6907 matches found
From Nuclear Safety to LLM Security: Applying Non-Probabilistic Risk Management Strategies to Build Safe and Secure LLM-Powered Systems
Large language models LLMs offer unprecedented and growing capabilities, but also introduce complex safety and security challenges that resist conventional risk management. While conventional probabilistic risk analysis PRA requires exhaustive risk enumeration and quantification, the novelty and...
Robust and Efficient AI-Based Attack Recovery in Autonomous Drones
We introduce an autonomous attack recovery architecture to add common sense reasoning to plan a recovery action after an attack is detected. We outline use-cases of our architecture using drones, and then discuss how to implement this architecture efficiently and securely in edge devices...
WordPress PSW Front-end Login Registration 1.12 User Registration
WordPress PSW Front-end Login Registration plugin versions 1.12 and below suffers from a vulnerability that allows an unauthenticated attacker to register new user accounts via an exposed AJAX action without proper validation or restrictions...
Neuromorphic Mimicry Attacks Exploiting Brain-Inspired Computing for Covert Cyber Intrusions
Neuromorphic computing, inspired by the human brain's neural architecture, is revolutionizing artificial intelligence and edge computing with its low-power, adaptive, and event-driven designs. However, these unique characteristics introduce novel cybersecurity risks. This paper proposes...
Exploring Jailbreak Attacks on LLMs through Intent Concealment and Diversion
Although large language models LLMs have achieved remarkable advancements, their security remains a pressing concern. One major threat is jailbreak attacks, where adversarial prompts bypass model safeguards to generate harmful or objectionable content. Researchers study jailbreak attacks to...
MicroCrypt Assumptions with Quantum Input Sampling and Pseudodeterminism: Constructions and Separations
Whitepaper called MicroCrypt Assumptions With Quantum Input Sampling And Pseudodeterminism: Constructions And Separations...
A Private Approximation of the 2nd-Moment Matrix of Any Subsamplable Input
We study the problem of differentially private second moment estimation and present a new algorithm that achieve strong privacy-utility trade-offs even for worst-case inputs under subsamplability assumptions on the data. We call an input $m,α,β$-subsamplable if a random subsample of size $m$ or...
CSAGC-IDS: a Dual-Module Deep Learning Network Intrusion Detection Model for Complex and Imbalanced Data
As computer networks proliferate, the gravity of network intrusions has escalated, emphasizing the criticality of network intrusion detection systems for safeguarding security. While deep learning models have exhibited promising results in intrusion detection, they face challenges in managing...
On the (In)Security of Proofs-Of-Space Based Longest-Chain Blockchains
The Nakamoto consensus protocol underlying the Bitcoin blockchain uses proof of work as a voting mechanism. Honest miners who contribute hashing power towards securing the chain try to extend the longest chain they are aware of. Despite its simplicity, Nakamoto consensus achieves meaningful...
Topology-Aware Detection and Localization of Distributed Denial-Of-Service Attacks in Network-On-Chips
Network-on-Chip NoC enables on-chip communication between diverse cores in modern System-on-Chip SoC designs. With its shared communication fabric, NoC has become a focal point for various security threats, especially in heterogeneous and high-performance computing platforms. Among these attacks,...
From Assistants to Adversaries: Exploring the Security Risks of Mobile LLM Agents
The growing adoption of large language models LLMs has led to a new paradigm in mobile computing--LLM-powered mobile AI agents--capable of decomposing and automating complex tasks directly on smartphones. However, the security implications of these agents remain largely unexplored. In this paper,...
Evaluating the Efficacy of LLM Safety Solutions : the Palit Benchmark Dataset
Large Language Models LLMs are increasingly integrated into critical systems in industries like healthcare and finance. Users can often submit queries to LLM-enabled chatbots, some of which can enrich responses with information retrieved from internal databases storing sensitive data. This gives...
Towards Verifiability of Total Value Locked (TVL) in Decentralized Finance
Total Value Locked TVL aims to measure the aggregate value of cryptoassets deposited in Decentralized Finance DeFi protocols. Although blockchain data is public, the way TVL is computed is not well understood. In practice, its calculation on major TVL aggregators relies on self-reports from...
Faraday 5.14.0
Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use...
GSDFuse: Capturing Cognitive Inconsistencies from Multi-Dimensional Weak Signals in Social Media Steganalysis
The ubiquity of social media platforms facilitates malicious linguistic steganography, posing significant security risks. Steganalysis is profoundly hindered by the challenge of identifying subtle cognitive inconsistencies arising from textual fragmentation and complex dialogue structures, and th...
Effects of the Cyber Resilience Act (CRA) on Industrial Equipment Manufacturing Companies
The Cyber Resilience Act CRA is a new European Union EU regulation aimed at enhancing the security of digital products and services by ensuring they meet stringent cybersecurity requirements. This paper investigates the challenges that industrial equipment manufacturing companies anticipate while...
Beyond Text: Unveiling Privacy Vulnerabilities in Multi-Modal Retrieval-Augmented Generation
Multimodal Retrieval-Augmented Generation MRAG systems enhance LMMs by integrating external multimodal databases, but introduce unexplored privacy vulnerabilities. While text-based RAG privacy risks have been studied, multimodal data presents unique challenges. We provide the first systematic...
Can Large Language Models Really Recognize Your Name?
Large language models LLMs are increasingly being used to protect sensitive user data. However, current LLM-based privacy solutions assume that these models can reliably detect personally identifiable information PII, particularly named entities. In this paper, we challenge that assumption by...
Trustworthy Reputation Games and Applications to Proof-Of-Reputation Blockchains
Reputation systems play an essential role in the Internet era, as they enable people to decide whom to trust, by collecting and aggregating data about users' behavior. Recently, several works proposed the use of reputation for the design and scalability improvement of decentralized blockchain...
AudioJailbreak: Jailbreak Attacks against End-To-End Large Audio-Language Models
Jailbreak attacks to Large audio-language models LALMs are studied recently, but they achieve suboptimal effectiveness, applicability, and practicability, particularly, assuming that the adversary can fully manipulate user prompts. In this work, we first conduct an extensive experiment showing th...
SudoLLM : on Multi-Role Alignment of Language Models
User authorization-based access privileges are a key feature in many safety-critical systems, but have thus far been absent from the large language model LLM realm. In this work, drawing inspiration from such access control systems, we introduce sudoLLM, a novel framework that results in multi-ro...
Agency Problems and Adversarial Bilevel Optimization under Uncertainty and Cyber Threats
We study an agency problem between a holding company and its subsidiary, exposed to cyber threats that affect the overall value of the subsidiary. The holding company seeks to design an optimal incentive scheme to mitigate these losses. In response, the subsidiary selects an optimal cybersecurity...
Is Your Prompt Safe? Investigating Prompt Injection Attacks against Open-Source LLMs
Whitepaper called Is Your Prompt Safe? Investigating Prompt Injection Attacks Against Open-Source LLMs...
Streamlining HTTP Flooding Attack Detection through Incremental Feature Selection
Applications over the Web primarily rely on the HTTP protocol to transmit web pages to and from systems. There are a variety of application layer protocols, but among all, HTTP is the most targeted because of its versatility and ease of integration with online services. The attackers leverage the...
D4+: Emergent Adversarial Driving Maneuvers with Approximate Functional Optimization
Intelligent mechanisms implemented in autonomous vehicles, such as proactive driving assist and collision alerts, reduce traffic accidents. However, verifying their correct functionality is difficult due to complex interactions with the environment. This problem is exacerbated in adversarial...
FedGraM: Defending against Untargeted Attacks in Federated Learning Via Embedding Gram Matrix
Federated Learning FL enables geographically distributed clients to collaboratively train machine learning models by sharing only their local models, ensuring data privacy. However, FL is vulnerable to untargeted attacks that aim to degrade the global model's performance on the underlying data...
Vulnerability of Transfer-Learned Neural Networks to Data Reconstruction Attacks in Small-Data Regime
Training data reconstruction attacks enable adversaries to recover portions of a released model's training data. We consider the attacks where a reconstructor neural network learns to invert the random mapping between training data and model weights. Prior work has shown that an informed adversar...
Adaptive Pruning of Deep Neural Networks for Resource-Aware Embedded Intrusion Detection on the Edge
Artificial neural network pruning is a method in which artificial neural network sizes can be reduced while attempting to preserve the predicting capabilities of the network. This is done to make the model smaller or faster during inference time. In this work we analyze the ability of a selection...
Destabilizing Power Grid and Energy Market by Cyberattacks on Smart Inverters
Cyberattacks on smart inverters and distributed PV are becoming an imminent threat, because of the recent well-documented vulnerabilities and attack incidents. Particularly, the long lifespan of inverter devices, users' oblivion of cybersecurity compliance, and the lack of cyber regulatory...
Efficient Privacy-Preserving Cross-Silo Federated Learning with Multi-Key Homomorphic Encryption
Federated Learning FL is susceptible to privacy attacks, such as data reconstruction attacks, in which a semi-honest server or a malicious client infers information about other clients' datasets from their model updates or gradients. To enhance the privacy of FL, recent studies combined Multi-Key...
In Search of Lost Data: a Study of Flash Sanitization Practices
To avoid the disclosure of personal or corporate data, sanitization of storage devices is an important issue when such devices are to be reused. While poor sanitization practices have been reported for second-hand hard disk drives, it has been reported that data has been found on original storage...
Lessons from Defending Gemini against Indirect Prompt Injections
Gemini is increasingly used to perform tasks on behalf of users, where function-calling and tool-use capabilities enable the model to access user data. Some tools, however, require access to untrusted data introducing risk. Adversaries can embed malicious instructions in untrusted data which caus...
Zk-SNARK for String Match
We present a secure and efficient string-matching platform leveraging zk-SNARKs Zero-Knowledge Succinct Non-Interactive Arguments of Knowledge to address the challenge of detecting sensitive information leakage while preserving data privacy. Our solution enables organizations to verify whether...
CRYPTONITE: Scalable Accelerator Design for Cryptographic Primitives and Algorithms
Cryptographic primitives, consisting of repetitive operations with different inputs, are typically implemented using straight-line C code due to traditional execution on CPUs. Computing these primitives is necessary for secure communication; thus, dedicated hardware accelerators are required in...
Moneros Decentralized P2P Exchanges: Functionality, Adoption, and Privacy Risks
Privacy-focused cryptocurrencies like Monero remain popular, despite increasing regulatory scrutiny that has led to their delisting from major centralized exchanges. The latter also explains the recent popularity of decentralized exchanges DEXs with no centralized ownership structures. These...
Training-Free Watermarking for Autoregressive Image Generation
Invisible image watermarking can protect image ownership and prevent malicious misuse of visual generative models. However, existing generative watermarking methods are mainly designed for diffusion models while watermarking for autoregressive image generation models remains largely underexplored...
Provable Execution in Real-Time Embedded Systems
Embedded devices are increasingly ubiquitous and vital, often supporting safety-critical functions. However, due to strict cost and energy constraints, they are typically implemented with Micro-Controller Units MCUs that lack advanced architectural security features. Within this space, recent...
Recommender Systems for Democracy: toward Adversarial Robustness in Voting Advice Applications
Voting advice applications VAAs help millions of voters understand which political parties or candidates best align with their views. This paper explores the potential risks these applications pose to the democratic process when targeted by adversarial entities. In particular, we expose 11...
FLTG: Byzantine-Robust Federated Learning Via Angle-Based Defense and Non-IID-Aware Weighting
Byzantine attacks during model aggregation in Federated Learning FL threaten training integrity by manipulating malicious clients' updates. Existing methods struggle with limited robustness under high malicious client ratios and sensitivity to non-i.i.d. data, leading to degraded accuracy. To...
When Mitigations Backfire: Timing Channel Attacks and Defense for PRAC-Based RowHammer Mitigations
Per Row Activation Counting PRAC has emerged as a robust framework for mitigating RowHammer RH vulnerabilities in modern DRAM systems. However, we uncover a critical vulnerability: a timing channel introduced by the Alert Back-Off ABO protocol and Refresh Management RFM commands. We present...
Quantum Opacity, Classical Clarity: a Hybrid Approach to Quantum Circuit Obfuscation
Quantum computing leverages quantum mechanics to achieve computational advantages over classical hardware, but the use of third-party quantum compilers in the Noisy Intermediate-Scale Quantum NISQ era introduces risks of intellectual property IP exposure. We address this by proposing a novel...
VulCPE: Context-Aware Cybersecurity Vulnerability Retrieval and Management
The dynamic landscape of cybersecurity demands precise and scalable solutions for vulnerability management in heterogeneous systems, where configuration-specific vulnerabilities are often misidentified due to inconsistent data in databases like the National Vulnerability Database NVD. Inaccurate...
HChain 4.0: a Secure and Scalable Permissioned Blockchain for EHR Management in Smart Healthcare
The growing utilization of Internet of Medical Things IoMT devices, including smartwatches and wearable medical devices, has facilitated real-time health monitoring and data analysis to enhance healthcare outcomes. These gadgets necessitate improved security measures to safeguard sensitive health...
ACE: Confidential Computing for Embedded RISC-V Systems
Confidential computing plays an important role in isolating sensitive applications from the vast amount of untrusted code commonly found in the modern cloud. We argue that it can also be leveraged to build safer and more secure mission-critical embedded systems. In this paper, we introduce the...
Optimal Client Sampling in Federated Learning with Client-Level Heterogeneous Differential Privacy
Federated Learning with client-level differential privacy DP provides a promising framework for collaboratively training models while rigorously protecting clients' privacy. However, classic approaches like DP-FedAvg struggle when clients have heterogeneous privacy requirements, as they must...
Network-Wide Quantum Key Distribution with Onion Routing Relay
The advancement of quantum computing threatens classical cryptographic methods, necessitating the development of secure quantum key distribution QKD solutions for QKD Networks QKDN. In this paper, a novel key distribution protocol, Onion Routing Relay ORR, that integrates onion routing OR with...
Multiple Proposer Transaction Fee Mechanism Design: Robust Incentives against Censorship and Bribery
Censorship resistance is one of the core value proposition of blockchains. A recurring design pattern aimed at providing censorship resistance is enabling multiple proposers to contribute inputs into block construction. Notably, Fork-Choice Enforced Inclusion Lists FOCIL is proposed to be include...
WordPress Eventin 4.0.26 Privilege Escalation
WordPress Eventin plugin versions 4.0.26 and below suffers from an unauthenticated privilege escalation vulnerability due to a missing authorization check in the importitems function...
FlowPure: Continuous Normalizing Flows for Adversarial Purification
Despite significant advancements in the area, adversarial robustness remains a critical challenge in systems employing machine learning models. The removal of adversarial perturbations at inference time, known as adversarial purification, has emerged as a promising defense strategy. To achieve...
The Hidden Dangers of Browsing AI Agents
Autonomous browsing agents powered by large language models LLMs are increasingly used to automate web-based tasks. However, their reliance on dynamic content, tool execution, and user-provided data exposes them to a broad attack surface. This paper presents a comprehensive security evaluation of...