5 matches found
High-Precision APT Malware Attribution with Out-Of-Scope Resilience
Early attribution of Advanced Persistent Threat APT activity can help defenders prioritise investigation, select countermeasures, and reduce the impact of an intrusion. Malware provides useful attribution evidence, but automated APT malware attribution remains difficult in practice. Existing...
On the Necessity of Pre-Agreed Secrets for Thwarting Last-Minute Coercion: Vulnerabilities and Lessons from the Loki E-Voting Protocol
Coercion-resistance CR is a crucial security property in e-voting systems. It ensures that an attacker cannot compel a voter to vote in a specific way by using threats or rewards. The Loki e-voting protocol, proposed by Giustolisi \emphet al. at IEEE S&P 2024, introduces a novel design that...
Hallucination-Resistant Security Planning with a Large Language Model
Large language models LLMs are promising tools for supporting security management tasks, such as incident response planning. However, their unreliability and tendency to hallucinate remain significant challenges. In this paper, we address these challenges by introducing a principled framework for...
ReGAIN: Retrieval-Grounded AI Framework for Network Traffic Analysis
Modern networks generate vast, heterogeneous traffic that must be continuously analyzed for security and performance. Traditional network traffic analysis systems, whether rule-based or machine learning-driven, often suffer from high false positives and lack interpretability, limiting analyst...
Confidential Guardian: Cryptographically Prohibiting the Abuse of Model Abstention
Cautious predictions -- where a machine learning model abstains when uncertain -- are crucial for limiting harmful errors in safety-critical applications. In this work, we identify a novel threat: a dishonest institution can exploit these mechanisms to discriminate or unjustly deny services under...