6907 matches found
Multi-Photon QKD for Practical Quantum Networks
Quantum key distribution QKD will most likely be an integral part of any practical quantum network in the future. However, not all QKD protocols can be used in today's networks because of the lack of single-photon emitters and noisy intermediate quantum hardware. Attenuated-photon transmission,...
Scrapers Selectively Respect Robots.Txt Directives: Evidence from a Large-Scale Empirical Study
Online data scraping has taken on new dimensions in recent years, as traditional scrapers have been joined by new AI-specific bots. To counteract unwanted scraping, many sites use tools like the Robots Exclusion Protocol REP, which places a robots.txt file at the site root to dictate scraper...
BitHydra: Towards Bit-Flip Inference Cost Attack against Large Language Models
Large language models LLMs have shown impressive capabilities across a wide range of applications, but their ever-increasing size and resource demands make them vulnerable to inference cost attacks, where attackers induce victim LLMs to generate the longest possible output content. In this paper,...
Respond to Change with Constancy: Instruction-Tuning with LLM for Non-I.I.D. Network Traffic Classification
Encrypted traffic classification is highly challenging in network security due to the need for extracting robust features from content-agnostic traffic data. Existing approaches face critical issues: i Distribution drift, caused by reliance on the closedworld assumption, limits adaptability to...
Effect of Noise and Topologies on Multi-Photon Quantum Protocols
Quantum-augmented networks aim to use quantum phenomena to improve detection and protection against malicious actors in a classical communication network. This may include multiplexing quantum signals into classical fiber optical channels and incorporating purely quantum links alongside classical...
WordPress Order Delivery Date Missing Authorization
WordPress Order Delivery Date plugin versions prior to 12.3.1 have missing authorization and cross site request forgery vulnerabilities surrounding the importing of settings...
Semantic-Preserving Adversarial Attacks on LLMs: an Adaptive Greedy Binary Search Approach
Large Language Models LLMs increasingly rely on automatic prompt engineering in graphical user interfaces GUIs to refine user inputs and enhance response accuracy. However, the diversity of user requirements often leads to unintended misinterpretations, where automated optimizations distort...
One Surrogate to Fool Them All: Universal, Transferable, and Targeted Adversarial Attacks with CLIP
Deep Neural Networks DNNs have achieved widespread success yet remain prone to adversarial attacks. Typically, such attacks either involve frequent queries to the target model or rely on surrogate models closely mirroring the target model -- often trained with subsets of the target model's traini...
Novel Loss-Enhanced Universal Adversarial Patches for Sustainable Speaker Privacy
Deep learning voice models are commonly used nowadays, but the safety processing of personal data, such as human identity and speech content, remains suspicious. To prevent malicious user identification, speaker anonymization methods were proposed. Current methods, particularly based on universal...
Capability-Based Scaling Laws for LLM Red-Teaming
As large language models grow in capability and agency, identifying vulnerabilities through red-teaming becomes vital for safe deployment. However, traditional prompt-engineering approaches may prove ineffective once red-teaming turns into a weak-to-strong problem, where target models surpass...
Weak-Jamming Detection in IEEE 802.11 Networks: Techniques, Scenarios and Mobility
State-of-the-art solutions detect jamming attacks ex-post, i.e., only when jamming has already disrupted the wireless communication link. In many scenarios, e.g., mobile networks or static deployments distributed over a large geographical area, it is often desired to detect jamming at the early...
MixBridge: Heterogeneous Image-To-Image Backdoor Attack through Mixture of Schrödinger Bridges
This paper focuses on implanting multiple heterogeneous backdoor triggers in bridge-based diffusion models designed for complex and arbitrary input distributions. Existing backdoor formulations mainly address single-attack scenarios and are limited to Gaussian noise input models. To fill this gap...
Efficient and Stealthy Jailbreak Attacks Via Adversarial Prompt Distillation from LLMs to SLMs
Attacks on large language models LLMs in jailbreaking scenarios raise many security and ethical issues. Current jailbreak attack methods face problems such as low efficiency, high computational cost, and poor cross-model adaptability and versatility, which make it difficult to cope with the rapid...
Zero-Trust Foundation Models: a New Paradigm for Secure and Collaborative Artificial Intelligence for Internet of Things
This paper focuses on Zero-Trust Foundation Models ZTFMs, a novel paradigm that embeds zero-trust security principles into the lifecycle of foundation models FMs for Internet of Things IoT systems. By integrating core tenets, such as continuous verification, least privilege access LPA, data...
Lifelong Safety Alignment for Language Models
LLMs have made impressive progress, but their growing capabilities also expose them to highly flexible jailbreaking attacks designed to bypass safety alignment. While many existing defenses focus on known types of attacks, it is more critical to prepare LLMs for unseen attacks that may arise duri...
Poison in the Well: Feature Embedding Disruption in Backdoor Attacks
Backdoor attacks embed malicious triggers into training data, enabling attackers to manipulate neural network behavior during inference while maintaining high accuracy on benign inputs. However, existing backdoor attacks face limitations manifesting in excessive reliance on training data, poor...
Private Geometric Median in Nearly-Linear Time
Whitepaper called Private Geometric Median In Nearly-Linear Time...
Engineering Trustworthy Machine-Learning Operations with Zero-Knowledge Proofs
As Artificial Intelligence AI systems, particularly those based on machine learning ML, become integral to high-stakes applications, their probabilistic and opaque nature poses significant challenges to traditional verification and validation methods. These challenges are exacerbated in regulated...
Eradicating the Unseen: Detecting, Exploiting, and Remediating a Path Traversal Vulnerability across GitHub
Vulnerabilities in open-source software can cause cascading effects in the modern digital ecosystem. It is especially worrying if these vulnerabilities repeat across many projects, as once the adversaries find one of them, they can scale up the attack very easily. Unfortunately, since developers...
Roundcube 1.5.7 / 1.6.7 Cross Site Scripting
These are two exploits designed to take advantage of cross site scripting vulnerabilities in Roundcube versions through 1.5.7 and 1.6.x through 1.6.7...
EarthOL: a Proof-Of-Human-Contribution Consensus Protocol -- Addressing Fundamental Challenges in Decentralized Value Assessment with Enhanced Verification and Security Mechanisms
This paper introduces EarthOL, a novel consensus protocol that attempts to replace computational waste in blockchain systems with verifiable human contributions within bounded domains. While recognizing the fundamental impossibility of universal value assessment, we propose a domain-restricted...
A Framework for Combined Transaction Posting and Pricing for Layer 2 Blockchains
This paper presents a comprehensive framework for transaction posting and pricing in Layer 2 L2 blockchain systems, focusing on challenges stemming from fluctuating Layer 1 L1 gas fees and the congestion issues within L2 networks. Existing methods have focused on the problem of optimal posting...
CPA-RAG:Covert Poisoning Attacks on Retrieval-Augmented Generation in Large Language Models
Retrieval-Augmented Generation RAG enhances large language models LLMs by incorporating external knowledge, but its openness introduces vulnerabilities that can be exploited by poisoning attacks. Existing poisoning methods for RAG systems have limitations, such as poor generalization and lack of...
ADA: Automated Moving Target Defense for AI Workloads Via Ephemeral Infrastructure-Native Rotation in Kubernetes
This paper introduces the Adaptive Defense Agent ADA, an innovative Automated Moving Target Defense AMTD system designed to fundamentally enhance the security posture of AI workloads. ADA operates by continuously and automatically rotating these workloads at the infrastructure level, leveraging t...
Parallel Kac'S Walk Generates PRU
Ma and Huang recently proved that the PFC construction, introduced by Metger, Poremba, Sinha and Yuen MPSY24, gives an adaptive-secure pseudorandom unitary family PRU. Their proof developed a new path recording technique MH24. In this work, we show that a linear number of sequential repetitions o...
What Really Matters in Many-Shot Attacks? an Empirical Study of Long-Context Vulnerabilities in LLMs
We investigate long-context vulnerabilities in Large Language Models LLMs through Many-Shot Jailbreaking MSJ. Our experiments utilize context length of up to 128K tokens. Through comprehensive analysis with various many-shot attack settings with different instruction styles, shot density, topic,...
USB: a Comprehensive and Unified Safety Evaluation Benchmark for Multimodal Large Language Models
Despite their remarkable achievements and widespread adoption, Multimodal Large Language Models MLLMs have revealed significant security vulnerabilities, highlighting the urgent need for robust safety evaluation benchmarks. Existing MLLM safety benchmarks, however, fall short in terms of data...
F5 BIG-IP iControl REST Code Execution
This is an improved version of horizon3ai's F5 BIG-IP iControl REST exploit that provides an interactive shell to run remote commands...
Language of Network: a Generative Pre-Trained Model for Encrypted Traffic Comprehension
The increasing demand for privacy protection and security considerations leads to a significant rise in the proportion of encrypted network traffic. Since traffic content becomes unrecognizable after encryption, accurate analysis is challenging, making it difficult to classify applications and...
PandaGuard: Systematic Evaluation of LLM Safety against Jailbreaking Attacks
Large language models LLMs have achieved remarkable capabilities but remain vulnerable to adversarial prompts known as jailbreaks, which can bypass safety alignment and elicit harmful outputs. Despite growing efforts in LLM safety research, existing evaluations are often fragmented, focused on...
DFIR-Metric: a Benchmark Dataset for Evaluating Large Language Models in Digital Forensics and Incident Response
Digital Forensics and Incident Response DFIR involves analyzing digital evidence to support legal investigations. Large Language Models LLMs offer new opportunities in DFIR tasks such as log analysis and memory forensics, but their susceptibility to errors and hallucinations raises concerns in...
Strengthening Cybersecurity Resilience in Agriculture through Educational Interventions: a Case Study of the Ponca Tribe of Nebraska
The increasing digitization of agricultural operations has introduced new cybersecurity challenges for the farming community. This paper introduces an educational intervention called Cybersecurity Improvement Initiative for Agriculture CIIA, which aims to strengthen cybersecurity awareness and...
MultiPhishGuard: an LLM-Based Multi-Agent System for Phishing Email Detection
Phishing email detection faces critical challenges from evolving adversarial tactics and heterogeneous attack patterns. Traditional detection methods, such as rule-based filters and denylists, often struggle to keep pace with these evolving tactics, leading to false negatives and compromised...
Exposing Go's Hidden Bugs: a Novel Concolic Framework
The widespread adoption of the Go programming language in infrastructure backends and blockchain projects has heightened the need for improved security measures. Established techniques such as unit testing, static analysis, and program fuzzing provide foundational protection mechanisms. Although...
Phare: a Safety Probe for Large Language Models
Ensuring the safety of large language models LLMs is critical for responsible deployment, yet existing evaluations often prioritize performance over identifying failure modes. We introduce Phare, a multilingual diagnostic framework to probe and evaluate LLM behavior across three critical...
A Survey on the Safety and Security Threats of Computer-Using Agents: JARVIS or Ultron?
Recently, AI-driven interactions with computing devices have advanced from basic prototype tools to sophisticated, LLM-based systems that emulate human-like operations in graphical user interfaces. We are now witnessing the emergence of \emphComputer-Using Agents CUAs, capable of autonomously...
Transaction Fee Mechanism Design for Leaderless Blockchain Protocols
We initiate the study of transaction fee mechanism design for blockchain protocols in which multiple block producers contribute to the production of each block. Our contributions include: - We propose an extensive-form multi-stage game model to reason about the game theory of multi-proposer...
TeleSparse: Practical Privacy-Preserving Verification of Deep Neural Networks
Verification of the integrity of deep learning inference is crucial for understanding whether a model is being applied correctly. However, such verification typically requires access to model weights and potentially sensitive or private training data. So-called Zero-knowledge Succinct...
Differential Privacy Analysis of Decentralized Gossip Averaging under Varying Threat Models
Fully decentralized training of machine learning models offers significant advantages in scalability, robustness, and fault tolerance. However, achieving differential privacy DP in such settings is challenging due to the absence of a central aggregator and varying trust assumptions among nodes. I...
CoTGuard: Using Chain-Of-Thought Triggering for Copyright Protection in Multi-Agent LLM Systems
As large language models LLMs evolve into autonomous agents capable of collaborative reasoning and task execution, multi-agent LLM systems have emerged as a powerful paradigm for solving complex problems. However, these systems pose new challenges for copyright protection, particularly when...
A Quantitative Notion of Economic Security for Smart Contract Compositions
Decentralized applications are often composed of multiple interconnected smart contracts. This is especially evident in DeFi, where protocols are heavily intertwined and rely on a variety of basic building blocks such as tokens, decentralized exchanges and lending protocols. A crucial security...
BSAGIoT: a Bayesian Security Aspect Graph for Internet of Things (IoT)
IoT is a dynamic network of interconnected things that communicate and exchange data, where security is a significant issue. Previous studies have mainly focused on attack classifications and open issues rather than presenting a comprehensive overview on the existing threats and vulnerabilities...
Secure IVSHMEM: End-To-End Shared-Memory Protocol with Hypervisor-CA Handshake and In-Kernel Access Control
In-host shared memory IVSHMEM enables high-throughput, zero-copy communication between virtual machines, but today's implementations lack any security control, allowing any application to eavesdrop or tamper with the IVSHMEM region. This paper presents Secure IVSHMEM, a protocol that provides...
Penetration Testing for System Security: Methods and Practical Approaches
Penetration testing refers to the process of simulating hacker attacks to evaluate the security of information systems . This study aims not only to clarify the theoretical foundations of penetration testing but also to explain and demonstrate the complete testing process, including how network...
ALRPHFS: Adversarially Learned Risk Patterns with Hierarchical Fast \& Slow Reasoning for Robust Agent Defense
LLM Agents are becoming central to intelligent systems. However, their deployment raises serious safety concerns. Existing defenses largely rely on "Safety Checks", which struggle to capture the complex semantic risks posed by harmful user inputs or unsafe agent behaviors - creating a significant...
AI, Climate, and Regulation: from Data Centers to the AI Act
We live in a world that is experiencing an unprecedented boom of AI applications that increasingly penetrate and enhance all sectors of private and public life, from education, media, medicine, and mobility to the industrial and professional workspace, and -- potentially particularly...
Co-Evolutionary Dynamics of Attack and Defence in Cybersecurity
In the evolving digital landscape, it is crucial to study the dynamics of cyberattacks and defences. This study uses an Evolutionary Game Theory EGT framework to investigate the evolutionary dynamics of attacks and defences in cyberspace. We develop a two-population asymmetric game between attack...
Structure Disruption: Subverting Malicious Diffusion-Based Inpainting Via Self-Attention Query Perturbation
The rapid advancement of diffusion models has enhanced their image inpainting and editing capabilities but also introduced significant societal risks. Adversaries can exploit user images from social media to generate misleading or harmful content. While adversarial perturbations can disrupt...
VADER: a Human-Evaluated Benchmark for Vulnerability Assessment, Detection, Explanation, and Remediation
Ensuring that large language models LLMs can effectively assess, detect, explain, and remediate software vulnerabilities is critical for building robust and secure software systems. We introduce VADER, a human-evaluated benchmark designed explicitly to assess LLM performance across four key...
RADEP: a Resilient Adaptive Defense Framework against Model Extraction Attacks
Machine Learning as a Service MLaaS enables users to leverage powerful machine learning models through cloud-based APIs, offering scalability and ease of deployment. However, these services are vulnerable to model extraction attacks, where adversaries repeatedly query the application programming...