Disentangling Adversarial Prompts: A Semantic-Graph Defense for Robust LLM Security

Large Language Models LLMs are increasingly vulnerable to adversarial prompts that exploit semantic ambiguities to bypass safety mechanisms, resulting in harmful or inappropriate outputs. Such attacks, including jailbreaking and prompt injection, pose significant risks to the integrity and...

PySpector 安全漏洞

PySpector is a high-performance Python static security analysis framework based on graphs, developed by Tommaso Bona. Versions of PySpector prior to 0.1.8 contained security vulnerabilities. These vulnerabilities stemmed from an incomplete blacklist of plugin security validators, which could allo...

[SECURITY] Fedora 44 Update: gegl04-0.4.70-2.fc44

GEGL Generic Graphics Library is a graph based image processing framework. GEGLs original design was made to scratch GIMP's itches for a new compositing and processing core. This core is being designed to have minimal dependencies and a simple well defined API...

HAL -- an Open-Source Framework for Gate-Level Netlist Analysis

HAL is an open-source framework for gate-level netlist analysis, an integral step in hardware reverse engineering. It provides analysts with an interactive GUI, an extensible plugin system, and APIs in both C++ and Python for rapid prototyping and automation. In addition, HAL ships with plugins f...

Changing the physics of cyber defense

The Deputy CISO blog series is whereMicrosoft Deputy Chief Information Security Officers CISOs share their thoughts on what is most important in their respective domains. In this series, you will get practical advice, tactics to start and stop deploying, forward-looking commentary on where the...

NatGVD: Natural Adversarial Example Attack Towards Graph-Based Vulnerability Detection

Graph-based models learn rich code graph structural information and present superior performance on various code analysis tasks. However, the robustness of these models against adversarial example attacks in the context of vulnerability detection remains an open question. This paper proposes...

State-Of-The-Art in Software Security Visualization: a Systematic Review

Software security visualization is an interdisciplinary field that combines the technical complexity of cybersecurity, including threat intelligence and compliance monitoring, with visual analytics, transforming complex security data into easily digestible visual formats. As software systems get...

Automated Cyber Defense with Generalizable Graph-Based Reinforcement Learning Agents

Deep reinforcement learning RL is emerging as a viable strategy for automated cyber defense ACD. The traditional RL approach represents networks as a list of computers in various states of safety or threat. Unfortunately, these models are forced to overfit to specific network topologies, renderin...

A Graph-Based Approach to Alert Contextualisation in Security Operations Centres

Interpreting the massive volume of security alerts is a significant challenge in Security Operations Centres SOCs. Effective contextualisation is important, enabling quick distinction between genuine threats and benign activity to prioritise what needs further analysis.This paper proposes a...

KillChainGraph: ML Framework for Predicting and Mapping ATT&CK Techniques

The escalating complexity and volume of cyberattacks demand proactive detection strategies that go beyond traditional rule-based systems. This paper presents a phase-aware, multi-model machine learning framework that emulates adversarial behavior across the seven phases of the Cyber Kill Chain...

Mitigating Distribution Shift in Graph-Based Android Malware Classification Via Function Metadata and LLM Embeddings

Graph-based malware classifiers can achieve over 94% accuracy on standard Android datasets, yet we find they suffer accuracy drops of up to 45% when evaluated on previously unseen malware variants from the same family - a scenario where strong generalization would typically be expected. This...

VOLTRON: Detecting Unknown Malware Using Graph-Based Zero-Shot Learning

The persistent threat of Android malware presents a serious challenge to the security of millions of users globally. While many machine learning-based methods have been developed to detect these threats, their reliance on large labeled datasets limits their effectiveness against emerging,...

Explain First, Trust Later: LLM-Augmented Explanations for Graph-Based Crypto Anomaly Detection

The decentralized finance DeFi community has grown rapidly in recent years, pushed forward by cryptocurrency enthusiasts interested in the vast untapped potential of new markets. The surge in popularity of cryptocurrency has ushered in a new era of financial crime. Unfortunately, the novelty of t...

Graph-Based Floor Separation Using Node Embeddings and Clustering of WiFi Trajectories

Indoor positioning systems IPSs are increasingly vital for location-based services in complex multi-storey environments. This study proposes a novel graph-based approach for floor separation using Wi-Fi fingerprint trajectories, addressing the challenge of vertical localization in indoor settings...

Transaction Proximity: a Graph-Based Approach to Blockchain Fraud Prevention

This paper introduces a fraud-deterrent access validation system for public blockchains, leveraging two complementary concepts: "Transaction Proximity", which measures the distance between wallets in the transaction graph, and "Easily Attainable Identities EAIs", wallets with direct transaction...

LibVulnWatch: a Deep Assessment Agent System and Leaderboard for Uncovering Hidden Vulnerabilities in Open-Source AI Libraries

Open-source AI libraries are foundational to modern AI systems but pose significant, underexamined risks across security, licensing, maintenance, supply chain integrity, and regulatory compliance. We present LibVulnWatch, a graph-based agentic assessment framework that performs deep,...

FCGHunter: Towards Evaluating Robustness of Graph-Based Android Malware Detection

Graph-based detection methods leveraging Function Call Graphs FCGs have shown promise for Android malware detection AMD due to their semantic insights. However, the deployment of malware detectors in dynamic and hostile environments raises significant concerns about their robustness. While recent...

Wiz now integrates with Oracle Cloud Infrastructure, bringing a graph-based cloud security approach to all major providers

Fortune 500’s Avery Dennison among enterprises that operate securely on OCI and other cloud infrastructure with Wiz...

Finding Attack Paths in Cloud Environments

The mass adoption of cloud infrastructure is fully justified by innumerable advantages. As a result, today, organizations' most sensitive business applications, workloads, and data are in the cloud. Hackers, good and bad, have noticed that trend and effectively evolved their attack techniques to...

Checkov - Prevent Cloud Misconfigurations During Build-Time For Terraform, CloudFormation, Kubernetes, Serverless Framework And Other Infrastructure-As-Code-Languages

Checkov is a static code analysis tool for infrastructure-as-code. It scans cloud infrastructure provisioned using Terraform, Terraform plan, Cloudformation, AWS SAM, Kubernetes, Dockerfile, Serverless or ARM Templates and detects securi ty and compliance misconfigurations using graph-based...