6907 matches found
3D Gaussian Splat Vulnerabilities
With 3D Gaussian Splatting 3DGS being increasingly used in safety-critical applications, how can an adversary manipulate the scene to cause harm? We introduce CLOAK, the first attack that leverages view-dependent Gaussian appearances - colors and textures that change with viewing angle - to embed...
ScadaFlare 1.0 ScadaBR Authenticated RCE Toolkit
This is a modular post-authentication remote code execution exploit targeting ScadaBR versions prior to 1.1.0. This tool is enhanced for red team ops...
Light As Deception: GPT-Driven Natural Relighting against Vision-Language Pre-Training Models
Whitepaper called Light As Deception: GPT-Driven Natural Relighting Against Vision-Language Pre-Training Models...
LPASS: Linear Probes As Stepping Stones for Vulnerability Detection Using Compressed LLMs
Large Language Models LLMs are being extensively used for cybersecurity purposes. One of them is the detection of vulnerable codes. For the sake of efficiency and effectiveness, compression and fine-tuning techniques are being developed, respectively. However, they involve spending substantial...
Shill Bidding Prevention in Decentralized Auctions Using Smart Contracts
In online auctions, fraudulent behaviors such as shill bidding pose significant risks. This paper presents a conceptual framework that applies dynamic, behavior-based penalties to deter auction fraud using blockchain smart contracts. Unlike traditional post-auction detection methods, this approac...
Roundcube Webmail 1.6.7 Cross Site Scripting
Roundcube Webmail versions 1.6.7 and below email capture listener and cross site scripting proof of concept exploit...
Talking Transactions: Decentralized Communication through Ethereum Input Data Messages (IDMs)
Can you imagine, blockchain transactions can talk! In this paper, we study how they talk and what they talk about. We focus on the input data field of Ethereum transactions, which is designed to allow external callers to interact with smart contracts. In practice, this field also enables users to...
PatchDEMUX: a Certifiably Robust Framework for Multi-Label Classifiers against Adversarial Patches
Deep learning techniques have enabled vast improvements in computer vision technologies. Nevertheless, these models are vulnerable to adversarial patch attacks which catastrophically impair performance. The physically realizable nature of these attacks calls for certifiable defenses, which featur...
Shadow Defense against Gradient Inversion Attack in Federated Learning
Federated learning FL has emerged as a transformative framework for privacy-preserving distributed training, allowing clients to collaboratively train a global model without sharing their local data. This is especially crucial in sensitive fields like healthcare, where protecting patient data is...
MCP Safety Training: Learning to Refuse Falsely Benign MCP Exploits Using Improved Preference Alignment
The model context protocol MCP has been widely adapted as an open standard enabling the seamless integration of generative AI agents. However, recent work has shown the MCP is susceptible to retrieval-based "falsely benign" attacks FBAs, allowing malicious system access and credential theft, but...
Joint Data Hiding and Partial Encryption of Compressive Sensed Streams
The paper proposes a method to secure the Compressive Sensing CS streams. It consists in protecting part of the measurements by a secret key and inserting the code into the rest. The secret key is generated via a cryptographically secure pseudo-random number generator CSPRNG and XORed with the...
Demonstration of Quantum-Secure Communications in a Nuclear Reactor
Quantum key distribution QKD, one of the latest cryptographic techniques, founded on the laws of quantum mechanics rather than mathematical complexity, promises for the first time unconditional secure remote communications. Integrating this technology into the next generation nuclear systems -...
Falco 0.41.0
Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco...
Disrupting Vision-Language Model-Driven Navigation Services Via Adversarial Object Fusion
We present Adversarial Object Fusion AdvOF, a novel attack framework targeting vision-and-language navigation VLN agents in service-oriented environments by generating adversarial 3D objects. While foundational models like Large Language Models LLMs and Vision Language Models VLMs have enhanced...
SafeCOMM: What about Safety Alignment in Fine-Tuned Telecom Large Language Models?
Fine-tuning large language models LLMs for telecom tasks and datasets is a common practice to adapt general-purpose models to the telecom domain. However, little attention has been paid to how this process may compromise model safety. Recent research has shown that even benign fine-tuning can...
Merge Hijacking: Backdoor Attacks to Model Merging of Large Language Models
Model merging for Large Language Models LLMs directly fuses the parameters of different models finetuned on various tasks, creating a unified model for multi-domain tasks. However, due to potential vulnerabilities in models available on open-source platforms, model merging is susceptible to...
Bayesian Perspective on Memorization and Reconstruction
We introduce a new Bayesian perspective on the concept of data reconstruction, and leverage this viewpoint to propose a new security definition that, in certain settings, provably prevents reconstruction attacks. We use our paradigm to shed new light on one of the most notorious attacks in the...
Hijacking Large Language Models Via Adversarial In-Context Learning
In-context learning ICL has emerged as a powerful paradigm leveraging LLMs for specific downstream tasks by utilizing labeled examples as demonstrations demos in the preconditioned prompts. Despite its promising performance, crafted adversarial attacks pose a notable threat to the robustness of...
Differentially Private Space-Efficient Algorithms for Counting Distinct Elements in the Turnstile Model
The turnstile continual release model of differential privacy captures scenarios where a privacy-preserving real-time analysis is sought for a dataset evolving through additions and deletions. In typical applications of real-time data analysis, both the length of the stream $T$ and the size of th...
The End of Universal Lifelong Identifiers: Identity Systems for the AI Era
Many identity systems assign a single, static identifier to an individual for life, reused across domains like healthcare, finance, and education. These Universal Lifelong Identifiers ULIs underpin critical workflows but now pose systemic privacy risks. We take the position that ULIs are...
Towards a Global Quantum Internet: a Review of Challenges Facing Aerial Quantum Networks
Quantum networks use principles of quantum physics to create secure communication networks. Moving these networks off the ground using drones, balloons, or satellites could help increase the scalability of these networks. This article reviews how such aerial links work, what makes them difficult ...
Synopsis: Secure and Private Trend Inference from Encrypted Semantic Embeddings
WhatsApp and many other commonly used communication platforms guarantee end-to-end encryption E2EE, which requires that service providers lack the cryptographic keys to read communications on their own platforms. WhatsApp's privacy-preserving design makes it difficult to study important phenomena...
Confidential Guardian: Cryptographically Prohibiting the Abuse of Model Abstention
Cautious predictions -- where a machine learning model abstains when uncertain -- are crucial for limiting harmful errors in safety-critical applications. In this work, we identify a novel threat: a dishonest institution can exploit these mechanisms to discriminate or unjustly deny services under...
Fooling the Watchers: Breaking AIGC Detectors Via Semantic Prompt Attacks
The rise of text-to-image T2I models has enabled the synthesis of photorealistic human portraits, raising serious concerns about identity misuse and the robustness of AIGC detectors. In this work, we propose an automated adversarial prompt generation framework that leverages a grammar tree...
An Advanced Cyber-Physical System Security Testbed for Substation Automation
A Cyber-Physical System CPS testbed serves as a powerful platform for testing and validating cyber intrusion detection and mitigation strategies in substations. This study presents the design and development of a CPS testbed that can effectively assess the real-time dynamics of a substation. Cybe...
Digital Forensic Investigation of the ChatGPT Windows Application
The ChatGPT Windows application offers better user interaction in the Windows operating system OS by enhancing productivity and streamlining the workflow of ChatGPT's utilization. However, there are potential misuses associated with this application that require rigorous forensic analysis. This...
Quantum Hilbert Transform
The Hilbert transform has been one of the foundational transforms in signal processing, finding it's way into multiple disciplines from cryptography to biomedical sciences. However, there does not exist any quantum analogue for the Hilbert transform. In this work, we introduce a formulation for t...
Practical Bayes-Optimal Membership Inference Attacks
We develop practical and theoretically grounded membership inference attacks MIAs against both independent and identically distributed i.i.d. data and graph-structured data. Building on the Bayesian decision-theoretic framework of Sablayrolles et al., we derive the Bayes-optimal membership...
A Tertiary Review on Quantum Cryptography
Quantum computers impose an immense threat to system security. As a countermeasure, new cryptographic classes have been created to prevent these attacks. Technologies such as post-quantum cryptography and quantum cryptography. Quantum cryptography uses the principle of quantum physics to produce...
LLM Agents Should Employ Security Principles
Large Language Model LLM agents show considerable promise for automating complex tasks using contextual reasoning; however, interactions involving multiple agents and the system's susceptibility to prompt injection and other forms of context manipulation introduce new vulnerabilities related to...
Securing AI Agents with Information-Flow Control
As AI agents become increasingly autonomous and capable, ensuring their security against vulnerabilities such as prompt injection becomes critical. This paper explores the use of information-flow control IFC to provide security guarantees for AI agents. We present a formal model to reason about t...
Quasi-Periodic Optical Key-Enabled Hybrid Cryptography: Merging Diffractive Physics and Deep Learning for High-Dimensional Security
Optical encryption inherently provides strong security advantages, with hybrid optoelectronic systems offering additional degrees of freedom by integrating optical and algorithmic domains. However, existing optical encryption schemes heavily rely on electronic computation, limiting overall...
HoneySat: a Network-Based Satellite Honeypot Framework
Satellites are the backbone of several mission-critical services, such as GPS that enable our modern society to function. For many years, satellites were assumed to be secure because of their indecipherable architectures and the reliance on security by obscurity. However, technological advancemen...
WordPress Likes and Dislikes 1.0.0 SQL Injection
WordPress Likes and Dislikes plugin versions 1.0.0 and below suffer from an unauthenticated remote SQL injection vulnerability...
TensorShield: Safeguarding On-Device Inference by Shielding Critical DNN Tensors with TEE
To safeguard user data privacy, on-device inference has emerged as a prominent paradigm on mobile and Internet of Things IoT devices. This paradigm involves deploying a model provided by a third party on local devices to perform inference tasks. However, it exposes the private model to two primar...
Private Lossless Multiple Release
Whitepaper called Private Lossless Multiple Release...
BugWhisperer: Fine-Tuning LLMs for SoC Hardware Vulnerability Detection
The current landscape of system-on-chips SoCs security verification faces challenges due to manual, labor-intensive, and inflexible methodologies. These issues limit the scalability and effectiveness of security protocols, making bug detection at the Register-Transfer Level RTL difficult. This...
Permissioned LLMs: Enforcing Access Control in Large Language Models
In enterprise settings, organizational data is segregated, siloed and carefully protected by elaborate access control frameworks. These access control structures can completely break down if an LLM fine-tuned on the siloed data serves requests, for downstream tasks, from individuals with disparat...
VulBinLLM: LLM-Powered Vulnerability Detection for Stripped Binaries
Recognizing vulnerabilities in stripped binary files presents a significant challenge in software security. Although some progress has been made in generating human-readable information from decompiled binary files with Large Language Models LLMs, effectively and scalably detecting vulnerabilitie...
GeneBreaker: Jailbreak Attacks against DNA Language Models with Pathogenicity Guidance
DNA, encoding genetic instructions for almost all living organisms, fuels groundbreaking advances in genomics and synthetic biology. Recently, DNA Foundation Models have achieved success in designing synthetic functional DNA sequences, even whole genomes, but their susceptibility to jailbreaking...
AgentAlign: Navigating Safety Alignment in the Shift from Informative to Agentic Large Language Models
The acquisition of agentic capabilities has transformed LLMs from "knowledge providers" to "action executors", a trend that while expanding LLMs' capability boundaries, significantly increases their susceptibility to malicious use. Previous work has shown that current LLM-based agents execute...
Machine Learning Models Have a Supply Chain Problem
Powerful machine learning ML models are now readily available online, which creates exciting possibilities for users who lack the deep technical expertise or substantial computing resources needed to develop them. On the other hand, this type of open ecosystem comes with many risks. In this paper...
Securing the Software Package Supply Chain for Critical Systems
Software systems have grown as an indispensable commodity used across various industries, and almost all essential services depend on them for effective operation. The software is no longer an independent or stand-alone piece of code written by a developer but rather a collection of packages...
Efficient Preimage Approximation for Neural Network Certification
The growing reliance on artificial intelligence in safety- and security-critical applications demands effective neural network certification. A challenging real-world use case is certification against patch attacks'', where adversarial patches or lighting conditions obscure parts of images, for...
Does Johnny Get the Message? Evaluating Cybersecurity Notifications for Everyday Users
Due to the increasing presence of networked devices in everyday life, not only cybersecurity specialists but also end users benefit from security applications such as firewalls, vulnerability scanners, and intrusion detection systems. Recent approaches use large language models LLMs to rewrite...
Privacy-Preserving Prompt Personalization in Federated Learning for Multimodal Large Language Models
Prompt learning is a crucial technique for adapting pre-trained multimodal language models MLLMs to user tasks. Federated prompt personalization FPP is further developed to address data heterogeneity and local overfitting, however, it exposes personalized prompts - valuable intellectual assets - ...
A Comprehensive Real-World Assessment of Audio Watermarking Algorithms: Will They Survive Neural Codecs?
We introduce the Robust Audio Watermarking Benchmark RAW-Bench, a benchmark for evaluating deep learning-based audio watermarking methods with standardized and systematic comparisons. To simulate real-world usage, we introduce a comprehensive audio attack pipeline with various distortions such as...
Aurora: Are Android Malware Classifiers Reliable under Distribution Shift?
The performance figures of modern drift-adaptive malware classifiers appear promising, but does this translate to genuine operational reliability? The standard evaluation paradigm primarily focuses on baseline performance metrics, neglecting confidence-error alignment and operational stability...
Smart Contracts for SMEs and Large Companies
Research on blockchains addresses multiple issues, with one being writing smart contracts. In our previous research we described methodology and a tool to generate, in automated fashion, smart contracts from BPMN models. The generated smart contracts provide support for multi-step transactions th...
On the Intractability of Chaotic Symbolic Walks: toward a Non-Algebraic Post-Quantum Hardness Assumption
Most classical and post-quantum cryptographic assumptions, including integer factorization, discrete logarithms, and Learning with Errors LWE, rely on algebraic structures such as rings or vector spaces. While mathematically powerful, these structures can be exploited by quantum algorithms or...