High-Precision APT Malware Attribution with Out-Of-Scope Resilience

Early attribution of Advanced Persistent Threat APT activity can help defenders prioritise investigation, select countermeasures, and reduce the impact of an intrusion. Malware provides useful attribution evidence, but automated APT malware attribution remains difficult in practice. Existing...

A Hybrid Cluster-Based Classification Model for Anomaly Detection in Unbalanced IoT Networks

Detecting anomalies in Internet of Things IoT networks is a critical security challenge, often hampered by highly imbalanced and diverse network traffic datasets. Standard classifiers struggle to perform well across all traffic types. This paper proposes a hybrid detection model to address this...

Enhancing Adversarial Robustness in Network Intrusion Detection: A Layer-Wise Adaptive Regularization Approach

The new wave of adversarial attacks that utilize gradient-related vulnerabilities in neural network-based classifiers makes Network Intrusion Detection Systems more open to such threats. Although state-of-the-art adversarial training methods have shown promising results in producing more robust...

LiteShield: Hybrid Feature Selection-Driven Lightweight Intrusion Detection for Resource-Constrained IoT Networks

The rapid expansion of Internet of Things IoT deployments has enlarged the attack surface of modern digital infrastructure while exposing a key security mismatch: many intrusion detection systems IDSs remain too computationally expensive for constrained IoT environments. This paper presents...

GuardPhish: Securing Open-Source LLMs from Phishing Abuse

The rapid adoption of open-source Large Language Models LLMs in offline and enterprise environments has introduced a largely unexamined security risk like susceptibility to adversarial phishing prompts under static safety configurations. In this work, we systematically investigate this...

Robustness Analysis of Machine Learning Models for IoT Intrusion Detection under Data Poisoning Attacks

Ensuring the reliability of machine learning-based intrusion detection systems remains a critical challenge in Internet of Things IoT environments, particularly as data poisoning attacks increasingly threaten the integrity of model training pipelines. This study evaluates the susceptibility of fo...

RansomTrack: A Hybrid Behavioral Analysis Framework for Ransomware Detection

Ransomware poses a serious and fast-acting threat to critical systems, often encrypting files within seconds of execution. Research indicates that ransomware is the most reported cybercrime in terms of financial damage, highlighting the urgent need for early-stage detection before encryption is...

On the Vulnerability of Deep Automatic Modulation Classifiers to Explainable Backdoor Threats

Deep learning DL has been widely studied for assisting applications of modern wireless communications. One of the applications is automatic modulation classification AMC. However, DL models are found to be vulnerable to adversarial machine learning AML threats. One of the most persistent and...

Enhancing Network Intrusion Detection Systems: A Multi-Layer Ensemble Approach to Mitigate Adversarial Attacks

Adversarial examples can represent a serious threat to machine learning ML algorithms. If used to manipulate the behaviour of ML-based Network Intrusion Detection Systems NIDS, they can jeopardize network security. In this work, we aim to mitigate such risks by increasing the robustness of NIDS...

Influence of Autoencoder Latent Space on Classifying IoT CoAP Attacks

The Internet of Things IoT presents a unique cybersecurity challenge due to its vast network of interconnected, resource-constrained devices. These vulnerabilities not only threaten data integrity but also the overall functionality of IoT systems. This study addresses these challenges by explorin...

Evaluating MCC for Low-Frequency Cyberattack Detection in Imbalanced Intrusion Detection Data

In many real-world network environments, several types of cyberattacks occur at very low rates compared to benign traffic, making them difficult for intrusion detection systems IDS to detect reliably. This imbalance causes traditional evaluation metrics, such as accuracy, to often overstate model...

Detecting Prompt Injection Attacks against Application Using Classifiers

Prompt injection attacks can compromise the security and stability of critical systems, from infrastructure to large web applications. This work curates and augments a prompt injection dataset based on the HackAPrompt Playground Submissions corpus and trains several classifiers, including LSTM,...

Scam Shield: Multi-Model Voting and Fine-Tuned LLMs against Adversarial Attacks

Scam detection remains a critical challenge in cybersecurity as adversaries craft messages that evade automated filters. We propose a Hierarchical Scam Detection System HSDS that combines a lightweight multi-model voting front end with a fine-tuned LLaMA 3.1 8B Instruct back end to improve accura...

DeepTrust: Multi-Step Classification through Dissimilar Adversarial Representations for Robust Android Malware Detection

Over the last decade, machine learning has been extensively applied to identify malicious Android applications. However, such approaches remain vulnerable against adversarial examples, i.e., examples that are subtly manipulated to fool a machine learning model into making incorrect predictions...

Taming Data Challenges in ML-Based Security Tasks: Lessons from Integrating Generative AI

Machine learning-based supervised classifiers are widely used for security tasks, and their improvement has been largely focused on algorithmic advancements. We argue that data challenges that negatively impact the performance of these classifiers have received limited attention. We address the...

HARPT: a Corpus for Analyzing Consumers' Trust and Privacy Concerns in Mobile Health Apps

We present HARPT, a large-scale annotated corpus of mobile health app store reviews aimed at advancing research in user privacy and trust. The dataset comprises over 480,000 user reviews labeled into seven categories that capture critical aspects of trust in applications, trust in providers and...

CAPAA: Classifier-Agnostic Projector-Based Adversarial Attack

Projector-based adversarial attack aims to project carefully designed light patterns i.e., adversarial projections onto scenes to deceive deep image classifiers. It has potential applications in privacy protection and the development of more robust classifiers. However, existing approaches...

A Review of Various Datasets for Machine Learning Algorithm-Based Intrusion Detection System: Advances and Challenges

IDS aims to protect computer networks from security threats by detecting, notifying, and taking appropriate action to prevent illegal access and protect confidential information. As the globe becomes increasingly dependent on technology and automated processes, ensuring secured systems,...

Wiz Data Foundations: Data Classification

A closer look at Wiz’s data classification engine — including our new Novel Classifiers...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a possible duplicate addition of classifiers by the qfq scheduler in the case of netem subqueues, which coul...