Lucene search
+L
PacketstormnewsRecent

6894 matches found

Packet Storm News
Packet Storm News
•added 2025/06/05 12:0 a.m.•5 views

Network Hexagons under Attack: Secure Crowdsourcing of Geo-Referenced Data

A critical requirement for modern-day Intelligent Transportation Systems ITS is the ability to collect geo-referenced data from connected vehicles and mobile devices in a safe, secure and anonymous way. The Nexagon protocol, which builds on the IETF Locator/ID Separation Protocol LISP and the...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/05 12:0 a.m.•5 views

On Automating Security Policies with Contemporary LLMs

The complexity of modern computing environments and the growing sophistication of cyber threats necessitate a more robust, adaptive, and automated approach to security enforcement. In this paper, we present a framework leveraging large language models LLMs for automating attack mitigation policy...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/05 12:0 a.m.•1 views

When Thinking LLMs Lie: Unveiling the Strategic Deception in Representations of Reasoning Models

The honesty of large language models LLMs is a critical alignment challenge, especially as advanced systems with chain-of-thought CoT reasoning may strategically deceive humans. Unlike traditional honesty issues on LLMs, which could be possibly explained as some kind of hallucination, those model...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/05 12:0 a.m.•6 views

Attack Effect Model Based Malicious Behavior Detection

Traditional security detection methods face three key challenges: inadequate data collection that misses critical security events, resource-intensive monitoring systems, and poor detection algorithms with high false positive rates. We present FEAD Focus-Enhanced Attack Detection, a framework that...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/05 12:0 a.m.•6 views

Big Bird: Privacy Budget Management for W3C'S Privacy-Preserving Attribution API

Privacy-preserving advertising APIs like Privacy-Preserving Attribution PPA are designed to enhance web privacy while enabling effective ad measurement. PPA offers an alternative to cross-site tracking with encrypted reports governed by differential privacy DP, but current designs lack a principl...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/05 12:0 a.m.•6 views

Why LLM Safety Guardrails Collapse after Fine-Tuning: a Similarity Analysis between Alignment and Fine-Tuning Datasets

Recent advancements in large language models LLMs have underscored their vulnerability to safety alignment jailbreaks, particularly when subjected to downstream fine-tuning. However, existing mitigation strategies primarily focus on reactively addressing jailbreak incidents after safety guardrail...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/05 12:0 a.m.•6 views

Toward a Human-Centered Evaluation Framework for Trustworthy LLM-Powered GUI Agents

The rise of Large Language Models LLMs has revolutionized Graphical User Interface GUI automation through LLM-powered GUI agents, yet their ability to process sensitive data with limited human oversight raises significant privacy and security risks. This position paper identifies three key risks ...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/05 12:0 a.m.•6 views

Hiding in Plain Sight: Query Obfuscation Via Random Multilingual Searches

Modern search engines extensively personalize results by building detailed user profiles based on query history and behaviour. While personalization can enhance relevance, it introduces privacy risks and can lead to filter bubbles. This paper proposes and evaluates a lightweight, client-side quer...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/05 12:0 a.m.•5 views

SECNEURON: Reliable and Flexible Abuse Control in Local LLMs Via Hybrid Neuron Encryption

Large language models LLMs with diverse capabilities are increasingly being deployed in local environments, presenting significant security and controllability challenges. These locally deployed LLMs operate outside the direct control of developers, rendering them more susceptible to abuse...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/05 12:0 a.m.•5 views

SoK: Are Watermarks in LLMs Ready for Deployment?

Large Language Models LLMs have transformed natural language processing, demonstrating impressive capabilities across diverse tasks. However, deploying these models introduces critical risks related to intellectual property violations and potential misuse, particularly as adversaries can imitate...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/05 12:0 a.m.•15 views

Beyond the Protocol: Unveiling Attack Vectors in the Model Context Protocol Ecosystem

The Model Context Protocol MCP is an emerging standard designed to enable seamless interaction between Large Language Model LLM applications and external tools or resources. Within a short period, thousands of MCP services have already been developed and deployed. However, the client-server...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/05 12:0 a.m.•4 views

Private Key and Password Protection by Steganographic Image Encryption

We propose a technique to protect and preserve a private key or a passcode in an encrypted two-dimensional graphical image. The plaintext private key or the passcode is converted into an encrypted QR code and embedded into a real-life color image with a steganographic scheme. The private key or t...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/05 12:0 a.m.•6 views

Identifying and Understanding Cross-Class Features in Adversarial Training

Adversarial training AT has been considered one of the most effective methods for making deep neural networks robust against adversarial attacks, while the training mechanisms and dynamics of AT remain open research problems. In this paper, we present a novel perspective on studying AT through th...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/05 12:0 a.m.•8 views

EMBER2024 -- a Benchmark Dataset for Holistic Evaluation of Malware Classifiers

A lack of accessible data has historically restricted malware analysis research, and practitioners have relied heavily on datasets provided by industry sources to advance. Existing public datasets are limited by narrow scope - most include files targeting a single platform, have labels supporting...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/05 12:0 a.m.•5 views

OpenCCA: an Open Framework to Enable Arm CCA Research

Confidential computing has gained traction across major architectures with Intel TDX, AMD SEV-SNP, and Arm CCA. Unlike TDX and SEV-SNP, a key challenge in researching Arm CCA is the absence of hardware support, forcing researchers to develop ad-hoc performance prototypes on non-CCA Arm boards. Th...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/05 12:0 a.m.•9 views

Breaking Anonymity at Scale: Re-Identifying the Trajectories of 100K Real Users in Japan

Mobility traces represent a critical class of personal data, often subjected to privacy-preserving transformations before public release. In this study, we analyze the anonymized Yjmob100k dataset, which captures the trajectories of 100,000 users in Japan, and demonstrate how existing anonymizati...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/05 12:0 a.m.•6 views

FedShield-LLM: a Secure and Scalable Federated Fine-Tuned Large Language Model

Federated Learning FL offers a decentralized framework for training and fine-tuning Large Language Models LLMs by leveraging computational resources across organizations while keeping sensitive data on local devices. It addresses privacy and security concerns while navigating challenges associate...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/05 12:0 a.m.•6 views

Urania: Differentially Private Insights into AI Use

We introduce $Urania$, a novel framework for generating insights about LLM chatbot interactions with rigorous differential privacy DP guarantees. The framework employs a private clustering mechanism and innovative keyword extraction methods, including frequency-based, TF-IDF-based, and LLM-guided...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/05 12:0 a.m.•4 views

Membership Inference Attacks on Sequence Models

Sequence models, such as Large Language Models LLMs and autoregressive image generators, have a tendency to memorize and inadvertently leak sensitive information. While this tendency has critical legal implications, existing tools are insufficient to audit the resulting risks. We hypothesize that...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/05 12:0 a.m.•5 views

MULTISS: Un Protocole De Stockage Confidentiel {À} Long Terme Sur Plusieurs R{É}Seaux QKD

This paper presents MULTISS, a new protocol for long-term storage distributed across multiple Quantum Key Distribution QKD networks. This protocol is an extension of LINCOS, a secure storage protocol that uses Shamir secret sharing for secret storage on a single QKD network. Our protocol uses...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/05 12:0 a.m.•11 views

A Private Smart Wallet with Probabilistic Compliance

We propose a privacy-preserving smart wallet with a novel invitation-based private onboarding mechanism. The solution integrates two levels of compliance in concert with an authority party: a proof of innocence mechanism and an ancestral commitment tracking system using bloom filters for...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/05 12:0 a.m.•4 views

StealthInk: a Multi-Bit and Stealthy Watermark for Large Language Models

Watermarking for large language models LLMs offers a promising approach to identifying AI-generated text. Existing approaches, however, either compromise the distribution of original generated text by LLMs or are limited to embedding zero-bit information that only allows for watermark detection b...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/05 12:0 a.m.•4 views

TracLLM: a Generic Framework for Attributing Long Context LLMs

Long context large language models LLMs are deployed in many real-world applications such as RAG, agent, and broad LLM-integrated applications. Given an instruction and a long context e.g., documents, PDF files, webpages, a long context LLM can generate an output grounded in the provided context,...

7.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/05 12:0 a.m.•7 views

Seven Security Challenges That Must Be Solved in Cross-Domain Multi-Agent LLM Systems

Large language models LLMs are rapidly evolving into autonomous agents that cooperate across organizational boundaries, enabling joint disaster response, supply-chain optimization, and other tasks that demand decentralized expertise without surrendering data ownership. Yet, cross-domain...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/05 12:0 a.m.•8 views

Deconstructing Obfuscation: a Four-Dimensional Framework for Evaluating Large Language Models Assembly Code Deobfuscation Capabilities

Large language models LLMs have shown promise in software engineering, yet their effectiveness for binary analysis remains unexplored. We present the first comprehensive evaluation of commercial LLMs for assembly code deobfuscation. Testing seven state-of-the-art models against four obfuscation...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/05 12:0 a.m.•5 views

tc Tor Chat Client 1.2

tc is a low-tech free solution to make yourself anonymously reachable for chat by anyone who only know your onion address and your public key. Messages are PGP encrypted end-to-end and forwarded by Tor's relays. Please note this tarball's hash will not match the main release hash on the tor site ...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/05 12:0 a.m.•5 views

Authenticated Private Set Intersection: a Merkle Tree-Based Approach for Enhancing Data Integrity

Private Set Intersection PSI enables secure computation of set intersections while preserving participant privacy, standard PSI existing protocols remain vulnerable to data integrity attacks allowing malicious participants to extract additional intersection information or mislead other parties. I...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/05 12:0 a.m.•5 views

Evaluating the Impact of Privacy-Preserving Federated Learning on CAN Intrusion Detection

The challenges derived from the data-intensive nature of machine learning in conjunction with technologies that enable novel paradigms such as V2X and the potential offered by 5G communication, allow and justify the deployment of Federated Learning FL solutions in the vehicular intrusion detectio...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/05 12:0 a.m.•4 views

Inclusive, Differentially Private Federated Learning for Clinical Data

Federated Learning FL offers a promising approach for training clinical AI models without centralizing sensitive patient data. However, its real-world adoption is hindered by challenges related to privacy, resource constraints, and compliance. Existing Differential Privacy DP approaches often app...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/05 12:0 a.m.•7 views

A Symmetric LWE-Based Multi-Recipient Cryptosystem

This article describes a post-quantum multirecipient symmetric cryptosystem whose security is based on the hardness of the LWE problem. In this scheme a single sender encrypts multiple messages for multiple recipients generating a single ciphertext which is broadcast to the recipients. Each...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/04 12:0 a.m.•7 views

QA-HFL: Quality-Aware Hierarchical Federated Learning for Resource-Constrained Mobile Devices with Heterogeneous Image Quality

This paper introduces QA-HFL, a quality-aware hierarchical federated learning framework that efficiently handles heterogeneous image quality across resource-constrained mobile devices. Our approach trains specialized local models for different image quality levels and aggregates their features...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/04 12:0 a.m.•5 views

Quantum Secure Key Exchange with Position-Based Credentials

Quantum key distribution QKD provides an information-theoretic way of securely exchanging secret keys, and typically relies on pre-shared keys or public keys for message authentication. To lift the requirement of pre-shared or public keys, Buhrman et. al. SIAM J. Comput. 43, 150 2014 proposed...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/04 12:0 a.m.•7 views

The Hashed Fractal Key Recovery (HFKR) Problem: from Symbolic Path Inversion to Post-Quantum Cryptographic Keys

Classical cryptographic systems rely heavily on structured algebraic problems, such as factorization, discrete logarithms, or lattice-based assumptions, which are increasingly vulnerable to quantum attacks and structural cryptanalysis. In response, this work introduces the Hashed Fractal Key...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/04 12:0 a.m.•6 views

Clustering and Median Aggregation Improve Differentially Private Inference

Differentially private DP language model inference is an approach for generating private synthetic text. A sensitive input example is used to prompt an off-the-shelf large language model LLM to produce a similar example. Multiple examples can be aggregated together to formally satisfy the DP...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/04 12:0 a.m.•5 views

Gradient Inversion Attacks on Parameter-Efficient Fine-Tuning

Federated learning FL allows multiple data-owners to collaboratively train machine learning models by exchanging local gradients, while keeping their private data on-device. To simultaneously enhance privacy and training efficiency, recently parameter-efficient fine-tuning PEFT of large-scale...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/04 12:0 a.m.•3 views

Through the Stealth Lens: Rethinking Attacks and Defenses in RAG

Retrieval-augmented generation RAG systems are vulnerable to attacks that inject poisoned passages into the retrieved set, even at low corruption rates. We show that existing attacks are not designed to be stealthy, allowing reliable detection and mitigation. We formalize stealth using a...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/04 12:0 a.m.•5 views

VLMs Can Aggregate Scattered Training Patches

Whitepaper called VLMs Can Aggregate Scattered Training Patches...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/04 12:0 a.m.•5 views

Watermarking Degrades Alignment in Language Models: Analysis and Mitigation

Watermarking techniques for large language models LLMs can significantly impact output quality, yet their effects on truthfulness, safety, and helpfulness remain critically underexamined. This paper presents a systematic analysis of how two popular watermarking approaches-Gumbel and KGW-affect...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/04 12:0 a.m.•5 views

Learning to Diagnose Privately: DP-Powered LLMs for Radiology Report Classification

Purpose: This study proposes a framework for fine-tuning large language models LLMs with differential privacy DP to perform multi-abnormality classification on radiology report text. By injecting calibrated noise during fine-tuning, the framework seeks to mitigate the privacy risks associated wit...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/04 12:0 a.m.•9 views

Dropout-Robust Mechanisms for Differentially Private and Fully Decentralized Mean Estimation

Achieving differentially private computations in decentralized settings poses significant challenges, particularly regarding accuracy, communication cost, and robustness against information leakage. While cryptographic solutions offer promise, they often suffer from high communication overhead or...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/04 12:0 a.m.•3 views

Privacy and Security Threat for OpenAI GPTs

Large language models LLMs demonstrate powerful information handling capabilities and are widely integrated into chatbot applications. OpenAI provides a platform for developers to construct custom GPTs, extending ChatGPT's functions and integrating external services. Since its release in November...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/04 12:0 a.m.•4 views

Children's Voice Privacy: First Steps and Emerging Challenges

Children are one of the most under-represented groups in speech technologies, as well as one of the most vulnerable in terms of privacy. Despite this, anonymization techniques targeting this population have received little attention. In this study, we seek to bridge this gap, and establish a...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/04 12:0 a.m.•7 views

Evaluating Apple Intelligence'S Writing Tools for Privacy against Large Language Model-Based Inference Attacks: Insights from Early Datasets

The misuse of Large Language Models LLMs to infer emotions from text for malicious purposes, known as emotion inference attacks, poses a significant threat to user privacy. In this paper, we investigate the potential of Apple Intelligence's writing tools, integrated across iPhone, iPad, and...

6.4AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/04 12:0 a.m.•5 views

A Threat Intelligence Event Extraction Conceptual Model for Cyber Threat Intelligence Feeds

In response to the escalating cyber threats, the efficiency of Cyber Threat Intelligence CTI data collection has become paramount in ensuring robust cybersecurity. However, existing works encounter significant challenges in preprocessing large volumes of multilingual threat data, leading to...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/04 12:0 a.m.•6 views

BESA: Boosting Encoder Stealing Attack with Perturbation Recovery

To boost the encoder stealing attack under the perturbation-based defense that hinders the attack performance, we propose a boosting encoder stealing attack with perturbation recovery named BESA. It aims to overcome perturbation-based defenses. The core of BESA consists of two modules: perturbati...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/04 12:0 a.m.•11 views

Client-Side Zero-Shot LLM Inference for Comprehensive In-Browser URL Analysis

Malicious websites and phishing URLs pose an ever-increasing cybersecurity risk, with phishing attacks growing by 40% in a single year. Traditional detection approaches rely on machine learning classifiers or rule-based scanners operating in the cloud, but these face significant challenges in...

7.4AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/04 12:0 a.m.•5 views

Prediction Inconsistency Helps Achieve Generalizable Detection of Adversarial Examples

Adversarial detection protects models from adversarial attacks by refusing suspicious test samples. However, current detection methods often suffer from weak generalization: their effectiveness tends to degrade significantly when applied to adversarially trained models rather than naturally train...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/04 12:0 a.m.•5 views

Poisoning Behavioral-Based Worker Selection in Mobile Crowdsensing Using Generative Adversarial Networks

With the widespread adoption of Artificial intelligence AI, AI-based tools and components are becoming omnipresent in today's solutions. However, these components and tools are posing a significant threat when it comes to adversarial attacks. Mobile Crowdsensing MCS is a sensing paradigm that...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/04 12:0 a.m.•6 views

Hello, Won'T You Tell Me Your Name?: Investigating Anonymity Abuse in IPFS

The InterPlanetary File SystemIPFS offers a decentralized approach to file storage and sharing, promising resilience and efficiency while also realizing the Web3 paradigm. Simultaneously, the offered anonymity raises significant questions about potential misuse. In this study, we explore methods...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/06/04 12:0 a.m.•6 views

PCEvolve: Private Contrastive Evolution for Synthetic Dataset Generation Via Few-Shot Private Data and Generative APIs

The rise of generative APIs has fueled interest in privacy-preserving synthetic data generation. While the Private Evolution PE algorithm generates Differential Privacy DP synthetic images using diffusion model APIs, it struggles with few-shot private data due to the limitations of its DP-protect...

7.1AI score
Exploits0
Total number of security vulnerabilities6894