6894 matches found
Beyond Personalization: Federated Recommendation with Calibration Via Low-Rank Decomposition
Federated recommendation FR is a promising paradigm to protect user privacy in recommender systems. Distinct from general federated scenarios, FR inherently needs to preserve client-specific parameters, i.e., user embeddings, for privacy and personalization. However, we empirically find that...
Design Patterns for Securing LLM Agents against Prompt Injections
As AI agents powered by Large Language Models LLMs become increasingly versatile and capable of addressing a broad spectrum of tasks, ensuring their security has become a critical challenge. Among the most pressing threats are prompt injection attacks, which exploit the agent's resilience on...
LLMail-Inject: a Dataset from a Realistic Adaptive Prompt Injection Challenge
Indirect Prompt Injection attacks exploit the inherent limitation of Large Language Models LLMs to distinguish between instructions and data in their inputs. Despite numerous defense proposals, the systematic evaluation against adaptive adversaries remains limited, even when successful attacks ca...
Generate-Then-Verify: Reconstructing Data from Limited Published Statistics
Whitepaper called Generate-Then-Verify: Reconstructing Data From Limited Published Statistics...
TRIDENT -- a Three-Tier Privacy-Preserving Propaganda Detection Model in Mobile Networks Using Transformers, Adversarial Learning, and Differential Privacy
The proliferation of propaganda on mobile platforms raises critical concerns around detection accuracy and user privacy. To address this, we propose TRIDENT - a three-tier propaganda detection model implementing transformers, adversarial learning, and differential privacy which integrates syntact...
ELFuzz: Efficient Input Generation Via LLM-Driven Synthesis over Fuzzer Space
Generation-based fuzzing produces appropriate testing cases according to specifications of input grammars and semantic constraints to test systems and software. However, these specifications require significant manual efforts to construct. This paper proposes a new approach, ELFuzz Evolution...
Epass: Efficient and Privacy-Preserving Asynchronous Payment on Blockchain
Whitepaper called Epass: Efficient And Privacy-Preserving Asynchronous Payment On Blockchain...
GenBreak: Red Teaming Text-To-Image Generators Using Large Language Models
Text-to-image T2I models such as Stable Diffusion have advanced rapidly and are now widely used in content creation. However, these models can be misused to generate harmful content, including nudity or violence, posing significant safety risks. While most platforms employ content moderation...
From Concept to Measurement: a Survey of How the Blockchain Trilemma Can Be Analyzed
To meet non-functional requirements, practitioners must identify Pareto-optimal configurations of the degree of decentralization, scalability, and security of blockchain systems. Maximizing all of these subconcepts is, however, impossible due to the trade-offs highlighted by the blockchain...
Digital Privacy Everywhere
The increasing proliferation of digital and mobile devices equipped with cameras, microphones, GPS, and other privacy invasive components has raised significant concerns for businesses operating in sensitive or policy restricted environments. Current solutions rely on passive enforcement, such as...
Efficient Modular Multiplier over GF (2^M) for ECPM
Elliptic curve cryptography ECC has emerged as the dominant public-key protocol, with NIST standardizing parameters for binary field GF2^m ECC systems. This work presents a hardware implementation of a Hybrid Multiplication technique for modular multiplication over binary field GF2m, targeting NI...
Multiverse Privacy Theory for Contextual Risks in Complex User-AI Interactions
In an era of increasing interaction with artificial intelligence AI, users face evolving privacy decisions shaped by complex, uncertain factors. This paper introduces Multiverse Privacy Theory, a novel framework in which each privacy decision spawns a parallel universe, representing a distinct...
Learning Obfuscations of LLM Embedding Sequences: Stained Glass Transform
The high cost of ownership of AI compute infrastructure and challenges of robust serving of large language models LLMs has led to a surge in managed Model-as-a-service deployments. Even when enterprises choose on-premises deployments, the compute infrastructure is typically shared across many tea...
On the Impossibility of a Perfect Hypervisor
We establish a fundamental impossibility result for a perfect hypervisor', one that 1 preserves every observable behavior of any program exactly as on bare metal and 2 adds zero timing or resource overhead. Within this model we prove two theorems. 1 Indetectability Theorem. If such a hypervisor...
Expert-In-The-Loop Systems with Cross-Domain and In-Domain Few-Shot Learning for Software Vulnerability Detection
As cyber threats become more sophisticated, rapid and accurate vulnerability detection is essential for maintaining secure systems. This study explores the use of Large Language Models LLMs in software vulnerability assessment by simulating the identification of Python code with known Common...
DiffUMI: Training-Free Universal Model Inversion Via Unconditional Diffusion for Face Recognition
Face recognition technology presents serious privacy risks due to its reliance on sensitive and immutable biometric data. To address these concerns, such systems typically convert raw facial images into embeddings, which are traditionally viewed as privacy-preserving. However, model inversion...
Identity and Access Management for the Computing Continuum
The computing continuum introduces new challenges for access control due to its dynamic, distributed, and heterogeneous nature. In this paper, we propose a Zero-Trust ZT access control solution that leverages decentralized identification and authentication mechanisms based on Decentralized...
SALAD: Systematic Assessment of Machine Unlearing on LLM-Aided Hardware Design
Large Language Models LLMs offer transformative capabilities for hardware design automation, particularly in Verilog code generation. However, they also pose significant data security challenges, including Verilog evaluation data contamination, intellectual property IP design leakage, and the ris...
LLMs Cannot Reliably Judge (Yet?): a Comprehensive Assessment on the Robustness of LLM-As-A-Judge
Large Language Models LLMs have demonstrated remarkable intelligence across various tasks, which has inspired the development and widespread adoption of LLM-as-a-Judge systems for automated model testing, such as red teaming and benchmarking. However, these systems are susceptible to adversarial...
Prompt Attacks Reveal Superficial Knowledge Removal in Unlearning Methods
In this work, we show that some machine unlearning methods may fail when subjected to straightforward prompt attacks. We systematically evaluate eight unlearning techniques across three model families, and employ output-based, logit-based, and probe analysis to determine to what extent supposedly...
The Rabin Cryptosystem over Number Fields
We extend Rabin's cryptosystem to general number fields. We show that decryption of a random plaintext is as hard as the integer factorisation problem, provided the modulus in our scheme has been chosen carefully. We investigate the performance of our new cryptosystem in comparison with the...
Covert Entanglement Generation over Bosonic Channels
Whitepaper called Covert Entanglement Generation Over Bosonic Channels...
Securing Open RAN: a Survey of Cryptographic Challenges and Emerging Solutions for 5G
The advent of Open Radio Access Networks O-RAN introduces modularity and flexibility into 5G deployments but also surfaces novel security challenges across disaggregated interfaces. This literature review synthesizes recent research across thirteen academic and industry sources, examining...
The Security Overview and Analysis of 3GPP 5G MAC CE
To more effectively control and allocate network resources, MAC CE has been introduced into the network protocol, which is a type of control signaling located in the MAC layer. Since MAC CE lacks encryption and integrity protection mechanisms provided by PDCP, the control signaling carried by MAC...
A Comprehensive Survey of Unmanned Aerial Systems' Risks and Mitigation Strategies
In the last decade, the rapid growth of Unmanned Aircraft Systems UAS and Unmanned Aircraft Vehicles UAV in communication, defense, and transportation has increased. The application of UAS will continue to increase rapidly. This has led researchers to examine security vulnerabilities in various...
The Everyday Security of Living with Conflict
When cyber' is used as a prefix, attention is typically drawn to the technological and spectacular aspects of war and conflict -- and, by extension, security. We offer a different approach to engaging with and understanding security in such contexts, by foregrounding the everyday -- mundane --...
Oracle-Based Multistep Strategy for Solving Polynomial Systems over Finite Fields and Algebraic Cryptanalysis of the Aradi Cipher
The multistep solving strategy consists in a divide-and-conquer approach: when a multivariate polynomial system is computationally infeasible to solve directly, one variable is assigned over the elements of the base finite field, and the procedure is recursively applied to the resulting simplifie...
Mapping NVD Records to Their VFCs: How Hard Is It?
Mapping National Vulnerability Database NVD records to vulnerability-fixing commits VFCs is crucial for vulnerability analysis but challenging due to sparse explicit links in NVD references.This study explores this mapping's feasibility through an empirical approach. Manual analysis of NVD...
AURA: a Multi-Agent Intelligence Framework for Knowledge-Enhanced Cyber Threat Attribution
Effective attribution of Advanced Persistent Threats APTs increasingly hinges on the ability to correlate behavioral patterns and reason over complex, varied threat intelligence artifacts. We present AURA Attribution Using Retrieval-Augmented Agents, a multi-agent, knowledge-enhanced framework fo...
On the Virtues of Information Security in the UK Climate Movement
We report on an ethnographic study with members of the climate movement in the United Kingdom UK. We conducted participant observation and interviews at protests and in various activist settings. Reporting on the findings as they relate to information security, we show that members of the UK...
BF-Max: an Efficient Bit Flipping Decoder with Predictable Decoding Failure Rate
The Bit-Flipping BF decoder, thanks to its very low computational complexity, is widely employed in post-quantum cryptographic schemes based on Moderate Density Parity Check codes in which, ultimately, decryption boils down to syndrome decoding. In such a setting, for security concerns, one must...
First-Spammed, First-Served: MEV Extraction on Fast-Finality Blockchains
This research analyzes the economics of spam-based arbitrage strategies on fast-finality blockchains. We begin by theoretically demonstrating that, splitting a profitable MEV opportunity into multiple small transactions is the optimal strategy for CEX-DEX arbitrageurs. We then empirically validat...
Empirical Quantification of Spurious Correlations in Malware Detection
End-to-end deep learning exhibits unmatched performance for detecting malware, but such an achievement is reached by exploiting spurious correlations -- features with high relevance at inference time, but known to be useless through domain knowledge. While previous work highlighted that deep...
Differentially Private Federated $K$-Means Clustering with Server-Side Data
Clustering is a cornerstone of data analysis that is particularly suited to identifying coherent subgroups or substructures in unlabeled data, as are generated continuously in large amounts these days. However, in many cases traditional clustering methods are not applicable, because data are...
Effective Red-Teaming of Policy-Adherent Agents
Task-oriented LLM-based agents are increasingly used in domains with strict policies, such as refund eligibility or cancellation rules. The challenge lies in ensuring that the agent consistently adheres to these rules and policies, appropriately refusing any request that would violate them, while...
Unconditionally Secure Wireless-Wired Ground-Satellite-Ground Communication Networks Utilizing Classical and Quantum Noise
In this paper, we introduce the Kirchhoff-Law-Johnson-Noise KLJN as an approach to securing satellite communications. KLJN has the potential to revolutionize satellite communication security through its combination of simplicity, cost-effectiveness, and resilience with unconditional security...
Devil'S Hand: Data Poisoning Attacks to Locally Private Graph Learning Protocols
Graph neural networks GNNs have achieved significant success in graph representation learning and have been applied to various domains. However, many real-world graphs contain sensitive personal information, such as user profiles in social networks, raising serious privacy concerns when graph...
Lightweight and High-Throughput Secure Logging for Internet of Things and Cold Cloud Continuum
The growing deployment of resource-limited Internet of Things IoT devices and their expanding attack surfaces demand efficient and scalable security mechanisms. System logs are vital for the trust and auditability of IoT, and offloading their maintenance to a Cold Storage-as-a-Service Cold-STaaS...
WordPress Celestial Aura Theme 2.2 Shell Upload
WordPress Celestial Aura Theme versions 2.2 and below suffer from a remote shell upload vulnerability...
Adversarial Text Generation with Dynamic Contextual Perturbation
Adversarial attacks on Natural Language Processing NLP models expose vulnerabilities by introducing subtle perturbations to input text, often leading to misclassification while maintaining human readability. Existing methods typically focus on word-level or local text segment alterations,...
Evaluation Empirique De La Sécurisation Et De L'Alignement De ChatGPT Et Gemini: Analyse Comparative Des Vulnérabilités Par Expérimentations De Jailbreaks
Large Language models LLMs are transforming digital usage, particularly in text generation, image creation, information retrieval and code development. ChatGPT, launched by OpenAI in November 2022, quickly became a reference, prompting the emergence of competitors such as Google's Gemini. However...
Securing Generative AI Agentic Workflows: Risks, Mitigation, and a Proposed Firewall Architecture
Generative Artificial Intelligence GenAI presents significant advancements but also introduces novel security challenges, particularly within agentic workflows where AI agents operate autonomously. These risks escalate in multi-agent systems due to increased interaction complexity. This paper...
Striking Back at Cobalt: Using Network Traffic Metadata to Detect Cobalt Strike Masquerading Command and Control Channels
Off-the-shelf software for Command and Control is often used by attackers and legitimate pentesters looking for discretion. Among other functionalities, these tools facilitate the customization of their network traffic so it can mimic popular websites, thereby increasing their secrecy. Cobalt...
One Patch to Rule Them All: Transforming Static Patches into Dynamic Attacks in the Physical World
Numerous methods have been proposed to generate physical adversarial patches PAPs against real-world machine learning systems. However, each existing PAP typically supports only a single, fixed attack goal, and switching to a different objective requires re-generating and re-deploying a new PAP...
TimeWak: Temporal Chained-Hashing Watermark for Time Series Data
Synthetic time series generated by diffusion models enable sharing privacy-sensitive datasets, such as patients' functional MRI records. Key criteria for synthetic data include high data utility and traceability to verify the data source. Recent watermarking methods embed in homogeneous latent...
ZTaint-Havoc: from Havoc Mode to Zero-Execution Fuzzing-Driven Taint Inference
Fuzzing is a widely used technique for discovering software vulnerabilities, but identifying hot bytes that influence program behavior remains challenging. Traditional taint analysis can track such bytes white-box, but suffers from scalability issue. Fuzzing-Driven Taint Inference FTI offers a...
Your Agent Can Defend Itself against Backdoor Attacks
Despite their growing adoption across domains, large language model LLM-powered agents face significant security risks from backdoor attacks during training and fine-tuning. These compromised agents can subsequently be manipulated to execute malicious operations when presented with specific...
Do Concept Replacement Techniques Really Erase Unacceptable Concepts?
Generative models, particularly diffusion-based text-to-image T2I models, have demonstrated astounding success. However, aligning them to avoid generating content with unacceptable concepts e.g., offensive or copyrighted content, or celebrity likenesses remains a significant challenge. Concept...
ContextBuddy: AI-Enhanced Contextual Insights for Security Alert Investigation (Applied to Intrusion Detection)
Modern Security Operations Centres SOCs integrate diverse tools, such as SIEM, IDS, and XDR systems, offering rich contextual data, including alert enrichments, flow features, and similar case histories. Yet, analysts must still manually determine which of these contextual cues are most relevant...
Symbolic Generation and Modular Embedding of High-Quality Abc-Triples
We present a symbolic identity for generating integer triples $a, b, c$ satisfying $a + b = c$, inspired by structural features of the \emphabc conjecture. The construction uses powers of $2$ and $3$ in combination with modular inversion in $\mathbbZ/3^p\mathbbZ$, leading to a parametric identity...