$AutoGuardX$: a Comprehensive Cybersecurity Framework for Connected Vehicles

The rapid integration of Internet of Things IoT and interconnected systems in modern vehicles not only introduced a new era of convenience, automation, and connected vehicles but also elevated their exposure to sophisticated cyber threats. This is especially evident in US and Canada, where...

A Comprehensive Review of Denial of Wallet Attacks in Serverless Architectures

The Denial of Wallet DoW attack poses a unique and growing threat to serverless architectures that rely on Function-as-a-Service FaaS models, exploiting the cost structure of pay-as-you-go billing to financially burden application owners. Unlike traditional Denial of Service DoS attacks, which ai...

Adaptive Anomaly Detection in Evolving Network Environments

Distribution shift, a change in the statistical properties of data over time, poses a critical challenge for deep learning anomaly detection systems. Existing anomaly detection systems often struggle to adapt to these shifts. Specifically, systems based on supervised learning require costly manua...

Addressing Side-Channel Threats in Quantum Key Distribution Via Deep Anomaly Detection

Traditional countermeasures against security side channels in quantum key distribution QKD systems often suffer from poor compatibility with deployed infrastructure, the risk of introducing new vulnerabilities, and limited applicability to specific types of attacks. In this work, we propose an...

Causal Graph Profiling Via Structural Divergence for Robust Anomaly Detection in Cyber-Physical Systems

With the growing complexity of cyberattacks targeting critical infrastructures such as water treatment networks, there is a pressing need for robust anomaly detection strategies that account for both system vulnerabilities and evolving attack patterns. Traditional methods -- statistical,...

Generative AI for Cybersecurity of Energy Management Systems: Methods, Challenges, and Future Directions

This paper elaborates on an extensive security framework specifically designed for energy management systems EMSs, which effectively tackles the dynamic environment of cybersecurity vulnerabilities and/or system problems SPs, accomplished through the incorporation of novel methodologies. A...

Generative AI for Critical Infrastructure in Smart Grids: a Unified Framework for Synthetic Data Generation and Anomaly Detection

In digital substations, security events pose significant challenges to the sustained operation of power systems. To mitigate these challenges, the implementation of robust defense strategies is critically important. A thorough process of anomaly identification and detection in information and...

Membership Inference Attack with Partial Features

Machine learning models have been shown to be susceptible to membership inference attack, which can be used to determine whether a given sample appears in the training data. Existing membership inference methods commonly assume that the adversary has full access to the features of the target...

Log2Sig: Frequency-Aware Insider Threat Detection Via Multivariate Behavioral Signal Decomposition

Insider threat detection presents a significant challenge due to the deceptive nature of malicious behaviors, which often resemble legitimate user operations. However, existing approaches typically model system logs as flat event sequences, thereby failing to capture the inherent frequency dynami...

MambaITD: an Efficient Cross-Modal Mamba Network for Insider Threat Detection

Enterprises are facing increasing risks of insider threats, while existing detection methods are unable to effectively address these challenges due to reasons such as insufficient temporal dynamic feature modeling, computational efficiency and real-time bottlenecks and cross-modal information...

GUARD-CAN: Graph-Understanding and Recurrent Architecture for CAN Anomaly Detection

Modern in-vehicle networks face various cyber threats due to the lack of encryption and authentication in the Controller Area Network CAN. To address this security issue, this paper presents GUARD-CAN, an anomaly detection framework that combines graph-based representation learning with time-seri...

WBHT: a Generative Attention Architecture for Detecting Black Hole Anomalies in Backbone Networks

We propose the Wasserstein Black Hole Transformer WBHT framework for detecting black hole BH anomalies in communication networks. These anomalies cause packet loss without failure notifications, disrupting connectivity and leading to financial losses. WBHT combines generative modeling, sequential...

Kerberoasting Detections: A New Approach to a Decade-Old Challenge

Security experts have been talking about Kerberoasting for over a decade, yet this attack continues to evade typical defense methods. Why? It's because existing detections rely on brittle heuristics and static rules, which don't hold up for detecting potential attack patterns in highly variable...

Multi-Stage Prompt Inference Attacks on Enterprise LLM Systems

Large Language Models LLMs deployed in enterprise settings e.g., as Microsoft 365 Copilot face novel security challenges. One critical threat is prompt inference attacks: adversaries chain together seemingly benign prompts to gradually extract confidential data. In this paper, we present a...

A Privacy-Preserving Framework for Advertising Personalization Incorporating Federated Learning and Differential Privacy

To mitigate privacy leakage and performance issues in personalized advertising, this paper proposes a framework that integrates federated learning and differential privacy. The system combines distributed feature extraction, dynamic privacy budget allocation, and robust model aggregation to balan...

Key Takeaways from the Take Command Summit 2025: Outpacing the Adversary – Red Teaming in a Complex Threat Landscape

The evolving complexity of modern infrastructures calls for more than traditional pen testing. In this session from the Take Command 2025 Virtual Cybersecurity Summit, red team experts shared how organizations are using continuous testing to outpace attackers — and better prepare their teams to...

IThermTroj: Exploiting Intermittent Thermal Trojans in Multi-Processor System-On-Chips

Thermal Trojan attacks present a pressing concern for the security and reliability of System-on-Chips SoCs, especially in mobile applications. The situation becomes more complicated when such attacks are more evasive and operate sporadically to stay hidden from detection mechanisms. In this paper...

SoK: a Systematic Review of Context- and Behavior-Aware Adaptive Authentication in Mobile Environments

As mobile computing becomes central to digital interaction, researchers have turned their attention to adaptive authentication for its real-time, context- and behavior-aware verification capabilities. However, many implementations remain fragmented, inconsistently apply intelligent techniques, an...

ML-Enhanced AES Anomaly Detection for Real-Time Embedded Security

Advanced Encryption Standard AES is a widely adopted cryptographic algorithm, yet its practical implementations remain susceptible to side-channel and fault injection attacks. In this work, we propose a comprehensive framework that enhances AES-128 encryption security through controlled anomaly...

GNSS Spoofing Detection Based on Opportunistic Position Information

The limited or no protection for civilian Global Navigation Satellite System GNSS signals makes spoofing attacks relatively easy. With modern mobile devices often featuring network interfaces, state-of-the-art signals of opportunity SOP schemes can provide accurate network positions in replacemen...