A Novel Solution for Zero-Day Attack Detection in IDS Using Self-Attention and Jensen-Shannon Divergence in WGAN-GP

The increasing sophistication of cyber threats, especially zero-day attacks, poses a significant challenge to cybersecurity. Zero-day attacks exploit unknown vulnerabilities, making them difficult to detect and defend against. Existing approaches patch flaws and deploy an Intrusion Detection Syst...

LLM-Based Vulnerable Code Augmentation: Generate or Refactor?

Vulnerability code-bases often suffer from severe imbalance, limiting the effectiveness of Deep Learning-based vulnerability classifiers. Data Augmentation could help solve this by mitigating the scarcity of under-represented CWEs. In this context, we investigate LLM-based augmentation for...

Beyond Detection: A Comprehensive Benchmark and Study on Representation Learning for Fine-Grained Webshell Family Classification

Malicious WebShells pose a significant and evolving threat by compromising critical digital infrastructures and endangering public services in sectors such as healthcare and finance. While the research community has made significant progress in WebShell detection i.e., distinguishing malicious...

SD-CGAN: Conditional Sinkhorn Divergence GAN for DDoS Anomaly Detection in IoT Networks

The increasing complexity of IoT edge networks presents significant challenges for anomaly detection, particularly in identifying sophisticated Denial-of-Service DoS attacks and zero-day exploits under highly dynamic and imbalanced traffic conditions. This paper proposes SD-CGAN, a Conditional...

From LLMs to Agents: A Comparative Evaluation of LLMs and LLM-Based Agents in Security Patch Detection

The widespread adoption of open-source software OSS has accelerated software innovation but also increased security risks due to the rapid propagation of vulnerabilities and silent patch releases. In recent years, large language models LLMs and LLM-based agents have demonstrated remarkable...

Black-Box Guardrail Reverse-Engineering Attack

Large language models LLMs increasingly employ guardrails to enforce ethical, legal, and application-specific constraints on their outputs. While effective at mitigating harmful responses, these guardrails introduce a new class of vulnerabilities by exposing observable decision patterns. In this...

Cyberattack Detection in Critical Infrastructure and Supply Chains

Cyberattack detection in Critical Infrastructure and Supply Chains has become challenging in Industry 4.0. Intrusion Detection Systems IDS are deployed to counter the cyberattacks. However, an IDS effectively detects attacks based on the known signatures and patterns, Zero-day attacks go...

LLM-Generated Samples for Android Malware Detection

Android malware continues to evolve through obfuscation and polymorphism, posing challenges for both signature-based defenses and machine learning models trained on limited and imbalanced datasets. Synthetic data has been proposed as a remedy for scarcity, yet the role of large language models LL...

A Survey on Data Security in Large Language Models

Large Language Models LLMs, now a foundation in advancing natural language processing, power applications such as text generation, machine translation, and conversational systems. Despite their transformative potential, these models inherently rely on massive amounts of training data, often...

SynthCTI: LLM-Driven Synthetic CTI Generation to Enhance MITRE Technique Mapping

Cyber Threat Intelligence CTI mining involves extracting structured insights from unstructured threat data, enabling organizations to understand and respond to evolving adversarial behavior. A key task in CTI mining is mapping threat descriptions to MITRE ATT&CK techniques. However, this process...

Taming Data Challenges in ML-Based Security Tasks: Lessons from Integrating Generative AI

Machine learning-based supervised classifiers are widely used for security tasks, and their improvement has been largely focused on algorithmic advancements. We argue that data challenges that negatively impact the performance of these classifiers have received limited attention. We address the...

HARPT: a Corpus for Analyzing Consumers' Trust and Privacy Concerns in Mobile Health Apps

We present HARPT, a large-scale annotated corpus of mobile health app store reviews aimed at advancing research in user privacy and trust. The dataset comprises over 480,000 user reviews labeled into seven categories that capture critical aspects of trust in applications, trust in providers and...

Dynamic Temporal Positional Encodings for Early Intrusion Detection in IoT

The rapid expansion of the Internet of Things IoT has introduced significant security challenges, necessitating efficient and adaptive Intrusion Detection Systems IDS. Traditional IDS models often overlook the temporal characteristics of network traffic, limiting their effectiveness in early thre...

PROVSYN: Synthesizing Provenance Graphs for Data Augmentation in Intrusion Detection Systems

Provenance graph analysis plays a vital role in intrusion detection, particularly against Advanced Persistent Threats APTs, by exposing complex attack patterns. While recent systems combine graph neural networks GNNs with natural language processing NLP to capture structural and semantic features...

MISLEADER: Defending against Model Extraction with Ensembles of Distilled Models

Model extraction attacks aim to replicate the functionality of a black-box model through query access, threatening the intellectual property IP of machine-learning-as-a-service MLaaS providers. Defending against such attacks is challenging, as it must balance efficiency, robustness, and utility...

GSDFuse: Capturing Cognitive Inconsistencies from Multi-Dimensional Weak Signals in Social Media Steganalysis

The ubiquity of social media platforms facilitates malicious linguistic steganography, posing significant security risks. Steganalysis is profoundly hindered by the challenge of identifying subtle cognitive inconsistencies arising from textual fragmentation and complex dialogue structures, and th...

Is Artificial Intelligence Generated Image Detection a Solved Problem?

The rapid advancement of generative models, such as GANs and Diffusion models, has enabled the creation of highly realistic synthetic images, raising serious concerns about misinformation, deepfakes, and copyright infringement. Although numerous Artificial Intelligence Generated Image AIGI...

Facial Recognition Leveraging Generative Adversarial Networks

Face recognition performance based on deep learning heavily relies on large-scale training data, which is often difficult to acquire in practical applications. To address this challenge, this paper proposes a GAN-based data augmentation method with three key contributions: 1 a residual-embedded...

A Contrastive Federated Semi-Supervised Learning Intrusion Detection Framework for Internet of Robotic Things

In intelligent industry, autonomous driving and other environments, the Internet of Things IoT highly integrated with robotic to form the Internet of Robotic Things IoRT. However, network intrusion to IoRT can lead to data leakage, service interruption in IoRT and even physical damage by...

Malicious code in ml-interactive-data-augmentation (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e20810134f19a11553a575cd601700601cf374b00626760c86d6c3905cb0113b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...