37 matches found
Multimodal Safety Is Asymmetric: Cross-Modal Exploits Unlock Black-Box MLLMs Jailbreaks
Multimodal large language models MLLMs have demonstrated significant utility across diverse real-world applications. But MLLMs remain vulnerable to jailbreaks, where adversarial inputs can collapse their safety constraints and trigger unethical responses. In this work, we investigate jailbreaks i...
EUVD-2021-0332
Malware in sbrugna...
Decoding Latent Attack Surfaces in LLMs: Prompt Injection Via HTML in Web Summarization
Large Language Models LLMs are increasingly integrated into web-based systems for content summarization, yet their susceptibility to prompt injection attacks remains a pressing concern. In this study, we explore how non-visible HTML elements such as , aria-label, and alt attributes can be exploit...
EX-NIDS: a Framework for Explainable Network Intrusion Detection Leveraging Large Language Models
This paper introduces eX-NIDS, a framework designed to enhance interpretability in flow-based Network Intrusion Detection Systems NIDS by leveraging Large Language Models LLMs. In our proposed framework, flows labelled as malicious by NIDS are initially processed through a module called the Promp...
Differential Privacy in Machine Learning: from Symbolic AI to LLMs
Machine learning models should not reveal particular information that is not otherwise accessible. Differential privacy provides a formal framework to mitigate privacy risks by ensuring that the inclusion or exclusion of any single data point does not significantly alter the output of an algorith...
Flexible Hardware-Enabled Guarantees for AI Compute
As artificial intelligence systems become increasingly powerful, they pose growing risks to international security, creating urgent coordination challenges that current governance approaches struggle to address without compromising sensitive information or national security. We propose flexible...
Deconstructing Obfuscation: a Four-Dimensional Framework for Evaluating Large Language Models Assembly Code Deobfuscation Capabilities
Large language models LLMs have shown promise in software engineering, yet their effectiveness for binary analysis remains unexplored. We present the first comprehensive evaluation of commercial LLMs for assembly code deobfuscation. Testing seven state-of-the-art models against four obfuscation...
Breaking the Gold Standard: Extracting Forgotten Data under Exact Unlearning in Large Language Models
Large language models are typically trained on datasets collected from the web, which may inadvertently contain harmful or sensitive personal information. To address growing privacy concerns, unlearning methods have been proposed to remove the influence of specific data from trained models. Of...
Fooling the Watchers: Breaking AIGC Detectors Via Semantic Prompt Attacks
The rise of text-to-image T2I models has enabled the synthesis of photorealistic human portraits, raising serious concerns about identity misuse and the robustness of AIGC detectors. In this work, we propose an automated adversarial prompt generation framework that leverages a grammar tree...
Password Strength Detection Via Machine Learning: Analysis, Modeling, and Evaluation
As network security issues continue gaining prominence, password security has become crucial in safeguarding personal information and network systems. This study first introduces various methods for system password cracking, outlines password defense strategies, and discusses the application of...
AutoRAN: Weak-To-Strong Jailbreaking of Large Reasoning Models
This paper presents AutoRAN, the first automated, weak-to-strong jailbreak attack framework targeting large reasoning models LRMs. At its core, AutoRAN leverages a weak, less-aligned reasoning model to simulate the target model's high-level reasoning structures, generates narrative prompts, and...
Enhancing IoT Cyber Attack Detection in the Presence of Highly Imbalanced Data
Due to the rapid growth in the number of Internet of Things IoT networks, the cyber risk has increased exponentially, and therefore, we have to develop effective IDS that can work well with highly imbalanced datasets. A high rate of missed threats can be the result, as traditional machine learnin...
SecReEvalBench: a Multi-Turned Security Resilience Evaluation Benchmark for Large Language Models
The increasing deployment of large language models in security-sensitive domains necessitates rigorous evaluation of their resilience against adversarial prompt-based attacks. While previous benchmarks have focused on security evaluations with limited and predefined attack domains, such as...
Red Teaming the Mind of the Machine: a Systematic Evaluation of Prompt Injection and Jailbreak Vulnerabilities in LLMs
Large Language Models LLMs are increasingly integrated into consumer and enterprise applications. Despite their capabilities, they remain susceptible to adversarial attacks such as prompt injection and jailbreaks that override alignment safeguards. This paper provides a systematic investigation o...
Security Steerability Is All You Need
The adoption of Generative AI GenAI in various applications inevitably comes with expanding the attack surface, combining new security threats along with the traditional ones. Consequently, numerous research and industrial initiatives aim to mitigate these security threats in GenAI by developing...
Towards Effective Identification of Attack Techniques in Cyber Threat Intelligence Reports Using Large Language Models
This work evaluates the performance of Cyber Threat Intelligence CTI extraction methods in identifying attack techniques from threat reports available on the web using the MITRE ATT&CK framework. We analyse four configurations utilising state-of-the-art tools, including the Threat Report ATT&CK...
The Digital Cybersecurity Expert: How Far Have We Come?
The increasing deployment of large language models LLMs in the cybersecurity domain underscores the need for effective model selection and evaluation. However, traditional evaluation methods often overlook specific cybersecurity knowledge gaps that contribute to performance limitations. To addres...