Anonymous YARA Rules Are Not Anonymous

YARA rules are widely shared across threat intelligence communities to enable collective defence against malware. This practice implicitly assumes that removing metadata e.g., author fields sufficiently protects the identity of contributing organisations. To assess the validity of this assumption...

Adversarial Vulnerability under Temporal Concept Drift: A Longitudinal Study of Android Malware Detection

We present a longitudinal, drift-aware evaluation of adversarial robustness across more than a decade of Android applications using static and dynamic feature representations extracted from emulator and real-device executions. The dataset is organized into yearly slices and evaluated under three...

Robust Semi-Supervised Temporal Intrusion Detection for Adversarial Cloud Networks

Cloud networks increasingly rely on machine learning based Network Intrusion Detection Systems to defend against evolving cyber threats. However, real-world deployments are challenged by limited labeled data, non-stationary traffic, and adaptive adversaries. While semi-supervised learning can...

Retrofit: Continual Learning with Bounded Forgetting for Security Applications

Modern security analytics are increasingly powered by deep learning models, but their performance often degrades as threat landscapes evolve and data representations shift. While continual learning CL offers a promising paradigm to maintain model effectiveness, many approaches rely on full...