6907 matches found
Shielding Latent Face Representations from Privacy Attacks
In today's data-driven analytics landscape, deep learning has become a powerful tool, with latent representations, known as embeddings, playing a central role in several applications. In the face analytics domain, such embeddings are commonly used for biometric recognition e.g., face...
DynaNoise: Dynamic Probabilistic Noise Injection for Defending against Membership Inference Attacks
Membership Inference Attacks MIAs pose a significant risk to the privacy of training datasets by exploiting subtle differences in model outputs to determine whether a particular data sample was used during training. These attacks can compromise sensitive information, especially in domains such as...
Cross-Cloud Data Privacy Protection: Optimizing Collaborative Mechanisms of AI Systems by Integrating Federated Learning and LLMs
In the age of cloud computing, data privacy protection has become a major challenge, especially when sharing sensitive data across cloud environments. However, how to optimize collaboration across cloud environments remains an unresolved problem. In this paper, we combine federated learning with...
An Automated Blackbox Noncompliance Checker for QUIC Server Implementations
We develop QUICtester, an automated approach for uncovering non-compliant behaviors in the ratified QUIC protocol implementations RFC 9000/9001. QUICtester leverages active automata learning to abstract the behavior of a QUIC implementation into a finite state machine FSM representation. Unlike...
Lara: Lightweight Anonymous Authentication with Asynchronous Revocation Auditability
Anonymous authentication is a technique that allows to combine access control with privacy preservation. Typically, clients use different pseudonyms for each access, hindering providers from correlating their activities. To perform the revocation of pseudonyms in a privacy preserving manner is...
ArcGIS Insecure OAuth 2.0 Implementation
The ArcGIS clientcredentials OAuth 2.0 API implementation does not adhere to the RFC/standards; This hidden known and by-design, but undocumented functionality enables a requester referred to as client in RFC 6749 to request an, undocumented, custom token expiration from ArcGIS referred to as...
RAR: Setting Knowledge Tripwires for Retrieval Augmented Rejection
Content moderation for large language models LLMs remains a significant challenge, requiring flexible and adaptable solutions that can quickly respond to emerging threats. This paper introduces Retrieval Augmented Rejection RAR, a novel approach that leverages a retrieval-augmented generation RAG...
DeFeed: Secure Decentralized Cross-Contract Data Feed in Web 3.0 for Connected Autonomous Vehicles
Smart contracts have been a topic of interest in blockchain research and are a key enabling technology for Connected Autonomous Vehicles CAVs in the era of Web 3.0. These contracts enable trustless interactions without the need for intermediaries, as they operate based on predefined rules encoded...
Traceable Black-Box Watermarks for Federated Learning
Whitepaper called Traceable Black-Box Watermarks For Federated Learning...
Network-Wide Quantum Key Distribution with Onion Routing Relay (Conference Version)
The advancement of quantum computing threatens classical cryptographic methods, necessitating the development of secure quantum key distribution QKD solutions for QKD Networks QKDN. In this paper, a novel key distribution protocol, Onion Routing Relay ORR, that integrates onion routing OR with...
Security Degradation in Iterative AI Code Generation -- a Systematic Analysis of the Paradox
The rapid adoption of Large Language ModelsLLMs for code generation has transformed software development, yet little attention has been given to how security vulnerabilities evolve through iterative LLM feedback. This paper analyzes security degradation in AI-generated code through a controlled...
Think Twice Before You Act: Enhancing Agent Behavioral Safety with Thought Correction
LLM-based autonomous agents possess capabilities such as reasoning, tool invocation, and environment interaction, enabling the execution of complex multi-step tasks. The internal reasoning process, i.e., thought, of behavioral trajectory significantly influences tool usage and subsequent actions...
QUT-DV25: a Dataset for Dynamic Analysis of Next-Gen Software Supply Chain Attacks
Securing software supply chains is a growing challenge due to the inadequacy of existing datasets in capturing the complexity of next-gen attacks, such as multiphase malware execution, remote access activation, and dynamic payload generation. Existing datasets, which rely on metadata inspection a...
Malware Families Discovery Via Open-Set Recognition on Android Manifest Permissions
Malware are malicious programs that are grouped into families based on their penetration technique, source code, and other characteristics. Classifying malware programs into their respective families is essential for building effective defenses against cyber threats. Machine learning models have ...
Does Low Rank Adaptation Lead to Lower Robustness against Training-Time Attacks?
Low rank adaptation LoRA has emerged as a prominent technique for fine-tuning large language models LLMs thanks to its superb efficiency gains over previous methods. While extensive studies have examined the performance and structural properties of LoRA, its behavior upon training-time attacks...
One Shot Dominance: Knowledge Poisoning Attack on Retrieval-Augmented Generation Systems
Large Language Models LLMs enhanced with Retrieval-Augmented Generation RAG have shown improved performance in generating accurate responses. However, the dependence on external knowledge bases introduces potential security vulnerabilities, particularly when these knowledge bases are publicly...
Apple Security Advisory 05-12-2025-4
Apple Security Advisory 05-12-2025-4 - macOS Sonoma 14.7.6 addresses bypass, code execution, double free, information leakage, integer overflow, out of bounds read, and use-after-free vulnerabilities...
Apple Security Advisory 05-12-2025-3
Apple Security Advisory 05-12-2025-3 - macOS Sequoia 15.5 addresses bypass, code execution, double free, information leakage, integer overflow, out of bounds read, and use-after-free vulnerabilities...
Outsourced Privacy-Preserving Feature Selection Based on Fully Homomorphic Encryption
Feature selection is a technique that extracts a meaningful subset from a set of features in training data. When the training data is large-scale, appropriate feature selection enables the removal of redundant features, which can improve generalization performance, accelerate the training process...
Information-Theoretically Secure Quantum Timestamping with One-Time Universal Hashing
Accurate and tamper-resistant timestamps are essential for applications demanding verifiable chronological ordering, such as legal documentation and digital intellectual property protection. Classical timestamp protocols rely on computational assumptions for security, rendering them vulnerable to...
An Alignment between the CRA'S Essential Requirements and the ATT&CK'S Mitigations
The paper presents an alignment evaluation between the mitigations present in the MITRE's ATT&CK framework and the essential cyber security requirements of the recently introduced Cyber Resilience Act CRA in the European Union. In overall, the two align well with each other. With respect to the...
Fragments to Facts: Partial-Information Fragment Inference from LLMs
Large language models LLMs can leak sensitive training data through memorization and membership inference attacks. Prior work has primarily focused on strong adversarial assumptions, including attacker access to entire samples or long, ordered prefixes, leaving open the question of how vulnerable...
Apple Security Advisory 05-12-2025-9
Apple Security Advisory 05-12-2025-9 - Safari 18.5 addresses various issues that could lead to memory corruption...
Apple Security Advisory 05-12-2025-6
Apple Security Advisory 05-12-2025-6 - watchOS 11.5 addresses code execution, double free, integer overflow, out of bounds read, and use-after-free vulnerabilities...
Apple Security Advisory 05-12-2025-8
Apple Security Advisory 05-12-2025-8 - visionOS 2.5 addresses code execution, double free, integer overflow, out of bounds read, and use-after-free vulnerabilities...
Apple Security Advisory 05-12-2025-7
Apple Security Advisory 05-12-2025-7 - tvOS 18.5 addresses code execution, double free, integer overflow, out of bounds read, and use-after-free vulnerabilities...
Apple Security Advisory 05-12-2025-1
Apple Security Advisory 05-12-2025-1 - iOS 18.5 and iPadOS 18.5 addresses code execution, double free, integer overflow, out of bounds read, spoofing, and use-after-free vulnerabilities...
Apple Security Advisory 05-12-2025-2
Apple Security Advisory 05-12-2025-2 - iPadOS 17.7.7 addresses code execution, double free, information leakage, integer overflow, out of bounds read, spoofing, and use-after-free vulnerabilities...
A Systematic Review and Taxonomy for Privacy Breach Classification: Trends, Gaps, and Future Directions
In response to the rising frequency and complexity of data breaches and evolving global privacy regulations, this study presents a comprehensive examination of academic literature on the classification of privacy breaches and violations between 2010-2024. Through a systematic literature review, a...
MorphMark: Flexible Adaptive Watermarking for Large Language Models
Watermarking by altering token sampling probabilities based on red-green list is a promising method for tracing the origin of text generated by large language models LLMs. However, existing watermark methods often struggle with a fundamental dilemma: improving watermark effectiveness the...
Apple Security Advisory 05-12-2025-5
Apple Security Advisory 05-12-2025-5 - macOS Ventura 13.7.6 addresses bypass, code execution, double free, information leakage, integer overflow, out of bounds read, and use-after-free vulnerabilities...
Writing a Good Security Paper for ISSCC (2025)
Security is increasingly more important in designing chips and systems based on them, and the International Solid-State Circuits Conference ISSCC, the leading conference for presenting advances in solid-state circuits and semiconductor technology, is committed to hardware security by establishing...
MCP Guardian: a Security-First Layer for Safeguarding MCP-Based AI System
As Agentic AI gain mainstream adoption, the industry invests heavily in model capabilities, achieving rapid leaps in reasoning and quality. However, these systems remain largely confined to data silos, and each new integration requires custom logic that is difficult to scale. The Model Context...
BeamClean: Language Aware Embedding Reconstruction
In this work, we consider an inversion attack on the obfuscated input embeddings sent to a language model on a server, where the adversary has no access to the language model or the obfuscation mechanism and sees only the obfuscated embeddings along with the model's embedding table. We propose...
Prink: $K_s$-Anonymization for Streaming Data in Apache Flink
In this paper, we present Prink, a novel and practically applicable concept and fully implemented prototype for ks-anonymizing data streams in real-world application architectures. Building upon the pre-existing, yet rudimentary CASTLE scheme, Prink for the first time introduces semantics-aware...
Testing Access-Control Configuration Changes for Web Applications
Access-control misconfigurations are among the main causes of today's data breaches in web applications. However, few techniques are available to support automatic and systematic testing for access-control changes and detecting risky changes to prevent severe consequences. As a result, those...
PoLO: Proof-Of-Learning and Proof-Of-Ownership at Once with Chained Watermarking
Machine learning models are increasingly shared and outsourced, raising requirements of verifying training effort Proof-of-Learning, PoL to ensure claimed performance and establishing ownership Proof-of-Ownership, PoO for transactions. When models are trained by untrusted parties, PoL and PoO mus...
Towards Centralized Orchestration of Cyber Protection Condition (CPCON)
The United States Cyber Command USCYBERCOM Cyber Protection Condition CPCON framework mandates graduated security postures across Department of Defense DoD networks, but current implementation remains largely manual, inconsistent, and error-prone. This paper presents a prototype system for...
HChain: Blockchain Based Large Scale EHR Data Sharing with Enhanced Security and Privacy
Concerns regarding privacy and data security in conventional healthcare prompted alternative technologies. In smart healthcare, blockchain technology addresses existing concerns with security, privacy, and electronic healthcare transmission. Integration of Blockchain Technology with the Internet ...
ACU: Analytic Continual Unlearning for Efficient and Exact Forgetting with Privacy Preservation
The development of artificial intelligence demands that models incrementally update knowledge by Continual Learning CL to adapt to open-world environments. To meet privacy and security requirements, Continual Unlearning CU emerges as an important problem, aiming to sequentially forget particular...
Is Artificial Intelligence Generated Image Detection a Solved Problem?
The rapid advancement of generative models, such as GANs and Diffusion models, has enabled the creation of highly realistic synthetic images, raising serious concerns about misinformation, deepfakes, and copyright infringement. Although numerous Artificial Intelligence Generated Image AIGI...
Automated Profile Inference with Language Model Agents
Impressive progress has been made in automated problem-solving by the collaboration of large language models LLMs based agents. However, these automated capabilities also open avenues for malicious applications. In this paper, we study a new threat that LLMs pose to online pseudonymity, called...
An In-Kernel Forensics Engine for Investigating Evasive Attacks
Over the years, adversarial attempts against critical services have become more effective and sophisticated in launching low-profile attacks. This trend has always been concerning. However, an even more alarming trend is the increasing difficulty of collecting relevant evidence about these attack...
Protocol As Poetry: Case Study on Pak's Protocol Arts
Protocol art emerges at the confluence of blockchain-based smart contracts and a century-long lineage of conceptual art, participatory art, and algorithmic generative art practices. Yet existing definitions-most notably Primavera De Filippi's "protocolism"-struggle to demarcate this nascent genre...
TPM2.0-Supported Runtime Customizable TEE on FPGA-SoC with User-Controllable VTPM
Constructing a Trusted Execution Environment TEE on Field Programmable Gate Array System on Chip FPGA-SoC in Cloud can effectively protect users' private intel-lectual Property IP cores. In order to facilitate the wide-spread deployment of FPGA-SoC TEE, this paper proposes an approach for...
R1dacted: Investigating Local Censorship in DeepSeek'S R1 Language Model
DeepSeek recently released R1, a high-performing large language model LLM optimized for reasoning tasks. Despite its efficient training pipeline, R1 achieves competitive performance, even surpassing leading reasoning models like OpenAI's o1 on several benchmarks. However, emerging reports suggest...
Private Statistical Estimation Via Truncation
We introduce a novel framework for differentially private DP statistical estimation via data truncation, addressing a key challenge in DP estimation when the data support is unbounded. Traditional approaches rely on problem-specific sensitivity analysis, limiting their applicability. By leveragin...
Improving LLM Outputs against Jailbreak Attacks with Expert Model Integration
Using LLMs in a production environment presents security challenges that include vulnerabilities to jailbreaks and prompt injections, which can result in harmful outputs for humans or the enterprise. The challenge is amplified when working within a specific domain, as topics generally accepted fo...
A Survey of Attacks on Large Language Models
Large language models LLMs and LLM-based agents have been widely deployed in a wide range of applications in the real world, including healthcare diagnostics, financial analysis, customer support, robotics, and autonomous driving, expanding their powerful capability of understanding, reasoning, a...
What'S Pulling the Strings? Evaluating Integrity and Attribution in AI Training and Inference through Concept Shift
The growing adoption of artificial intelligence AI has amplified concerns about trustworthiness, including integrity, privacy, robustness, and bias. To assess and attribute these threats, we propose ConceptLens, a generic framework that leverages pre-trained multimodal models to identify the root...