6894 matches found
Can We Infer Confidential Properties of Training Data from LLMs?
Large language models LLMs are increasingly fine-tuned on domain-specific datasets to support applications in fields such as healthcare, finance, and law. These fine-tuning datasets often have sensitive and confidential dataset-level properties -- such as patient demographics or disease prevalenc...
Optimal Piecewise-Based Mechanism for Collecting Bounded Numerical Data under Local Differential Privacy
Numerical data with bounded domains is a common data type in personal devices, such as wearable sensors. While the collection of such data is essential for third-party platforms, it raises significant privacy concerns. Local differential privacy LDP has been shown as a framework providing provabl...
Monitoring Decomposition Attacks in LLMs with Lightweight Sequential Monitors
Current LLM safety defenses fail under decomposition attacks, where a malicious goal is decomposed into benign subtasks that circumvent refusals. The challenge lies in the existing shallow safety alignment techniques: they only detect harm in the immediate prompt and do not reason about long-rang...
Social Media Reactions to Open Source Promotions: AI-Powered GitHub Projects on Hacker News
Social media platforms have become more influential than traditional news sources, shaping public discourse and accelerating the spread of information. With the rapid advancement of artificial intelligence AI, open-source software OSS projects can leverage these platforms to gain visibility and...
Step-By-Step Reasoning Attack: Revealing 'Erased' Knowledge in Large Language Models
Whitepaper called Step-By-Step Reasoning Attack: Revealing 'Erased' Knowledge In Large Language Models...
SOSBENCH: Benchmarking Safety Alignment on Scientific Knowledge
Large language models LLMs exhibit advancing capabilities in complex tasks, such as reasoning and graduate-level question answering, yet their resilience against misuse, particularly involving scientifically sophisticated risks, remains underexplored. Existing safety benchmarks typically focus...
A New Representation of Binary Sequences by Means of Boolean Functions
Boolean functions and binary sequences are main tools used in cryptography. In this work, we introduce a new bijection between the set of Boolean functions and the set of binary sequences with period a power of two. We establish a connection between them which allows us to study some properties o...
Parallel Repetition for Post-Quantum Arguments
In this work, we show that parallel repetition of public-coin interactive arguments reduces the soundness error at an exponential rate even in the post-quantum setting. Moreover, we generalize this result to hold for threshold verifiers, where the parallel repeated verifier accepts if and only if...
Computational Attestations of Polynomial Integrity Towards Verifiable Machine-Learning
Machine-learning systems continue to advance at a rapid pace, demonstrating remarkable utility in various fields and disciplines. As these systems continue to grow in size and complexity, a nascent industry is emerging which aims to bring machine-learning-as-a-service MLaaS to market. Outsourcing...
WordPress Traffic Monitor 3.2.2 Unauthenticated Bot Logging Disable
This repository features a Nuclei template specifically designed to detect an unauthenticated bot logging disable vulnerability in the Traffic Monitor WordPress plugin. This issue allows unauthenticated attackers to remotely disable bot logging via a vulnerable AJAX action. It affects versions up...
Graph-Based Floor Separation Using Node Embeddings and Clustering of WiFi Trajectories
Indoor positioning systems IPSs are increasingly vital for location-based services in complex multi-storey environments. This study proposes a novel graph-based approach for floor separation using Wi-Fi fingerprint trajectories, addressing the challenge of vertical localization in indoor settings...
Disclosure Audits for LLM Agents
Large Language Model agents have begun to appear as personal assistants, customer service bots, and clinical aides. While these applications deliver substantial operational benefits, they also require continuous access to sensitive data, which increases the likelihood of unauthorized disclosures...
Bhatt Conjectures: on Necessary-But-Not-Sufficient Benchmark Tautology for Human like Reasoning
The Bhatt Conjectures framework introduces rigorous, hierarchical benchmarks for evaluating AI reasoning and understanding, moving beyond pattern matching to assess representation invariance, robustness, and metacognitive self-awareness. The agentreasoning-sdk demonstrates practical implementatio...
Towards Understanding the Cognitive Habits of Large Reasoning Models
Large Reasoning Models LRMs, which autonomously produce a reasoning Chain of Thought CoT before producing final responses, offer a promising approach to interpreting and monitoring model behaviors. Inspired by the observation that certain CoT patterns -- e.g., "Wait, did I miss anything?'' --...
Training RL Agents for Multi-Objective Network Defense Tasks
Open-ended learning OEL -- which emphasizes training agents that achieve broad capability over narrow competency -- is emerging as a paradigm to develop artificial intelligence AI agents to achieve robustness and generalization. However, despite promising results that demonstrate the benefits of...
Custom API Generator for Cross Platform and Import Export in WP 2.0.3 Privilege Escalation
WordPress REST API | Custom API Generator For Cross Platform And Import Export In WP plugin versions 1.0.0 through 2.0.3 are susceptible to a privilege escalation vulnerability due to a missing capability check on the processhandler...
AgentVigil: Generic Black-Box Red-Teaming for Indirect Prompt Injection against LLM Agents
The strong planning and reasoning capabilities of Large Language Models LLMs have fostered the development of agent-based systems capable of leveraging external tools and interacting with increasingly complex environments. However, these powerful features also introduce a critical security risk:...
Firefox JavaScript Use-After-Free
Firefox has an issues where JavaScript can run during XSLTProcessor transform, leading to a use-after-free condition...
GaussMarker: Robust Dual-Domain Watermark for Diffusion Models
As Diffusion Models DM generate increasingly realistic images, related issues such as copyright and misuse have become a growing concern. Watermarking is one of the promising solutions. Existing methods inject the watermark into the single-domain of initial Gaussian noise for generation, which...
ObfusBFA: a Holistic Approach to Safeguarding DNNs from Different Types of Bit-Flip Attacks
Bit-flip attacks BFAs represent a serious threat to Deep Neural Networks DNNs, where flipping a small number of bits in the model parameters or binary code can significantly degrade the model accuracy or mislead the model prediction in a desired way. Existing defenses exclusively focus on...
GOLIATH: a Decentralized Framework for Data Collection in Intelligent Transportation Systems
Intelligent Transportation Systems ITSs technology has advanced during the past years, and it is now used for several applications that require vehicles to exchange real-time data, such as in traffic information management. Traditionally, road traffic information has been collected using on-site...
Adaptive Chosen-Ciphertext Security of Distributed Broadcast Encryption
Distributed broadcast encryption DBE is a specific kind of broadcast encryption BE where users independently generate their own public and private keys, and a sender can efficiently create a ciphertext for a subset of users by using the public keys of the subset users. Previously proposed DBE...
ChineseHarm-Bench: a Chinese Harmful Content Detection Benchmark
Large language models LLMs have been increasingly applied to automated harmful content detection tasks, assisting moderators in identifying policy violations and improving the overall efficiency and accuracy of content review. However, existing resources for harmful content detection are...
SMB NTLM Hash Leakage
This is a proof of concept for exploiting CVE-2025-24071, a vulnerability in Windows that allows NTLM hash leakage via .library-ms files. This version diverges slightly from others by using a .tar archive instead of a .zip, which improves compatibility in SMB-only environments...
TED-LaST: Towards Robust Backdoor Defense against Adaptive Attacks
Deep Neural Networks DNNs are vulnerable to backdoor attacks, where attackers implant hidden triggers during training to maliciously control model behavior. Topological Evolution Dynamics TED has recently emerged as a powerful tool for detecting backdoor attacks in DNNs. However, TED can be...
Single Block On
In the digital age, individuals increasingly maintain active presences across multiple platforms ranging from social media and messaging applications to professional and communication tools. However, the current model for managing user level privacy and abuse is siloed, requiring users to block...
SoK: Evaluating Jailbreak Guardrails for Large Language Models
Large Language Models LLMs have achieved remarkable progress, but their deployment has exposed critical vulnerabilities, particularly to jailbreak attacks that circumvent safety mechanisms. Guardrails--external defense mechanisms that monitor and control LLM interaction--have emerged as a promisi...
Commitment Schemes for Multi-Party Computation
The paper presents an analysis of Commitment Schemes CSs used in Multi-Party Computation MPC protocols. While the individual properties of CSs and the guarantees offered by MPC have been widely studied in isolation, their interrelation in concrete protocols and applications remains mostly...
Differentially Private Relational Learning with Entity-Level Privacy Guarantees
Learning with relational and network-structured data is increasingly vital in sensitive domains where protecting the privacy of individual entities is paramount. Differential Privacy DP offers a principled approach for quantifying privacy risks, with DP-SGD emerging as a standard mechanism for...
Chain-Of-Code Collapse: Reasoning Failures in LLMs Via Adversarial Prompting in Code Generation
Large Language Models LLMs have achieved remarkable success in tasks requiring complex reasoning, such as code generation, mathematical problem solving, and algorithmic synthesis -- especially when aided by reasoning tokens and Chain-of-Thought prompting. Yet, a core question remains: do these...
ME: Trigger Element Combination Backdoor Attack on Copyright Infringement
The capability of generative diffusion models DMs like Stable Diffusion SD in replicating training data could be taken advantage of by attackers to launch the Copyright Infringement Attack, with duplicated poisoned image-text pairs. SilentBadDiffusion SBD is a method proposed recently, which shew...
TimberStrike: Dataset Reconstruction Attack Revealing Privacy Leakage in Federated Tree-Based Systems
Federated Learning has emerged as a privacy-oriented alternative to centralized Machine Learning, enabling collaborative model training without direct data sharing. While extensively studied for neural networks, the security and privacy implications of tree-based models remain underexplored. This...
Byzantine Outside, Curious Inside: Reconstructing Data through Malicious Updates
Federated learning FL enables decentralized machine learning without sharing raw data, allowing multiple clients to collaboratively learn a global model. However, studies reveal that privacy leakage is possible under commonly adopted FL protocols. In particular, a server with access to client...
Bias Amplification in RAG: Poisoning Knowledge Retrieval to Steer LLMs
In Large Language Models, Retrieval-Augmented Generation RAG systems can significantly enhance the performance of large language models by integrating external knowledge. However, RAG also introduces new security risks. Existing research focuses mainly on how poisoning attacks in RAG systems affe...
TooBadRL: Trigger Optimization to Boost Effectiveness of Backdoor Attacks on Deep Reinforcement Learning
Deep reinforcement learning DRL has achieved remarkable success in a wide range of sequential decision-making domains, including robotics, healthcare, smart grids, and finance. Recent research demonstrates that attackers can efficiently exploit system vulnerabilities during the training phase to...
User Perceptions and Attitudes toward Untraceability in Messaging Platforms
Mainstream messaging platforms offer a variety of features designed to enhance user privacy, such as disappearing messages, password-protected chats, and end-to-end encryption E2EE, which primarily protect message contents. Beyond contents, the transmission of messages generates metadata that can...
A Crack in the Bark: Leveraging Public Knowledge to Remove Tree-Ring Watermarks
We present a novel attack specifically designed against Tree-Ring, a watermarking technique for diffusion models known for its high imperceptibility and robustness against removal attacks. Unlike previous removal attacks, which rely on strong assumptions about attacker capabilities, our attack on...
From IOCs to Group Profiles: on the Specificity of Threat Group Behaviors in CTI Knowledge Bases
Indicators of Compromise IOCs such as IP addresses, file hashes, and domain names are commonly used for threat detection and attribution. However, IOCs tend to be short-lived as they are easy to change. As a result, the cybersecurity community is shifting focus towards more persistent behavioral...
MAYA: Addressing Inconsistencies in Generative Password Guessing through a Unified Benchmark
Recent advances in generative models have led to their application in password guessing, with the aim of replicating the complexity, structure, and patterns of human-created passwords. Despite their potential, inconsistencies and inadequate evaluation methodologies in prior research have hindered...
Multi-Modal Multi-Task Federated Foundation Models for Next-Generation Extended Reality Systems: Towards Privacy-Preserving Distributed Intelligence in AR/VR/MR
Extended reality XR systems, which consist of virtual reality VR, augmented reality AR, and mixed reality XR, offer a transformative interface for immersive, multi-modal, and embodied human-computer interaction. In this paper, we envision that multi-modal multi-task M3T federated foundation model...
CyFence: Securing Cyber-Physical Controllers Via Trusted Execution Environment
In the last decades, Cyber-physical Systems CPSs have experienced a significant technological evolution and increased connectivity, at the cost of greater exposure to cyber-attacks. Since many CPS are used in safety-critical systems, such attacks entail high risks and potential safety harms...
SOFT: Selective Data Obfuscation for Protecting LLM Fine-Tuning against Membership Inference Attacks
Whitepaper called SOFT: Selective Data Obfuscation For Protecting LLM Fine-Tuning Against Membership Inference Attacks...
Quantifying Azure RBAC Wildcard Overreach
Azure RBAC leverages wildcard permissions to simplify policy authoring, but this abstraction often obscures the actual set of allowed operations and undermines least-privilege guarantees. We introduce Belshazaar, a two-stage framework that targets both the effective permission set problem and the...
FicGCN: Unveiling the Homomorphic Encryption Efficiency from Irregular Graph Convolutional Networks
Graph Convolutional Neural Networks GCNs have gained widespread popularity in various fields like personal healthcare and financial systems, due to their remarkable performance. Despite the growing demand for cloud-based GCN services, privacy concerns over sensitive graph data remain significant...
Assessing the Resilience of Automotive Intrusion Detection Systems to Adversarial Manipulation
The security of modern vehicles has become increasingly important, with the controller area network CAN bus serving as a critical communication backbone for various Electronic Control Units ECUs. The absence of robust security measures in CAN, coupled with the increasing connectivity of vehicles,...
WebKit Cross Site CSS Rule / Redirect URL Disclosure
WebKit suffers from a cross site CSS rule and redirect URL disclosure vulnerability...
Uncovering Reliable Indicators: Improving IoC Extraction from Threat Reports
Indicators of Compromise IoCs are critical for threat detection and response, marking malicious activity across networks and systems. Yet, the effectiveness of automated IoC extraction systems is fundamentally limited by one key issue: the lack of high-quality ground truth. Current extraction too...
Guardians of the Regime: When and Why Autocrats Create Secret Police
Autocrats use secret police to stay in power, as these organizations deter and suppress opposition to their rule. Existing research shows that secret police are very good at this but, surprisingly, also that they are not as ubiquitous in autocracies as one may assume, existing in less than 50% of...
AI-Based Software Vulnerability Detection: a Systematic Literature Review
Software vulnerabilities in source code pose serious cybersecurity risks, prompting a shift from traditional detection methods e.g., static analysis, rule-based matching to AI-driven approaches. This study presents a systematic review of software vulnerability detection SVD research from 2018 to...
Physical Layer-Based Device Fingerprinting for Wireless Security: from Theory to Practice
The identification of the devices from which a message is received is part of security mechanisms to ensure authentication in wireless communications. Conventional authentication approaches are cryptography-based, which, however, are usually computationally expensive and not adequate in the...