Blue Teaming Function-Calling Agents

We present an experimental evaluation that assesses the robustness of four open source LLMs claiming function-calling capabilities against three different attacks, and we measure the effectiveness of eight different defences. Our results show how these models are not safe by default, and how the...

Active Honeypot Guardrail System: Probing and Confirming Multi-Turn LLM Jailbreaks

Large language models LLMs are increasingly vulnerable to multi-turn jailbreak attacks, where adversaries iteratively elicit harmful behaviors that bypass single-turn safety filters. Existing defenses predominantly rely on passive rejection, which either fails against adaptive attackers or overly...

Safeguarding Federated Learning-Based Road Condition Classification

Federated Learning FL has emerged as a promising solution for privacy-preserving autonomous driving, specifically camera-based Road Condition Classification RCC systems, harnessing distributed sensing, computing, and communication resources on board vehicles without sharing sensitive image data...

PRM-Free Security Alignment of Large Models Via Red Teaming and Adversarial Training

Large Language Models LLMs have demonstrated remarkable capabilities across diverse applications, yet they pose significant security risks that threaten their safe deployment in critical domains. Current security alignment methodologies predominantly rely on Process Reward Models PRMs to evaluate...

PhishingHook: Catching Phishing Ethereum Smart Contracts Leveraging EVM Opcodes

The Ethereum Virtual Machine EVM is a decentralized computing engine. It enables the Ethereum blockchain to execute smart contracts and decentralized applications dApps. The increasing adoption of Ethereum sparked the rise of phishing activities. Phishing attacks often target users through...

Rubber Mallet: a Study of High Frequency Localized Bit Flips and Their Impact on Security

The increasing density of modern DRAM has heightened its vulnerability to Rowhammer attacks, which induce bit flips by repeatedly accessing specific memory rows. This paper presents an analysis of bit flip patterns generated by advanced Rowhammer techniques that bypass existing hardware defenses...

On the Price of Differential Privacy for Hierarchical Clustering

Hierarchical clustering is a fundamental unsupervised machine learning task with the aim of organizing data into a hierarchy of clusters. Many applications of hierarchical clustering involve sensitive user information, therefore motivating recent studies on differentially private hierarchical...

AESHA3: Efficient and Secure Sub-Key Generation for AES Using SHA-3

Advanced Encryption Standard AES is one of the most widely used symmetric cipher for the confidentiality of data. Also it is used for other security services, viz. integrity, authentication and key establishment. However, recently, authors have shown some weakness in the generation of sub-keys in...

Attack-Defense Trees with Offensive and Defensive Attributes (With Appendix)

Effective risk management in cybersecurity requires a thorough understanding of the interplay between attacker capabilities and defense strategies. Attack-Defense Trees ADTs are a commonly used methodology for representing this interplay; however, previous work in this domain has only focused on...