The Hitchhiker'S Guide to Efficient, End-To-End, and Tight DP Auditing

This paper systematizes research on auditing Differential Privacy DP techniques, aiming to identify key insights into the current state of the art and open challenges. First, we introduce a comprehensive framework for reviewing work in the field and establish three cross-contextual desiderata tha...

gstreamer1-plugins-bad-free: mingw-gstreamer1-plugins-bad-free: GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

A flaw was found in GStreamer H265 Codec Parsing gstreamer1-plugins-bad-free. This vulnerability allows remote attackers to execute arbitrary code by parsing H265 slice headers...

SoK: Evaluating Jailbreak Guardrails for Large Language Models

Large Language Models LLMs have achieved remarkable progress, but their deployment has exposed critical vulnerabilities, particularly to jailbreak attacks that circumvent safety mechanisms. Guardrails--external defense mechanisms that monitor and control LLM interaction--have emerged as a promisi...

CVE-2025-5896

A vulnerability was found in tarojs taro up to 4.1.1. It has been declared as problematic. This vulnerability affects unknown code of the file taro/packages/css-to-react-native/src/index.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely...

Efficient Modular Multiplier over GF (2^M) for ECPM

Elliptic curve cryptography ECC has emerged as the dominant public-key protocol, with NIST standardizing parameters for binary field GF2^m ECC systems. This work presents a hardware implementation of a Hybrid Multiplication technique for modular multiplication over binary field GF2m, targeting NI...

Quantifying Mix Network Privacy Erosion with Generative Models

Modern mix networks improve over Tor and provide stronger privacy guarantees by robustly obfuscating metadata. As long as a message is routed through at least one honest mixnode, the privacy of the users involved is safeguarded. However, the complexity of the mixing mechanisms makes it difficult ...

ABC-FHE : a Resource-Efficient Accelerator Enabling Bootstrappable Parameters for Client-Side Fully Homomorphic Encryption

As the demand for privacy-preserving computation continues to grow, fully homomorphic encryption FHE-which enables continuous computation on encrypted data-has become a critical solution. However, its adoption is hindered by significant computational overhead, requiring 10000-fold more computatio...

Auditing Black-Box LLM APIs with a Rank-Based Uniformity Test

As API access becomes a primary interface to large language models LLMs, users often interact with black-box systems that offer little transparency into the deployed model. To reduce costs or maliciously alter model behaviors, API providers may discreetly serve quantized or fine-tuned variants,...

Are Trees Really Green? A Detection Approach of IoT Malware Attacks

Nowadays, the Internet of Things IoT is widely employed, and its usage is growing exponentially because it facilitates remote monitoring, predictive maintenance, and data-driven decision making, especially in the healthcare and industrial sectors. However, IoT devices remain vulnerable due to the...

Unraveling Ethereum'S Mempool: the Impact of Fee Fairness, Transaction Prioritization, and Consensus Efficiency

Ethereum's transaction pool mempool dynamics and fee market efficiency critically affect transaction inclusion, validator workload, and overall network performance. This research empirically analyzes gas price variations, mempool clearance rates, and block finalization times in Ethereum's...

Walrus: an Efficient Decentralized Storage Network

Decentralized storage systems face a fundamental trade-off between replication overhead, recovery efficiency, and security guarantees. Current approaches either rely on full replication, incurring substantial storage costs, or employ trivial erasure coding schemes that struggle with efficient...

Efficient RL-Based Cache Vulnerability Exploration by Penalizing Useless Agent Actions

Cache-timing attacks exploit microarchitectural characteristics to leak sensitive data, posing a severe threat to modern systems. Despite its severity, analyzing the vulnerability of a given cache structure against cache-timing attacks is challenging. To this end, a method based on Reinforcement...

Dual-Priv Pruning : Efficient Differential Private Fine-Tuning in Multimodal Large Language Models

Differential Privacy DP is a widely adopted technique, valued for its effectiveness in protecting the privacy of task-specific datasets, making it a critical tool for large language models. However, its effectiveness in Multimodal Large Language Models MLLMs remains uncertain. Applying Differenti...

Explainer-Guided Targeted Adversarial Attacks against Binary Code Similarity Detection Models

Binary code similarity detection BCSD serves as a fundamental technique for various software engineering tasks, e.g., vulnerability detection and classification. Attacks against such models have therefore drawn extensive attention, aiming at misleading the models to generate erroneous predictions...

TracLLM: a Generic Framework for Attributing Long Context LLMs

Long context large language models LLMs are deployed in many real-world applications such as RAG, agent, and broad LLM-integrated applications. Given an instruction and a long context e.g., documents, PDF files, webpages, a long context LLM can generate an output grounded in the provided context,...

FERRET: Private Deep Learning Faster and Better Than DPSGD

We revisit 1-bit gradient compression through the lens of mutual-information differential privacy MI-DP. Building on signSGD, we propose FERRET--Fast and Effective Restricted Release for Ethical Training--which transmits at most one sign bit per parameter group with Bernoulli masking. Theory: We...

Predictive-CSM: Lightweight Fragment Security for 6LoWPAN IoT Networks

Fragmentation is a routine part of communication in 6LoWPAN-based IoT networks, designed to accommodate small frame sizes on constrained wireless links. However, this process introduces a critical vulnerability fragments are typically stored and processed before their legitimacy is confirmed,...

Video Signature: In-Generation Watermarking for Latent Video Diffusion Models

The rapid development of Artificial Intelligence Generated Content AIGC has led to significant progress in video generation but also raises serious concerns about intellectual property protection and reliable content tracing. Watermarking is a widely adopted solution to this issue, but existing...

Safety Alignment Can Be Not Superficial with Explicit Safety Signals

Recent studies on the safety alignment of large language models LLMs have revealed that existing approaches often operate superficially, leaving models vulnerable to various adversarial attacks. Despite their significance, these studies generally fail to offer actionable solutions beyond data...

Practical Bayes-Optimal Membership Inference Attacks

We develop practical and theoretically grounded membership inference attacks MIAs against both independent and identically distributed i.i.d. data and graph-structured data. Building on the Bayesian decision-theoretic framework of Sablayrolles et al., we derive the Bayes-optimal membership...