93 matches found
Explainable Vulnerability Detection in C/C++ Using Edge-Aware Graph Attention Networks
Detecting security vulnerabilities in source code remains challenging, particularly due to class imbalance in real-world datasets where vulnerable functions are under-represented. Existing learning-based methods often optimise for recall, leading to high false positive rates and reduced usability...
Exploiting Context-Dependent Duration Features for Voice Anonymization Attack Systems
The temporal dynamics of speech, encompassing variations in rhythm, intonation, and speaking rate, contain important and unique information about speaker identity. This paper proposes a new method for representing speaker characteristics by extracting context-dependent duration embeddings from...
HASSLE: a Self-Supervised Learning Enhanced Hijacking Attack on Vertical Federated Learning
Vertical Federated Learning VFL enables an orchestrating active party to perform a machine learning task by cooperating with passive parties that provide additional task-related features for the same training data entities. While prior research has leveraged the privacy vulnerability of VFL to...
EventHunter: Dynamic Clustering and Ranking of Security Events from Hacker Forum Discussions
Hacker forums provide critical early warning signals for emerging cybersecurity threats, but extracting actionable intelligence from their unstructured and noisy content remains a significant challenge. This paper presents an unsupervised framework that automatically detects, clusters, and...
PT-2025-39733
Name of the Vulnerable Software and Affected Versions llama-index-core versions through 0.12.44 Description The software has an issue in the get cache dir function due to the use of a predictable, hardcoded directory path /tmp/llama index on Linux systems without sufficient security measures. Thi...
HE-LRM: Encrypted Deep Learning Recommendation Models Using Fully Homomorphic Encryption
Fully Homomorphic Encryption FHE is an encryption scheme that not only encrypts data but also allows for computations to be applied directly on the encrypted data. While computationally expensive, FHE can enable privacy-preserving neural inference in the client-server setting: a client encrypts...
KEENHash: Hashing Programs into Function-Aware Embeddings for Large-Scale Binary Code Similarity Analysis
Binary code similarity analysis BCSA is a crucial research area in many fields such as cybersecurity. Specifically, function-level diffing tools are the most widely used in BCSA: they perform function matching one by one for evaluating the similarity between binary programs. However, such methods...
Detecting Hard-Coded Credentials in Software Repositories Via LLMs
Software developers frequently hard-code credentials such as passwords, generic secrets, private keys, and generic tokens in software repositories, even though it is strictly advised against due to the severe threat to the security of the software. These credentials create attack surfaces...
Private Training and Data Generation by Clustering Embeddings
Deep neural networks often use large, high-quality datasets to achieve high performance on many machine learning tasks. When training involves potentially sensitive data, this process can raise privacy concerns, as large models have been shown to unintentionally memorize and reveal sensitive...
Black-Box Privacy Attacks on Shared Representations in Multitask Learning
Multitask learning MTL has emerged as a powerful paradigm that leverages similarities among multiple learning tasks, each with insufficient samples to train a standalone model, to solve them simultaneously while minimizing data sharing across users and organizations. MTL typically accomplishes th...
Graph-Based Floor Separation Using Node Embeddings and Clustering of WiFi Trajectories
Indoor positioning systems IPSs are increasingly vital for location-based services in complex multi-storey environments. This study proposes a novel graph-based approach for floor separation using Wi-Fi fingerprint trajectories, addressing the challenge of vertical localization in indoor settings...
DiffUMI: Training-Free Universal Model Inversion Via Unconditional Diffusion for Face Recognition
Face recognition technology presents serious privacy risks due to its reliance on sensitive and immutable biometric data. To address these concerns, such systems typically convert raw facial images into embeddings, which are traditionally viewed as privacy-preserving. However, model inversion...
GradEscape: a Gradient-Based Evader against AI-Generated Text Detectors
In this paper, we introduce GradEscape, the first gradient-based evader designed to attack AI-generated text AIGT detectors. GradEscape overcomes the undifferentiable computation problem, caused by the discrete nature of text, by introducing a novel approach to construct weighted embeddings for t...
SecEmb: Sparsity-Aware Secure Federated Learning of On-Device Recommender System with Large Embedding
Federated recommender system FedRec has emerged as a solution to protect user data through collaborative training techniques. A typical FedRec involves transmitting the full model and entire weight updates between edge devices and the server, causing significant burdens to devices with limited...
Robust Anti-Backdoor Instruction Tuning in LVLMs
Large visual language models LVLMs have demonstrated excellent instruction-following capabilities, yet remain vulnerable to stealthy backdoor attacks when finetuned using contaminated data. Existing backdoor defense techniques are usually developed for single-modal visual or language models under...
Poison in the Well: Feature Embedding Disruption in Backdoor Attacks
Backdoor attacks embed malicious triggers into training data, enabling attackers to manipulate neural network behavior during inference while maintaining high accuracy on benign inputs. However, existing backdoor attacks face limitations manifesting in excessive reliance on training data, poor...
Repository Vector Search Methods
The emergence of Large Language Models LLM has propelled Generative AI and surfaced one of its key components to a broad audience: Embeddings. Embeddings are a vector representation of data in a high-dimensional space capturing their semantic meaning. Vector representations allow for more efficie...
EC-LDA : Label Distribution Inference Attack against Federated Graph Learning with Embedding Compression
Graph Neural Networks GNNs have been widely used for graph analysis. Federated Graph Learning FGL is an emerging learning framework to collaboratively train graph data from various clients. However, since clients are required to upload model parameters to the server in each round, this provides t...
BeamClean: Language Aware Embedding Reconstruction
In this work, we consider an inversion attack on the obfuscated input embeddings sent to a language model on a server, where the adversary has no access to the language model or the obfuscation mechanism and sees only the obfuscated embeddings along with the model's embedding table. We propose...
MTL-UE: Learning to Learn Nothing for Multi-Task Learning
Most existing unlearnable strategies focus on preventing unauthorized users from training single-task learning STL models with personal data. Nevertheless, the paradigm has recently shifted towards multi-task data and multi-task learning MTL, targeting generalist and foundation models that can...