Stabilising Explainability Fragility in Cybersecurity AI: The Impact and Mitigation of Multicollinearity in Public Benchmark Datasets

This paper investigates a unexplored yet impactful vulnerability in AI explainability used in intrusion detection IDS: multicollinearity-induced instability. Despite extensive reliance on post-hoc explainability tools such as SHAP or LIME, the impact of correlated features on explanation robustne...

Evaluating Retrieval-Augmented Generation for Explainable Malware Analysis

Large Language Models LLMs are increasingly being used as security engineering tools to summarize and explain malware behavior to analysts. A common assumption is that Retrieval-Augmented Generation RAG improves explanation quality by injecting external security knowledge. In this work, we...

Routing-Aware Explanations for Mixture of Experts Graph Models in Malware Detection

Mixture-of-Experts MoE offers flexible graph reasoning by combining multiple views of a graph through a learned router. We investigate routing-aware explanations for MoE graph models in malware detection using control flow graphs CFGs. Our architecture builds diversity at two levels. At the node...

Exploit for CVE-2025-4517

CVE-2025-4517-P...

Human-Centered Explainability in AI-Enhanced UI Security Interfaces: Designing Trustworthy Copilots for Cybersecurity Analysts

Artificial intelligence AI copilots are increasingly integrated into enterprise cybersecurity platforms to assist analysts in threat detection, triage, and remediation. However, the effectiveness of these systems depends not only on the accuracy of underlying models but also on the degree to whic...

CAFE-GB: Scalable and Stable Feature Selection for Malware Detection Via Chunk-Wise Aggregated Gradient Boosting

High-dimensional malware datasets often exhibit feature redundancy, instability, and scalability limitations, which hinder the effectiveness and interpretability of machine learning-based malware detection systems. Although feature selection is commonly employed to mitigate these issues, many...

Accuracy and Efficiency Trade-Offs in LLM-Based Malware Detection and Explanation: A Comparative Study of Parameter Tuning Vs. Full Fine-Tuning

This study examines whether Low-Rank Adaptation LoRA fine-tuned Large Language Models LLMs can approximate the performance of fully fine-tuned models in generating human-interpretable decisions and explanations for malware classification. Achieving trustworthy malware detection, particularly when...

Microsoft raises the bar: A smarter way to measure AI for cybersecurity

ExCyTIn-Bench is Microsoft’s newest open-source benchmarking tool designed to evaluate how well AI systems perform real-world cybersecurity investigations.1 It helps business leaders assess language models by simulating realistic cyberthreat scenarios and providing clear, actionable insights into...

EUVD-2022-54493

Malicious code in bioql PyPI...

Explainable but Vulnerable: Adversarial Attacks on XAI Explanation in Cybersecurity Applications

Explainable Artificial Intelligence XAI has aided machine learning ML researchers with the power of scrutinizing the decisions of the black-box models. XAI methods enable looking deep inside the models' behavior, eventually generating explanations along with a perceived trust and transparency...

ExpIDS: a Drift-Adaptable Network Intrusion Detection System with Improved Explainability

Despite all the advantages associated with Network Intrusion Detection Systems NIDSs that utilize machine learning ML models, there is a significant reluctance among cyber security experts to implement these models in real-world production settings. This is primarily because of their opaque natur...

Adversarial Attacks on VQA-NLE: Exposing and Alleviating Inconsistencies in Visual Question Answering Explanations

Natural language explanations in visual question answering VQA-NLE aim to make black-box models more transparent by elucidating their decision-making processes. However, we find that existing VQA-NLE systems can produce inconsistent explanations and reach conclusions without genuinely understandi...

Interpreting Differential Privacy in Terms of Disclosure Risk

As the use of differential privacy DP becomes widespread, the development of effective tools for reasoning about the privacy guarantee becomes increasingly critical. In pursuit of this goal, we demonstrate novel relationships between DP and measures of statistical disclosure risk. We suggest how...

MalGuard: Towards Real-Time, Accurate, and Actionable Detection of Malicious Packages in PyPI Ecosystem

Malicious package detection has become a critical task in ensuring the security and stability of the PyPI. Existing detection approaches have focused on advancing model selection, evolving from traditional machine learning ML models to large language models LLMs. However, as the complexity of the...

MultiPhishGuard: an LLM-Based Multi-Agent System for Phishing Email Detection

Phishing email detection faces critical challenges from evolving adversarial tactics and heterogeneous attack patterns. Traditional detection methods, such as rule-based filters and denylists, often struggle to keep pace with these evolving tactics, leading to false negatives and compromised...

VADER: a Human-Evaluated Benchmark for Vulnerability Assessment, Detection, Explanation, and Remediation

Ensuring that large language models LLMs can effectively assess, detect, explain, and remediate software vulnerabilities is critical for building robust and secure software systems. We introduce VADER, a human-evaluated benchmark designed explicitly to assess LLM performance across four key...

On the Interplay of Explainability, Privacy and Predictive Performance with Explanation-Assisted Model Extraction

Machine Learning as a Service MLaaS has gained important attraction as a means for deploying powerful predictive models, offering ease of use that enables organizations to leverage advanced analytics without substantial investments in specialized infrastructure or expertise. However, MLaaS...

Evaluating Explanation Quality in X-IDS Using Feature Alignment Metrics

Explainable artificial intelligence XAI methods have become increasingly important in the context of explainable intrusion detection systems X-IDSs for improving the interpretability and trustworthiness of X-IDSs. However, existing evaluation approaches for XAI focus on model-specific properties...

Bridging Expertise Gaps: the Role of LLMs in Human-AI Collaboration for Cybersecurity

This study investigates whether large language models LLMs can function as intelligent collaborators to bridge expertise gaps in cybersecurity decision-making. We examine two representative tasks-phishing email detection and intrusion detection-that differ in data modality, cognitive complexity,...

AlmaLinux 8 : raptor2 (ALSA-2025:0314)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:0314 advisory. raptor: integer underflow when normalizing a URI with the turtle parser CVE-2024-57823 Tenable has extracted the preceding description block directly from the...