8 matches found
From Incomplete Architecture to Quantified Risk: Multimodal LLM-Driven Security Assessment for Cyber-Physical Systems
Cyber-physical systems often contend with incomplete architectural documentation or outdated information resulting from legacy technologies, knowledge management gaps, and the complexity of integrating diverse subsystems over extended operational lifecycles. This architectural incompleteness...
Few-Shot Learning for Security Bug Report Identification
Security bug reports require prompt identification to minimize the window of vulnerability in software systems. Traditional machine learning ML techniques for classifying bug reports to identify security bug reports rely heavily on large amounts of labeled data. However, datasets for security bug...
COGNITION: From Evaluation to Defense against Multimodal LLM CAPTCHA Solvers
This paper studies how multimodal large language models MLLMs undermine the security guarantees of visual CAPTCHA. We identify the attack surface where an adversary can cheaply automate CAPTCHA solving using off-the-shelf models. We evaluate 7 leading commercial and open-source MLLMs across 18...
Semantic-Aware Fuzzing: an Empirical Framework for LLM-Guided, Reasoning-Driven Input Mutation
Security vulnerabilities in Internet-of-Things devices, mobile platforms, and autonomous systems remain critical. Traditional mutation-based fuzzers -- while effectively explore code paths -- primarily perform byte- or bit-level edits without semantic reasoning. Coverage-guided tools such as AFL+...
Empirical Evaluation of Concept Drift in ML-Based Android Malware Detection
Despite outstanding results, machine learning-based Android malware detection models struggle with concept drift, where rapidly evolving malware characteristics degrade model effectiveness. This study examines the impact of concept drift on Android malware detection, evaluating two datasets and...
M3S-UPD: Efficient Multi-Stage Self-Supervised Learning for Fine-Grained Encrypted Traffic Classification with Unknown Pattern Discovery
The growing complexity of encrypted network traffic presents dual challenges for modern network management: accurate multiclass classification of known applications and reliable detection of unknown traffic patterns. Although deep learning models show promise in controlled environments, their...
User Behavior Analysis in Privacy Protection with Large Language Models: a Study on Privacy Preferences with Limited Data
With the widespread application of large language models LLMs, user privacy protection has become a significant research topic. Existing privacy preference modeling methods often rely on large-scale user data, making effective privacy preference analysis challenging in data-limited environments...
Semantic-Aware Contrastive Fine-Tuning: Boosting Multimodal Malware Classification with Discriminative Embeddings
The rapid evolution of malware variants requires robust classification methods to enhance cybersecurity. While Large Language Models LLMs offer potential for generating malware descriptions to aid family classification, their utility is limited by semantic embedding overlaps and misalignment with...