6894 matches found
TrustConnect: an In-Vehicle Anomaly Detection Framework through Topology-Based Trust Rating
Modern vehicles are equipped with numerous in-vehicle components that interact with the external environment through remote communications and services, such as Bluetooth and vehicle-to-infrastructure communication. These components form a network, exchanging information to ensure the proper...
Scoring the Unscorables: Cyber Risk Assessment beyond Internet Scans
In this paper we present a study on using novel data types to perform cyber risk quantification by estimating the likelihood of a data breach. We demonstrate that it is feasible to build a highly accurate cyber risk assessment model using public and readily available technology signatures obtaine...
Towards Lifecycle Unlearning Commitment Management: Measuring Sample-Level Unlearning Completeness
Growing concerns over data privacy and security highlight the importance of machine unlearning--removing specific data influences from trained models without full retraining. Techniques like Membership Inference Attacks MIAs are widely used to externally assess successful unlearning. However,...
GeoClip: Geometry-Aware Clipping for Differentially Private SGD
Differentially private stochastic gradient descent DP-SGD is the most widely used method for training machine learning models with provable privacy guarantees. A key challenge in DP-SGD is setting the per-sample gradient clipping threshold, which significantly affects the trade-off between privac...
Dual-Conditional Deep Generation of Network Traffic Data for Network Intrusion Detection System Balancing
Whitepaper called Dual-Conditional Deep Generation Of Network Traffic Data For Network Intrusion Detection System Balancing...
SDN-Based False Data Detection with Its Mitigation and Machine Learning Robustness for In-Vehicle Networks
As the development of autonomous and connected vehicles advances, the complexity of modern vehicles increases, with numerous Electronic Control Units ECUs integrated into the system. In an in-vehicle network, these ECUs communicate with one another using an standard protocol called Controller Are...
Optimization-Free Universal Watermark Forgery with Regenerative Diffusion Models
Watermarking becomes one of the pivotal solutions to trace and verify the origin of synthetic images generated by artificial intelligence models, but it is not free of risks. Recent studies demonstrate the capability to forge watermarks from a target image onto cover images via adversarial...
What Really Is a Member? Discrediting Membership Inference Via Poisoning
Membership inference tests aim to determine whether a particular data point was included in a language model's training set. However, recent works have shown that such tests often fail under the strict definition of membership based on exact matching, and have suggested relaxing this definition t...
PoCGen: Generating Proof-Of-Concept Exploits for Vulnerabilities in Npm Packages
Security vulnerabilities in software packages are a significant concern for developers and users alike. Patching these vulnerabilities in a timely manner is crucial to restoring the integrity and security of software systems. However, previous work has shown that vulnerability reports often lack...
SATversary: Adversarial Attacks on Satellite Fingerprinting
As satellite systems become increasingly vulnerable to physical layer attacks via SDRs, novel countermeasures are being developed to protect critical systems, particularly those lacking cryptographic protection, or those which cannot be upgraded to support modern cryptography. Among these is...
Faraday 5.14.1
Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use...
Securing Traffic Sign Recognition Systems in Autonomous Vehicles
Deep Neural Networks DNNs are widely used for traffic sign recognition because they can automatically extract high-level features from images. These DNNs are trained on large-scale datasets obtained from unknown sources. Therefore, it is important to ensure that the models remain secure and are n...
Cyber Security of Sensor Systems for State Sequence Estimation: an AI Approach
Sensor systems are extremely popular today and vulnerable to sensor data attacks. Due to possible devastating consequences, counteracting sensor data attacks is an extremely important topic, which has not seen sufficient study. This paper develops the first methods that accurately...
Stealix: Model Stealing Via Prompt Evolution
Model stealing poses a significant security risk in machine learning by enabling attackers to replicate a black-box model without access to its training data, thus jeopardizing intellectual property and exposing sensitive information. Recent methods that use pre-trained diffusion models for data...
Falco 0.41.1
Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco...
GNUnet P2P Framework 0.24.2
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP IPv4 and IPv6, TCP IPv4 and IPv6, HTTP, o...
NIH BRICS 14.0.0-67 Predictable Tokens
NIH BRICS aka Biomedical Research Informatics Computing System through 14.0.0-67 generates predictable tokens that depend on username, time, and the fixed 7Dl9dj- string and thus allows unauthenticated users with a Common Access Card CAC to escalate privileges and compromise any account, includin...
Stochastic Training for Side-Channel Resilient AI
The confidentiality of trained AI models on edge devices is at risk from side-channel attacks exploiting power and electromagnetic emissions. This paper proposes a novel training methodology to enhance resilience against such threats by introducing randomized and interchangeable model...
Membership Inference Attacks for Unseen Classes
Shadow model attacks are the state-of-the-art approach for membership inference attacks on machine learning models. However, these attacks typically assume an adversary has access to a background nonmember data distribution that matches the distribution the target model was trained on. We initiat...
There'S Waldo: PCB Tamper Forensic Analysis Using Explainable AI on Impedance Signatures
The security of printed circuit boards PCBs has become increasingly vital as supply chain vulnerabilities, including tampering, present significant risks to electronic systems. While detecting tampering on a PCB is the first step for verification, forensics is also needed to identify the modified...
Combating Reentrancy Bugs on Sharded Blockchains
Reentrancy is a well-known source of smart contract bugs on Ethereum, leading e.g. to double-spending vulnerabilities in DeFi applications. But less is known about this problem in other blockchains, which can have significantly different execution models. Sharded blockchains in particular general...
Benchmarking Misuse Mitigation against Covert Adversaries
Existing language model safety evaluations focus on overt attacks and low-stakes tasks. Realistic attackers can subvert current safeguards by requesting help on small, benign-seeming tasks across many independent queries. Because individual queries do not appear harmful, the attack is hard to...
The Complexity of the SupportMinors Modeling for the MinRank Problem
In this note, we provide proven estimates for the complexity of the SupportMinors Modeling, mostly confirming the heuristic complexity estimates contained in the original article...
XWiki 15.10.10 Remote Code Execution
XWiki versions up to 15.10.10 proof of concept remote code execution exploit written in go...
PROVSYN: Synthesizing Provenance Graphs for Data Augmentation in Intrusion Detection Systems
Provenance graph analysis plays a vital role in intrusion detection, particularly against Advanced Persistent Threats APTs, by exposing complex attack patterns. While recent systems combine graph neural networks GNNs with natural language processing NLP to capture structural and semantic features...
Web Intellectual Property at Risk: Preventing Unauthorized Real-Time Retrieval by Large Language Models
The protection of cyber Intellectual Property IP such as web content is an increasingly critical concern. The rise of large language models LLMs with online retrieval capabilities enables convenient access to information but often undermines the rights of original content creators. As users...
PrivTru: a Privacy-By-Design Data Trustee Minimizing Information Leakage
Data trustees serve as intermediaries that facilitate secure data sharing between independent parties. This paper offers a technical perspective on Data trustees, guided by privacy-by-design principles. We introduce PrivTru, an instantiation of a data trustee that provably achieves optimal privac...
A Systematic Review of Poisoning Attacks against Large Language Models
With the widespread availability of pretrained Large Language Models LLMs and their training datasets, concerns about the security risks associated with their usage has increased significantly. One of these security risks is the threat of LLM poisoning attacks where an attacker modifies some part...
FIST: a Structured Threat Modeling Framework for Fraud Incidents
Fraudulent activities are rapidly evolving, employing increasingly diverse and sophisticated methods that pose serious threats to individuals, organizations, and society. This paper proposes the FIST Framework Fraud Incident Structured Threat Framework, an innovative structured threat modeling...
Depermissioning Web3: a Permissionless Accountable RPC Protocol for Blockchain Networks
In blockchain networks, so-called "full nodes" serve data to and relay transactions from clients through an RPC interface. This serving layer enables integration of "Web3" data, stored on blockchains, with "Web2" mobile or web applications that cannot directly participate as peers in a blockchain...
Obfuscation-Resilient Binary Code Similarity Analysis Using Dominance Enhanced Semantic Graph
Binary code similarity analysis BCSA serves as a core technique for binary analysis tasks such as vulnerability detection. While current graph-based BCSA approaches capture substantial semantics and show strong performance, their performance suffers under code obfuscation due to the unstable...
To Protect the LLM Agent against the Prompt Injection Attack with Polymorphic Prompt
LLM agents are widely used as agents for customer support, content generation, and code assistance. However, they are vulnerable to prompt injection attacks, where adversarial inputs manipulate the model's behavior. Traditional defenses like input sanitization, guard models, and guardrails are...
Rethinking Machine Unlearning in Image Generation Models
With the surge and widespread application of image generation models, data privacy and content safety have become major concerns and attracted great attention from users, service providers, and policymakers. Machine unlearning MU is recognized as a cost-effective and promising means to address...
Differentially Private Explanations for Clusters
The dire need to protect sensitive data has led to various flavors of privacy definitions. Among these, Differential privacy DP is considered one of the most rigorous and secure notions of privacy, enabling data analysis while preserving the privacy of data contributors. One of the fundamental...
HeavyWater and SimplexWater: Watermarking Low-Entropy Text Distributions
Large language model LLM watermarks enable authentication of text provenance, curb misuse of machine-generated text, and promote trust in AI systems. Current watermarks operate by changing the next-token predictions output by an LLM. The updated i.e., watermarked predictions depend on random side...
WordPress HyperComments 1.2.2 Privilege Escalation
WordPress HyperComments plugin versions 1.2.2 and below suffer from an unauthenticated remote privilege escalation vulnerability...
Joint-GCG: Unified Gradient-Based Poisoning Attacks on Retrieval-Augmented Generation Systems
Retrieval-Augmented Generation RAG systems enhance Large Language Models LLMs by retrieving relevant documents from external corpora before generating responses. This approach significantly expands LLM capabilities by leveraging vast, up-to-date external knowledge. However, this reliance on...
Wireshark Analyzer 4.4.7
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. Thi...
Saffron-1: Towards an Inference Scaling Paradigm for LLM Safety Assurance
Existing safety assurance research has primarily focused on training-phase alignment to instill safe behaviors into LLMs. However, recent studies have exposed these methods' susceptibility to diverse jailbreak attacks. Concurrently, inference scaling has significantly advanced LLM reasoning...
Conformal-DP: Data Density Aware Privacy on Riemannian Manifolds Via Conformal Transformation
Whitepaper called Conformal-DP: Data Density Aware Privacy On Riemannian Manifolds Via Conformal Transformation...
A Certified Unlearning Approach without Access to Source Data
With the growing adoption of data privacy regulations, the ability to erase private or copyrighted information from trained models has become a crucial requirement. Traditional unlearning methods often assume access to the complete training dataset, which is unrealistic in scenarios where the...
Breaking the Gaussian Barrier: Residual-PAC Privacy for Automatic Privatization
The Probably Approximately Correct PAC Privacy framework 1 provides a powerful instance-based methodology for certifying privacy in complex data-driven systems. However, existing PAC Privacy algorithms rely on a Gaussian mutual information upper bound. We show that this is in general too...
Comprehensive Vulnerability Analysis Is Necessary for Trustworthy LLM-MAS
This paper argues that a comprehensive vulnerability analysis is essential for building trustworthy Large Language Model-based Multi-Agent Systems LLM-MAS. These systems, which consist of multiple LLM-powered agents working collaboratively, are increasingly deployed in high-stakes applications bu...
Explainer-Guided Targeted Adversarial Attacks against Binary Code Similarity Detection Models
Binary code similarity detection BCSD serves as a fundamental technique for various software engineering tasks, e.g., vulnerability detection and classification. Attacks against such models have therefore drawn extensive attention, aiming at misleading the models to generate erroneous predictions...
Sentinel: SOTA Model to Protect against Prompt Injections
Large Language Models LLMs are increasingly powerful but remain vulnerable to prompt injection attacks, where malicious inputs cause the model to deviate from its intended instructions. This paper introduces Sentinel, a novel detection model, qualifire/prompt-injection-sentinel, based on the...
Hermes: High-Performance Homomorphically Encrypted Vector Databases
Whitepaper called Hermes: High-Performance Homomorphically Encrypted Vector Databases...
Hybrid Stabilization Protocol for Cross-Chain Digital Assets Using Adaptor Signatures and AI-Driven Arbitrage
Stablecoins face an unresolved trilemma of balancing decentralization, stability, and regulatory compliance. We present a hybrid stabilization protocol that combines crypto-collateralized reserves, algorithmic futures contracts, and cross-chain liquidity pools to achieve robust price adherence...
Incentivizing Collaborative Breach Detection
Decoy passwords, or "honeywords," alert a site to its breach if they are ever entered in a login attempt on that site. However, an attacker can identify a user-chosen password from among the decoys, without risk of alerting the site to its breach, by performing credential stuffing, i.e., entering...
Privacy Amplification through Synthetic Data: Insights from Linear Regression
Synthetic data inherits the differential privacy guarantees of the model used to generate it. Additionally, synthetic data may benefit from privacy amplification when the generative model is kept hidden. While empirical studies suggest this phenomenon, a rigorous theoretical understanding is stil...
STOPA: a Database of Systematic VariaTion of DeePfake Audio for Open-Set Source Tracing and Attribution
A key research area in deepfake speech detection is source tracing - determining the origin of synthesised utterances. The approaches may involve identifying the acoustic model AM, vocoder model VM, or other generation-specific parameters. However, progress is limited by the lack of a dedicated,...