6907 matches found
FL-PLAS: Federated Learning with Partial Layer Aggregation for Backdoor Defense against High-Ratio Malicious Clients
Federated learning FL is gaining increasing attention as an emerging collaborative machine learning approach, particularly in the context of large-scale computing and data systems. However, the fundamental algorithm of FL, Federated Averaging FedAvg, is susceptible to backdoor attacks. Although...
FABLE: a Localized, Targeted Adversarial Attack on Weather Forecasting Models
Deep learning-based weather forecasting models have recently demonstrated significant performance improvements over gold-standard physics-based simulation tools. However, these models are vulnerable to adversarial attacks, which raises concerns about their trustworthiness. In this paper, we first...
On Membership Inference Attacks in Knowledge Distillation
Nowadays, Large Language Models LLMs are trained on huge datasets, some including sensitive information. This poses a serious privacy concern because privacy attacks such as Membership Inference Attacks MIAs may detect this sensitive information. While knowledge distillation compresses LLMs into...
Proof-Of-Social-Capital: Privacy-Preserving Consensus Protocol Replacing Stake for Social Capital
Consensus protocols used today in blockchains often rely on computational power or financial stakes - scarce resources. We propose a novel protocol using social capital - trust and influence from social interactions - as a non-transferable staking mechanism to ensure fairness and decentralization...
Nonmalleable Progress Leakage
Information-flow control systems often enforce progress-insensitive noninterference, as it is simple to understand and enforce. Unfortunately, real programs need to declassify results and endorse inputs, which noninterference disallows, while preventing attackers from controlling leakage, includi...
Nuclei 3.4.4
Nuclei is a modern, high-performance vulnerability scanner that leverages simple YAML-based templates. It empowers you to design custom vulnerability detection scenarios that mimic real-world conditions, leading to zero false positives...
Self-Destructive Language Model
Harmful fine-tuning attacks pose a major threat to the security of large language models LLMs, allowing adversaries to compromise safety guardrails with minimal harmful data. While existing defenses attempt to reinforce LLM alignment, they fail to address models' inherent "trainability" on harmfu...
Efficient Implementations of Residue Generators Mod 2n + 1 Providing Diminished-1 Representation
The moduli of the form 2n + 1 belong to a class of low-cost odd moduli, which have been frequently selected to form the basis of various residue number systems RNS. The most efficient computations modulo mod 2n + 1 are performed using the so-called diminished-1 D1 representation. Therefore, it is...
The Impact of Emerging Phishing Threats: Assessing Quishing and LLM-Generated Phishing Emails against Organizations
Modern organizations are persistently targeted by phishing emails. Despite advances in detection systems and widespread employee training, attackers continue to innovate, posing ongoing threats. Two emerging vectors stand out in the current landscape: QR-code baits and LLM-enabled pretexting. Yet...
What'S Pulling the Strings? Evaluating Integrity and Attribution in AI Training and Inference through Concept Shift
The growing adoption of artificial intelligence AI has amplified concerns about trustworthiness, including integrity, privacy, robustness, and bias. To assess and attribute these threats, we propose ConceptLens, a generic framework that leverages pre-trained multimodal models to identify the root...
AES-RV: Hardware-Efficient RISC-V Accelerator with Low-Latency AES Instruction Extension for IoT Security
The Advanced Encryption Standard AES is a widely adopted cryptographic algorithm essential for securing embedded systems and IoT platforms. However, existing AES hardware accelerators often face limitations in performance, energy efficiency, and flexibility. This paper presents AES-RV, a...
Safe Delta: Consistently Preserving Safety When Fine-Tuning LLMs on Diverse Datasets
Large language models LLMs have shown great potential as general-purpose AI assistants across various domains. To fully leverage this potential in specific applications, many companies provide fine-tuning API services, enabling users to upload their own data for LLM customization. However,...
Facial Recognition Leveraging Generative Adversarial Networks
Face recognition performance based on deep learning heavily relies on large-scale training data, which is often difficult to acquire in practical applications. To address this challenge, this paper proposes a GAN-based data augmentation method with three key contributions: 1 a residual-embedded...
Coded Robust Aggregation for Distributed Learning under Byzantine Attacks
In this paper, we investigate the problem of distributed learning DL in the presence of Byzantine attacks. For this problem, various robust bounded aggregation RBA rules have been proposed at the central server to mitigate the impact of Byzantine attacks. However, current DL methods apply RBA rul...
TechniqueRAG: Retrieval Augmented Generation for Adversarial Technique Annotation in Cyber Threat Intelligence Text
Accurately identifying adversarial techniques in security texts is critical for effective cyber defense. However, existing methods face a fundamental trade-off: they either rely on generic models with limited domain precision or require resource-intensive pipelines that depend on large labeled...
MalVis: a Large-Scale Image-Based Framework and Dataset for Advancing Android Malware Classification
As technology advances, Android malware continues to pose significant threats to devices and sensitive data. The open-source nature of the Android OS and the availability of its SDK contribute to this rapid growth. Traditional malware detection techniques, such as signature-based, static, and...
Benchmarking LLMs in an Embodied Environment for Blue Team Threat Hunting
As cyber threats continue to grow in scale and sophistication, blue team defenders increasingly require advanced tools to proactively detect and mitigate risks. Large Language Models LLMs offer promising capabilities for enhancing threat analysis. However, their effectiveness in real-world blue...
Privacy-Preserving AI for Encrypted Medical Imaging: a Framework for Secure Diagnosis and Learning
The rapid integration of Artificial Intelligence AI into medical diagnostics has raised pressing concerns about patient privacy, especially when sensitive imaging data must be transferred, stored, or processed. In this paper, we propose a novel framework for privacy-preserving diagnostic inferenc...
Security Practices in AI Development
What makes safety claims about general purpose AI systems such as large language models trustworthy? We show that rather than the capabilities of security tools such as alignment and red teaming procedures, it is security practices based on these tools that contributed to reconfiguring the image ...
Simultaneously Exposing and Jamming Covert Communications Via Disco Reconfigurable Intelligent Surfaces
Covert communications provide a stronger privacy protection than cryptography and physical-layer security PLS. However, previous works on covert communications have implicitly assumed the validity of channel reciprocity, i.e., wireless channels remain constant or approximately constant during the...
Optimal Allocation of Privacy Budget on Hierarchical Data Release
Releasing useful information from datasets with hierarchical structures while preserving individual privacy presents a significant challenge. Standard privacy-preserving mechanisms, and in particular Differential Privacy, often require careful allocation of a finite privacy budget across differen...
Unveiling the Black Box: a Multi-Layer Framework for Explaining Reinforcement Learning-Based Cyber Agents
Reinforcement Learning RL agents are increasingly used to simulate sophisticated cyberattacks, but their decision-making processes remain opaque, hindering trust, debugging, and defensive preparedness. In high-stakes cybersecurity contexts, explainability is essential for understanding how...
Forensics of Error Rates of Quantum Hardware
There has been a rise in third-party cloud providers offering quantum hardware as a service to improve performance at lower cost. Although these providers provide flexibility to the users to choose from several qubit technologies, quantum hardware, and coupling maps; the actual execution of the...
Privacy and Confidentiality Requirements Engineering for Process Data
The application and development of process mining techniques face significant challenges due to the lack of publicly available real-life event logs. One reason for companies to abstain from sharing their data are privacy and confidentiality concerns. Privacy concerns refer to personal data as...
AutoRAN: Weak-To-Strong Jailbreaking of Large Reasoning Models
This paper presents AutoRAN, the first automated, weak-to-strong jailbreak attack framework targeting large reasoning models LRMs. At its core, AutoRAN leverages a weak, less-aligned reasoning model to simulate the target model's high-level reasoning structures, generates narrative prompts, and...
GoLeash: Mitigating Golang Software Supply Chain Attacks with Runtime Policy Enforcement
Modern software supply chain attacks consist of introducing new, malicious capabilities into trusted third-party software components, in order to propagate to a victim through a package dependency chain. These attacks are especially concerning for the Go language ecosystem, which is extensively...
LLMs Unlock New Paths to Monetizing Exploits
We argue that Large language models LLMs will soon alter the economics of cyberattacks. Instead of attacking the most commonly used software and monetizing exploits by targeting the lowest common denominator among victims, LLMs enable adversaries to launch tailored attacks on a user-by-user basis...
GenoArmory: a Unified Evaluation Framework for Adversarial Attacks on Genomic Foundation Models
We propose the first unified adversarial attack benchmark for Genomic Foundation Models GFMs, named GenoArmory. Unlike existing GFM benchmarks, GenoArmory offers the first comprehensive evaluation framework to systematically assess the vulnerability of GFMs to adversarial attacks. Methodologicall...
Anti-Sensing: Defense against Unauthorized Radar-Based Human Vital Sign Sensing with Physically Realizable Wearable Oscillators
Recent advancements in Ultra-Wideband UWB radar technology have enabled contactless, non-line-of-sight vital sign monitoring, making it a valuable tool for healthcare. However, UWB radar's ability to capture sensitive physiological data, even through walls, raises significant privacy concerns,...
Verifiably Forgotten? Gradient Differences Still Enable Data Reconstruction in Federated Unlearning
Federated Unlearning FU has emerged as a critical compliance mechanism for data privacy regulations, requiring unlearned clients to provide verifiable Proof of Federated Unlearning PoFU to auditors upon data removal requests. However, we uncover a significant privacy vulnerability: when gradient...
PIG: Privacy Jailbreak Attack on LLMs Via Gradient-Based Iterative In-Context Optimization
Large Language Models LLMs excel in various domains but pose inherent privacy risks. Existing methods to evaluate privacy leakage in LLMs often use memorized prefixes or simple instructions to extract data, both of which well-alignment models can easily block. Meanwhile, Jailbreak attacks bypass...
Probing the Vulnerability of Large Language Models to Polysemantic Interventions
Polysemanticity -- where individual neurons encode multiple unrelated features -- is a well-known characteristic of large neural networks and remains a central challenge in the interpretability of language models. At the same time, its implications for model safety are also poorly understood...
On the Security Risks of ML-Based Malware Detection Systems: a Survey
Malware presents a persistent threat to user privacy and data integrity. To combat this, machine learning-based ML-based malware detection MD systems have been developed. However, these systems have increasingly been attacked in recent years, undermining their effectiveness in practice. While the...
Server-Side Template Injection Vulnerabilities and Exploitation Techniques
Research article called Server-Side Template Injection SSTI Vulnerabilities and Exploitation Techniques. The paper provides a structured methodology for detecting and exploiting SSTI vulnerabilities across multiple template engines, along with real-world case studies and mitigation strategies...
Understanding and Characterizing Obfuscated Funds Transfers in Ethereum Smart Contracts
Scam contracts on Ethereum have rapidly evolved alongside the rise of DeFi and NFT ecosystems, utilizing increasingly complex code obfuscation techniques to avoid early detection. This paper systematically investigates how obfuscation amplifies the financial risks of fraudulent contracts and...
Yet Another Diminishing Spark: Low-Level Cyberattacks in the Israel-Gaza Conflict
We report empirical evidence of web defacement and DDoS attacks carried out by low-level cybercrime actors in the Israel-Gaza conflict. Our quantitative measurements indicate an immediate increase in such cyberattacks following the Hamas-led assault and the subsequent declaration of war. However,...
Blockchain-Enabled Decentralized Privacy-Preserving Group Purchasing for Energy Plans
Retail energy markets are increasingly consumer-oriented, thanks to a growing number of energy plans offered by a plethora of energy suppliers, retailers and intermediaries. To maximize the benefits of competitive retail energy markets, group purchasing is an emerging paradigm that aggregates...
Decentralized Multi-Authority Attribute-Based Inner-Product Functional Encryption: Noisy and Evasive Constructions from Lattices
We study multi-authority attribute-based functional encryption for noisy inner-product functionality, and propose two new primitives: 1 multi-authority attribute-based noisy inner-product functional encryption MA-ABNIPFE, which generalizes existing multi-authority attribute-based IPFE schemes by...
Adversarially Robust Spiking Neural Networks with Sparse Connectivity
Deployment of deep neural networks in resource-constrained embedded systems requires innovative algorithmic solutions to facilitate their energy and memory efficiency. To further ensure the reliability of these systems against malicious actors, recent works have extensively studied adversarial...
GuardReasoner-VL: Safeguarding VLMs Via Reinforced Reasoning
To enhance the safety of VLMs, this paper introduces a novel reasoning-based VLM guard model dubbed GuardReasoner-VL. The core idea is to incentivize the guard model to deliberatively reason before making moderation decisions via online RL. First, we construct GuardReasoner-VLTrain, a reasoning...
LARGO: Latent Adversarial Reflection through Gradient Optimization for Jailbreaking LLMs
Efficient red-teaming method to uncover vulnerabilities in Large Language Models LLMs is crucial. While recent attacks often use LLMs as optimizers, the discrete language space make gradient-based methods struggle. We introduce LARGO Latent Adversarial Reflection through Gradient Optimization, a...
The Ripple Effect: on Unforeseen Complications of Backdoor Attacks
Recent research highlights concerns about the trustworthiness of third-party Pre-Trained Language Models PTLMs due to potential backdoor attacks. These backdoored PTLMs, however, are effective only for specific pre-defined downstream tasks. In reality, these PTLMs can be adapted to many other...
MPMA: Preference Manipulation Attack against Model Context Protocol
Model Context Protocol MCP standardizes interface mapping for large language models LLMs to access external data and tools, which revolutionizes the paradigm of tool selection and facilitates the rapid expansion of the LLM agent tool ecosystem. However, as the MCP is increasingly adopted,...
Co-Evolutionary Defence of Active Directory Attack Graphs Via GNN-Approximated Dynamic Programming
Modern enterprise networks increasingly rely on Active Directory AD for identity and access management. However, this centralization exposes a single point of failure, allowing adversaries to compromise high-value assets. Existing AD defense approaches often assume static attacker behavior, but...
ProxyPrompt: Securing System Prompts against Prompt Extraction Attacks
The integration of large language models LLMs into a wide range of applications has highlighted the critical role of well-crafted system prompts, which require extensive testing and domain expertise. These prompts enhance task performance but may also encode sensitive information and filtering...
Side Channel Analysis in Homomorphic Encryption
Homomorphic encryption provides many opportunities for privacy-aware processing, including with methods related to machine learning. Many of our existing cryptographic methods have been shown in the past to be susceptible to side channel attacks. With these, the implementation of the cryptographi...
Scaling an ISO Compliance Practice: Strategic Insights from Building a \$1m+ Cybersecurity Certification Line
The rapid exponential growth in cloud-first business models and tightened global data protection regulations have led to the exponential increase in the level of importance of ISO certifications, especially ISO/IEC 27001, 27017, and 27018, as strategic imperative propositions for organizations...
Mobius Forensic Toolkit 2.15
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools...
"Explain, Don'T Just Warn!" -- a Real-Time Framework for Generating Phishing Warnings with Contextual Cues
Anti-phishing tools typically display generic warnings that offer users limited explanation on why a website is considered malicious, which can prevent end-users from developing the mental models needed to recognize phishing cues on their own. This becomes especially problematic when these tools...
From Trade-Off to Synergy: a Versatile Symbiotic Watermarking Framework for Large Language Models
The rise of Large Language Models LLMs has heightened concerns about the misuse of AI-generated text, making watermarking a promising solution. Mainstream watermarking schemes for LLMs fall into two categories: logits-based and sampling-based. However, current schemes entail trade-offs among...