SECUREVENT: Hybrid AI/ML Security Monitoring for Distributed Event-Based Systems

Distributed event-based systems have become a common substrate for Internet-scale publish/subscribe services, IoT telemetry, cloud-native microservices, and security operations pipelines. Their loose coupling and asynchronous delivery improve scalability, but they also expand the attack surface:...

AI Security Research Should Better Incentivize Defense Research

This work examines an imbalance in artificial intelligence AI security research: the field tends to produce more work on attacking AI systems than on defending them. Drawing on related academic papers, we find biased attack-to-defense ratios across subfields, including federated learning, speech...

XAI FL-IDS: A Federated Learning and SHAP-Based Explainable Framework for Distributed Intrusion Detection Systems

An Intrusion Detection System IDS is vital in cybersecurity, detecting unauthorized activity across networks. With attacks on network layers increasing, stronger IDSs are needed. Yet most IDSs rely on centralized detection, forcing IoT nodes to ship data to a server, adding overhead and offering ...

Federated Naive Bayes with Real Mixture of Gaussians and Institutional Governance Regularization for Network Intrusion Detection

Federated learning for intrusion detection rests on a flawed premise: that every participating institution contributes equally to the shared model. In practice, a financial institution with mature security controls and low vulnerability exposure produces fundamentally different data than a...

Integration of AI in Cybersecurity: Current Trends with a Focused Look at Intrusion Detection Applications

Artificial Intelligence AI is widely adopted today for its ability to detect patterns, automate tasks, and reduce time and cost across various applications. Its integration into Cybersecurity has garnered significant attention, particularly in areas such as intrusion detection, malware analysis,...

AoI-Guided Client Selection for Robust and Timely Federated Intrusion Detection in Cloud-Edge Security Analytics

Federated learning FL is attractive for cloud-edge intrusion detection because it enables collaborative training over distributed telemetry without centralizing raw logs. In production security analytics pipelines, however, only a subset of clients participates in each round, and heterogeneous...

A Comparative Analysis of Machine Learning Models for Intrusion Detection in Intelligent Transport Systems

AI-powered edge computing security is moving Intelligent Transportation Systems ITS from passive, rule-based protections to proactive, smart, zero-touch, self-sufficient safeguards that neutralize threats in milliseconds. As transportation becomes more connected with edge computing, massive IoT,...

NVIDIA FLARE SDK 输入验证错误漏洞

NVIDIA FLARE SDK is a federal learning application development toolkit provided by NVIDIA Corporation in the United States. The NVIDIA Flare SDK has a vulnerability related to input validation errors. This vulnerability stems from path traversal, which leads to improper input validation,...

Scalable and Verifiable Federated Learning for Cross-Institution Financial Fraud Detection

The global financial ecosystem confronts a critical asymmetry: while fraud syndicates operate as borderless, distributed networks, banking institutions remain constrained by regulatory data silos, limiting visibility into cross-institutional threat patterns under strict privacy laws such as GDPR...

DP-FlogTinyLLM: Differentially Private Federated Log Anomaly Detection Using Tiny LLMs

Modern distributed systems generate massive volumes of log data that are critical for detecting anomalies and cyber threats. However, in real world settings, these logs are often distributed across multiple organizations and cannot be centralized due to privacy and security constraints. Existing...

Evaluating Differential Privacy against Membership Inference in Federated Learning: Insights from the NIST Genomics Red Team Challenge

While Federated Learning FL mitigates direct data exposure, the resulting trained models remain susceptible to membership inference attacks MIAs. This paper presents an empirical evaluation of Differential Privacy DP as a defense mechanism against MIAs in FL, leveraging the environment of the 202...

Digital Privacy in IoT: Exploring Challenges, Approaches and Open Issues

Privacy has always been a critical issue in the digital era, particularly with the increasing use of Internet of Things IoT devices. As the IoT continues to transform industries such as healthcare, smart cities, and home automation, it has also introduced serious challenges regarding the security...

Deserialization of Untrusted Data

Overview fedml is an A research and production integrated edge-cloud library for federated/distributed machine learning at anywhere at any scale. Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the sendMessage function in grpcserver.py. An attacker can...

FEDML 路径遍历漏洞

FEDML is a unified and scalable machine learning training and deployment library open sourced by TensorOpera. Versions of FEDML 0.8.9 and earlier contained a path traversal vulnerability. This vulnerability stemmed from incorrect handling of the parameter dataSet, which could lead to path travers...

CVE-2026-33879

Federated Learning and Interoperability Platform FLIP is an open-source platform for federated training and evaluation of medical imaging AI models across healthcare institutions. The FLIP login page in versions 0.1.1 and prior has no rate limiting or CAPTCHA, enabling brute-force and...

CVE-2026-33879

Federated Learning and Interoperability Platform FLIP is an open-source platform for federated training and evaluation of medical imaging AI models across healthcare institutions. The FLIP login page in versions 0.1.1 and prior has no rate limiting or CAPTCHA, enabling brute-force and...

CVE-2026-33879 FLIP doesn't have rate limiting or brute-force protection on login

Federated Learning and Interoperability Platform FLIP is an open-source platform for federated training and evaluation of medical imaging AI models across healthcare institutions. The FLIP login page in versions 0.1.1 and prior has no rate limiting or CAPTCHA, enabling brute-force and...

CVE-2026-33879

FLIP (Federated Learning and Interoperability Platform) login page, affected in version 0.1.1 and earlier, lacks rate limiting and CAPTCHA. This enables brute-force and credential-stuffing attacks, with external users increasing credential reuse risk across institutions. The available documents d...

CVE-2026-33879

Federated Learning and Interoperability Platform FLIP is an open-source platform for federated training and evaluation of medical imaging AI models across healthcare institutions. The FLIP login page in versions 0.1.1 and prior has no rate limiting or CAPTCHA, enabling brute-force and...

EUVD-2026-16818

Federated Learning and Interoperability Platform FLIP is an open-source platform for federated training and evaluation of medical imaging AI models across healthcare institutions. The FLIP login page in versions 0.1.1 and prior has no rate limiting or CAPTCHA, enabling brute-force and...