: Handle CPU hotplug remove during sampling CPU hotplug remove handling triggers the following function call sequence: CPUHPAPPERFS390SFONLINE --...

Linux Distros Unpatched Vulnerability : CVE-2019-11091

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Microarchitectural Data Sampling Uncacheable Memory MDSUM: Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated...

CVE-2024-57849

A vulnerability was found in the Linux Kernel. This issue affects performance monitoring on the s390 architecture during specific CPU hotplug scenarios. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteri...