6894 matches found
The Dark Side of the Web: Towards Understanding Various Data Sources in Cyber Threat Intelligence
Cyber threats have become increasingly prevalent and sophisticated. Prior work has extracted actionable cyber threat intelligence CTI, such as indicators of compromise, tactics, techniques, and procedures TTPs, or threat feeds from various sources: open source data e.g., social networks, internal...
Steering the CensorShip: Uncovering Representation Vectors for LLM "Thought" Control
Large language models LLMs have transformed the way we access information. These models are often tuned to refuse to comply with requests that are considered harmful and to produce responses that better align with the preferences of those who control the models. To understand how this "censorship...
T2VShield: Model-Agnostic Jailbreak Defense for Text-To-Video Models
The rapid development of generative artificial intelligence has made text to video models essential for building future multimodal world simulators. However, these models remain vulnerable to jailbreak attacks, where specially crafted prompts bypass safety mechanisms and lead to the generation of...
A Study on Mixup-Inspired Augmentation Methods for Software Vulnerability Detection
Various deep learning DL methods have recently been utilized to detect software vulnerabilities. Real-world software vulnerability datasets are rare and hard to acquire, as there is no simple metric for classifying vulnerability. Such datasets are heavily imbalanced, and none of the current...
Heavy-Tailed Privacy: the Symmetric Alpha-Stable Privacy Mechanism
With the rapid growth of digital platforms, there is increasing apprehension about how personal data is collected, stored, and used by various entities. These concerns arise from the increasing frequency of data breaches, cyber-attacks, and misuse of personal information for targeted advertising...
ECG Identity Authentication in Open-Set with Multi-Model Pretraining and Self-Constraint Center and Irrelevant Sample Repulsion Learning
Electrocardiogram ECG signal exhibits inherent uniqueness, making it a promising biometric modality for identity authentication. As a result, ECG authentication has gained increasing attention in recent years. However, most existing methods focus primarily on improving authentication accuracy...
Adversarial Attacks on LLM-As-A-Judge Systems: Insights from Prompt Injections
LLM as judge systems used to assess text quality code correctness and argument strength are vulnerable to prompt injection attacks. We introduce a framework that separates content author attacks from system prompt attacks and evaluate five models Gemma 3.27B Gemma 3.4B Llama 3.2 3B GPT 4 and Clau...
SoK: Timeline Based Event Reconstruction for Digital Forensics: Terminology, Methodology, and Current Challenges
Event reconstruction is a technique that examiners can use to attempt to infer past activities by analyzing digital artifacts. Despite its significance, the field suffers from fragmented research, with studies often focusing narrowly on aspects like timeline creation or tampering detection. This...
Performance of Machine Learning Classifiers for Anomaly Detection in Cyber Security Applications
This work empirically evaluates machine learning models on two imbalanced public datasets KDDCUP99 and Credit Card Fraud 2013. The method includes data preparation, model training, and evaluation, using an 80/20 train/test split. Models tested include eXtreme Gradient Boosting XGB, Multi Layer...
A Gradient-Optimized TSK Fuzzy Framework for Explainable Phishing Detection
Phishing attacks represent an increasingly sophisticated and pervasive threat to individuals and organizations, causing significant financial losses, identity theft, and severe damage to institutional reputations. Existing phishing detection methods often struggle to simultaneously achieve high...
DeSIA: Attribute Inference Attacks against Limited Fixed Aggregate Statistics
Empirical inference attacks are a popular approach for evaluating the privacy risk of data release mechanisms in practice. While an active attack literature exists to evaluate machine learning models or synthetic data release, we currently lack comparable methods for fixed aggregate statistics, i...
Faraday 5.13.0
Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use...
Quantum Lifting for Invertible Permutations and Ideal Ciphers
In this work, we derive the first lifting theorems for establishing security in the quantum random permutation and ideal cipher models. These theorems relate the success probability of an arbitrary quantum adversary to that of a classical algorithm making only a small number of classical queries...
LLMpatronous: Harnessing the Power of LLMs for Vulnerability Detection
Despite the transformative impact of Artificial Intelligence AI across various sectors, cyber security continues to rely on traditional static and dynamic analysis tools, hampered by high false positive rates and superficial code comprehension. While generative AI offers promising automation...
TSCL:Multi-Party Loss Balancing Scheme for Deep Learning Image Steganography Based on Curriculum Learning
For deep learning-based image steganography frameworks, in order to ensure the invisibility and recoverability of the information embedding, the loss function usually contains several losses such as embedding loss, recovery loss and steganalysis loss. In previous research works, fixed loss weight...
LightDSA: a Python-Based Hybrid Digital Signature Library and Performance Analysis of RSA, DSA, ECDSA and EdDSA in Variable Configurations, Elliptic Curve Forms and Curves
Digital signature algorithms DSAs are fundamental to cryptographic security, ensuring data integrity and authentication. While RSA, DSA, ECDSA, and EdDSA are widely used, their performance varies significantly depending on key sizes, hash functions, and elliptic curve configurations. In this pape...
NoEsis: Differentially Private Knowledge Transfer in Modular LLM Adaptation
Large Language Models LLM are typically trained on vast amounts of data from various sources. Even when designed modularly e.g., Mixture-of-Experts, LLMs can leak privacy on their sources. Conversely, training such models in isolation arguably prohibits generalization. To this end, we propose a...
ThreMoLIA: Threat Modeling of Large Language Model-Integrated Applications
Large Language Models LLMs are currently being integrated into industrial software applications to help users perform more complex tasks in less time. However, these LLM-Integrated Applications LIA expand the attack surface and introduce new kinds of threats. Threat modeling is commonly used to...
issabel-pbx 4.0.0-6 Cross Site Request Forgery
issabel-pbx version 4.0.0-6 proof of concept cross site request forgery exploit that creates a new user...
Bandit on the Hunt: Dynamic Crawling for Cyber Threat Intelligence
Public information contains valuable Cyber Threat Intelligence CTI that is used to prevent future attacks. While standards exist for sharing this information, much appears in non-standardized news articles or blogs. Monitoring online sources for threats is time-consuming and source selection is...
Revisiting Data Auditing in Large Vision-Language Models
With the surge of large language models LLMs, Large Vision-Language Models VLMs--which integrate vision encoders with LLMs for accurate visual grounding--have shown great potential in tasks like generalist agents and robotic control. However, VLMs are typically trained on massive web-scraped...
PICO: Secure Transformers Via Robust Prompt Isolation and Cybersecurity Oversight
We propose a robust transformer architecture designed to prevent prompt injection attacks and ensure secure, reliable response generation. Our PICO Prompt Isolation and Cybersecurity Oversight framework structurally separates trusted system instructions from untrusted user inputs through dual...
Automating Function-Level TARA for Automotive Full-Lifecycle Security
As modern vehicles evolve into intelligent and connected systems, their growing complexity introduces significant cybersecurity risks. Threat Analysis and Risk Assessment TARA has therefore become essential for managing these risks under mandatory regulations. However, existing TARA automation...
Biting the CHERI Bullet: Blockers, Enablers and Security Implications of CHERI in Defence
There is growing interest in securing the hardware foundations software stacks build upon. However, before making any investment decision, software and hardware supply chain stakeholders require evidence from realistic, multiple long-term studies of adoption. We present results from a 12 month...
User Profiles: the Achilles' Heel of Web Browsers
Web browsers provide the security foundation for our online experiences. Significant research has been done into the security of browsers themselves, but relatively little investigation has been done into how they interact with the operating system or the file system. In this work, we provide the...
Semantic-Aware Contrastive Fine-Tuning: Boosting Multimodal Malware Classification with Discriminative Embeddings
The rapid evolution of malware variants requires robust classification methods to enhance cybersecurity. While Large Language Models LLMs offer potential for generating malware descriptions to aid family classification, their utility is limited by semantic embedding overlaps and misalignment with...
STCL: Curriculum Learning Strategies for Deep Learning Image Steganography Models
Whitepaper called STCL: Curriculum Learning Strategies For Deep Learning Image Steganography Models...
Quantum Autoencoder for Multivariate Time Series Anomaly Detection
Anomaly Detection AD defines the task of identifying observations or events that deviate from typical - or normal - patterns, a critical capability in IT security for recognizing incidents such as system misconfigurations, malware infections, or cyberattacks. In enterprise environments like SAP...
Cluster-Aware Attacks on Graph Watermarks
Data from domains such as social networks, healthcare, finance, and cybersecurity can be represented as graph-structured information. Given the sensitive nature of this data and their frequent distribution among collaborators, ensuring secure and attributable sharing is essential. Graph...
Bighuge BLS OSINT Tool 2.1.0 Local Privilege Escalation
Bighuge BLS OSINT Tool BBOT version 2.1.0 is susceptible to a local privilege escalation issue when a malicious module is used. Proof of concept module included...
AI-Based Vulnerability Analysis of NFT Smart Contracts
With the rapid growth of the NFT market, the security of smart contracts has become crucial. However, existing AI-based detection models for NFT contract vulnerabilities remain limited due to their complexity, while traditional manual methods are time-consuming and costly. This study proposes an...
Near-Term Pseudorandom and Pseudoresource Quantum States
Whitepaper called Near-Term Pseudorandom And Pseudoresource Quantum States...
Avoiding Leakage Poisoning: Concept Interventions under Distribution Shifts
In this paper, we investigate how concept-based models CMs respond to out-of-distribution OOD inputs. CMs are interpretable neural architectures that first predict a set of high-level concepts e.g., stripes, black and then predict a task label from those concepts. In particular, we study the impa...
Silenzio: Secure Non-Interactive Outsourced MLP Training
Outsourcing the ML training to cloud providers presents a compelling opportunity for resource constrained clients, while it simultaneously bears inherent privacy risks, especially for highly sensitive training data. We introduce Silenzio, the first fully non-interactive outsourcing scheme for the...
Evaluating the Vulnerability of ML-Based Ethereum Phishing Detectors to Single-Feature Adversarial Perturbations
This paper explores the vulnerability of machine learning models to simple single-feature adversarial attacks in the context of Ethereum fraudulent transaction detection. Through comprehensive experimentation, we investigate the impact of various adversarial attack strategies on model performance...
Secured Encryption Scheme Based on the Ree Groups
An improved design of a cryptosystem based on small Ree groups is proposed. We have changed the encryption algorithm and propose to use a logarithmic signature for the entire Ree group. This approach improves security against sequential key recovery attacks. Hence, the complexity of the key...
A Comment on "E-PoS: Making PoS Decentralized and Fair"
Proof-of-Stake PoS is a prominent Sybil control mechanism for blockchain-based systems. In "e-PoS: Making PoS Decentralized and Fair," Saad et al. TPDS'21 introduced a new Proof-of-Stake protocol, e-PoS, to enhance PoS applications' decentralization and fairness. In this comment paper, we address...
Apple Security Advisory 04-16-2025-1
Apple Security Advisory 04-16-2025-1 - iOS 18.4.1 and iPadOS 18.4.1 addresses bypass and code execution vulnerabilities...
Gladinet CentreStack 16.1.10296.56315 Remote Code Execution
Proof of concept exploit for Gladinet CentreStack versions up to 16.1.10296.56315. This software has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, as exploited in the wild in March 2025. This issue is fixed in version 16.4.10315.56368...
Fishing for Phishers: Learning-Based Phishing Detection in Ethereum Transactions
Phishing detection on Ethereum has increasingly leveraged advanced machine learning techniques to identify fraudulent transactions. However, limited attention has been given to understanding the effectiveness of feature selection strategies and the role of graph-based models in enhancing detectio...
WordPress Verification SMS with TargetSMS 1.5 Remote Code Execution
WordPress Verification SMS with TargetSMS plugin versions 1.5 and below suffer from a logic flaw that allow for remote code execution...
Crypto-NcRNA: Non-Coding RNA (NcRNA) Based Encryption Algorithm
In the looming post-quantum era, traditional cryptographic systems are increasingly vulnerable to quantum computing attacks that can compromise their mathematical foundations. To address this critical challenge, we propose crypto-ncRNA-a bio-convergent cryptographic framework that leverages the...
"Shifting Access Control Left" Using Asset and Goal Models
Access control needs have broad design implications, but access control specifications may be elicited before, during, or after these needs are captured. Because access control knowledge is distributed, we need to make knowledge asymmetries more transparent, and use expertise already available to...
Apple Security Advisory 04-16-2025-4
Apple Security Advisory 04-16-2025-4 - visionOS 2.4.1 addresses bypass and code execution vulnerabilities...
Contrastive Learning for Continuous Touch-Based Authentication
Smart mobile devices have become indispensable in modern daily life, where sensitive information is frequently processed, stored, and transmitted-posing critical demands for robust security controls. Given that touchscreens are the primary medium for human-device interaction, continuous user...
Optimized Approaches to Malware Detection: a Study of Machine Learning and Deep Learning Techniques
Digital systems find it challenging to keep up with cybersecurity threats. The daily emergence of more than 560,000 new malware strains poses significant hazards to the digital ecosystem. The traditional malware detection methods fail to operate properly and yield high false positive rates with l...
From Randomized Response to Randomized Index: Answering Subset Counting Queries with Local Differential Privacy
Local Differential Privacy LDP is the predominant privacy model for safeguarding individual data privacy. Existing perturbation mechanisms typically require perturbing the original values to ensure acceptable privacy, which inevitably results in value distortion and utility deterioration. In this...
Apple Security Advisory 04-16-2025-3
Apple Security Advisory 04-16-2025-3 - tvOS 18.4.1 addresses bypass and code execution vulnerabilities...
Apple Security Advisory 04-16-2025-2
Apple Security Advisory 04-16-2025-2 - macOS Sequoia 15.4.1 addresses bypass and code execution vulnerabilities...
Commvault Command Center Innovation Release 11.38 Remote Code Execution
Commvault Command Center Innovation Release version 11.38 proof of concept pre-authentication remote code execution exploit...