6858 matches found
Trustworthy Decentralized Autonomous Machines: a New Paradigm in Automation Economy
Decentralized Autonomous Machines DAMs represent a transformative paradigm in automation economy, integrating artificial intelligence AI, blockchain technology, and Internet of Things IoT devices to create self-governing economic agents participating in Decentralized Physical Infrastructure...
EFFACT: a Highly Efficient Full-Stack FHE Acceleration Platform
Fully Homomorphic Encryption FHE is a set of powerful cryptographic schemes that allows computation to be performed directly on encrypted data with an unlimited depth. Despite FHE's promising in privacy-preserving computing, yet in most FHE schemes, ciphertext generally blows up thousands of time...
TrojanDam: Detection-Free Backdoor Defense in Federated Learning through Proactive Model Robustification Utilizing OOD Data
Federated learning FL systems allow decentralized data-owning clients to jointly train a global model through uploading their locally trained updates to a centralized server. The property of decentralization enables adversaries to craft carefully designed backdoor updates to make the global model...
How Private Is Your Attention? Bridging Privacy with In-Context Learning
In-context learning ICL-the ability of transformer-based models to perform new tasks from examples provided at inference time-has emerged as a hallmark of modern language models. While recent works have investigated the mechanisms underlying ICL, its feasibility under formal privacy constraints...
Decentralised Collaborative Action: Cryptoeconomics in Space
Blockchains and peer-to-peer systems are part of a trend towards computer systems that are "radically decentralised", by which we mean that they 1 run across many participants, 2 without central control, and 3 are such that qualities 1 and 2 are essential to the system's intended use cases. We...
Structural Properties of Non-Linear Cellular Automata: Permutivity, Surjectivity and Reversibility
This paper explores the algebraic conditions under which a cellular automaton with a non-linear local rule exhibits surjectivity and reversibility. We also analyze the role of permutivity as a key factor influencing these properties and provide conditions that determine whether a non-linear CA is...
Adversarial Observations in Weather Forecasting
AI-based systems, such as Google's GenCast, have recently redefined the state of the art in weather forecasting, offering more accurate and timely predictions of both everyday weather and extreme events. While these systems are on the verge of replacing traditional meteorological methods, they al...
Intelligent Detection of Non-Essential IoT Traffic on the Home Gateway
The rapid expansion of Internet of Things IoT devices, particularly in smart home environments, has introduced considerable security and privacy concerns due to their persistent connectivity and interaction with cloud services. Despite advancements in IoT security, effective privacy measures rema...
Charting the Uncharted: the Landscape of Monero Peer-To-Peer Network
The Monero blockchain enables anonymous transactions through advanced cryptography in its peer-to-peer network, which underpins decentralization, security, and trustless interactions. However, privacy measures obscure peer connections, complicating network analysis. This study proposes a method t...
Property-Preserving Hashing for $\Ell_1$-Distance Predicates: Applications to Countering Adversarial Input Attacks
Perceptual hashing is used to detect whether an input image is similar to a reference image with a variety of security applications. Recently, they have been shown to succumb to adversarial input attacks which make small imperceptible changes to the input image yet the hashing algorithm does not...
Defending against Intelligent Attackers at Large Scales
We investigate the scale of attack and defense mathematically in the context of AI's possible effect on cybersecurity. For a given target today, highly scaled cyber attacks such as from worms or botnets typically all fail or all succeed. Here, we consider the effect of scale if those attack agent...
Blockchain Meets Adaptive Honeypots: a Trust-Aware Approach to Next-Gen IoT Security
Edge computing-based Next-Generation Wireless Networks NGWN-IoT offer enhanced bandwidth capacity for large-scale service provisioning but remain vulnerable to evolving cyber threats. Existing intrusion detection and prevention methods provide limited security as adversaries continually adapt the...
On the Consistency of GNN Explanations for Malware Detection
Control Flow Graphs CFGs are critical for analyzing program execution and characterizing malware behavior. With the growing adoption of Graph Neural Networks GNNs, CFG-based representations have proven highly effective for malware detection. This study proposes a novel framework that dynamically...
RRC Signaling Storm Detection in O-RAN
The Open Radio Access Network O-RAN marks a significant shift in the mobile network industry. By transforming a traditionally vertically integrated architecture into an open, data-driven one, O-RAN promises to enhance operational flexibility and drive innovation. In this paper, we harness O-RAN's...
ReGraph: a Tool for Binary Similarity Identification
Binary Code Similarity Detection BCSD is not only essential for security tasks such as vulnerability identification but also for code copying detection, yet it remains challenging due to binary stripping and diverse compilation environments. Existing methods tend to adopt increasingly complex...
A Time Series Analysis of Malware Uploads to Programming Language Ecosystems
Software ecosystems built around programming languages have greatly facilitated software development. At the same time, their security has increasingly been acknowledged as a problem. To this end, the paper examines the previously overlooked longitudinal aspects of software ecosystem security,...
Quantifying Source Speaker Leakage in One-To-One Voice Conversion
Using a multi-accented corpus of parallel utterances for use with commercial speech devices, we present a case study to show that it is possible to quantify a degree of confidence about a source speaker's identity in the case of one-to-one voice conversion. Following voice conversion using a...
Residual-Evasive Attacks on ADMM in Distributed Optimization
This paper presents two attack strategies designed to evade detection in ADMM-based systems by preventing significant changes to the residual during the attacked iteration. While many detection algorithms focus on identifying false data injection through residual changes, we show that our attacks...
Backdoor Defense in Diffusion Models Via Spatial Attention Unlearning
Text-to-image diffusion models are increasingly vulnerable to backdoor attacks, where malicious modifications to the training data cause the model to generate unintended outputs when specific triggers are present. While classification models have seen extensive development of defense mechanisms,...
Anamorphic Cryptography with Elliptic Curve Methods
In 2022, Persianom, Phan and Yung outlined the creation of Anamorphic Cryptography. With this, we can create a public key to encrypt data, and then have two secret keys. These secret keys are used to decrypt the cipher into different messages. So, one secret key is given to the Dictator who must ...
The Hardness of Learning Quantum Circuits and Its Cryptographic Applications
We show that concrete hardness assumptions about learning or cloning the output state of a random quantum circuit can be used as the foundation for secure quantum cryptography. In particular, under these assumptions we construct secure one-way state generators OWSGs, digital signature schemes,...
MST3 Encryption Improvement with Three-Parameter Group of Hermitian Function Field
This scholarly work presents an advanced cryptographic framework utilizing automorphism groups as the foundational structure for encryption scheme implementation. The proposed methodology employs a three-parameter group construction, distinguished by its application of logarithmic signatures...
A Refreshment Stirred, Not Shaken (III): Can Swapping Be Differentially Private?
The quest for a precise and contextually grounded answer to the question in the present paper's title resulted in this stirred-not-shaken triptych, a phrase that reflects our desire to deepen the theoretical basis, broaden the practical applicability, and reduce the misperception of differential...
Zero Day Malware Detection with Alpha: Fast DBI with Transformer Models for Real World Application
The effectiveness of an AI model in accurately classifying novel malware hinges on the quality of the features it is trained on, which in turn depends on the effectiveness of the analysis tool used. Peekaboo, a Dynamic Binary Instrumentation DBI tool, defeats malware evasion techniques to capture...
Feature Selection Via GANs (GANFS): Enhancing Machine Learning Models for DDoS Mitigation
Distributed Denial of Service DDoS attacks represent a persistent and evolving threat to modern networked systems, capable of causing large-scale service disruptions. The complexity of such attacks, often hidden within high-dimensional and redundant network traffic data, necessitates robust and...
DualBreach: Efficient Dual-Jailbreaking Via Target-Driven Initialization and Multi-Target Optimization
Recent research has focused on exploring the vulnerabilities of Large Language Models LLMs, aiming to elicit harmful and/or sensitive content from LLMs. However, due to the insufficient research on dual-jailbreaking -- attacks targeting both LLMs and Guardrails, the effectiveness of existing...
A Review on Privacy in DAG-Based DLTs
Directed Acyclic Graph DAG-based Distributed Ledger Technologies DLTs have emerged as a promising solution to the scalability issues inherent in traditional blockchains. However, amidst the focus on scalability, the crucial aspect of privacy within DAG-based DLTs has been largely overlooked. This...
Quantum Pseudoresources Imply Cryptography
While one-way functions OWFs serve as the minimal assumption for computational cryptography in the classical setting, in quantum cryptography, we have even weaker cryptographic assumptions such as pseudo-random states, and EFI pairs, among others. Moreover, the minimal assumption for computationa...
AESHA3: Efficient and Secure Sub-Key Generation for AES Using SHA-3
Advanced Encryption Standard AES is one of the most widely used symmetric cipher for the confidentiality of data. Also it is used for other security services, viz. integrity, authentication and key establishment. However, recently, authors have shown some weakness in the generation of sub-keys in...
Guillotine: Hypervisors for Isolating Malicious AIs
As AI models become more embedded in critical sectors like finance, healthcare, and the military, their inscrutable behavior poses ever-greater risks to society. To mitigate this risk, we propose Guillotine, a hypervisor architecture for sandboxing powerful AI models -- models that, by accident o...
Mining Characteristics of Vulnerable Smart Contracts across Lifecycle Stages
Smart contracts are the cornerstone of decentralized applications and financial protocols, which extend the application of digital currency transactions. The applications and financial protocols introduce significant security challenges, resulting in substantial economic losses. Existing solution...
Gr33n Radar Backdoor 0.1
Gr33n Radar Backdoor is a PHP web shell backdoor that has some innovative features not normally found in web shells...
Mobius Forensic Toolkit 2.14
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools...
A Security Framework for General Blockchain Layer 2 Protocols
Layer 2 L2 solutions are the cornerstone of blockchain scalability, enabling high-throughput and low-cost interactions by shifting execution off-chain while maintaining security through interactions with the underlying ledger. Despite their common goals, the principal L2 paradigms -- payment...
C2RUST-BENCH: a Minimized, Representative Dataset for C-To-Rust Transpilation Evaluation
Despite the effort in vulnerability detection over the last two decades, memory safety vulnerabilities continue to be a critical problem. Recent reports suggest that the key solution is to migrate to memory-safe languages. To this end, C-to-Rust transpilation becomes popular to resolve...
GIFDL: Generated Image Fluctuation Distortion Learning for Enhancing Steganographic Security
Minimum distortion steganography is currently the mainstream method for modification-based steganography. A key issue in this method is how to define steganographic distortion. With the rapid development of deep learning technology, the definition of distortion has evolved from manual design to...
Dual Utilization of Perturbation for Stream Data Publication under Local Differential Privacy
Stream data from real-time distributed systems such as IoT, tele-health, and crowdsourcing has become an important data source. However, the collection and analysis of user-generated stream data raise privacy concerns due to the potential exposure of sensitive information. To address these...
Valkyrie: a Response Framework to Augment Runtime Detection of Time-Progressive Attacks
A popular approach to detect cyberattacks is to monitor systems in real-time to identify malicious activities as they occur. While these solutions aim to detect threats early, minimizing damage, they suffer from a significant challenge due to the presence of false positives. False positives have ...
GRAudit Grep Auditing Tool 3.8
Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very...
Scalable APT Malware Classification Via Parallel Feature Extraction and GPU-Accelerated Learning
This paper presents an underlying framework for both automating and accelerating malware classification, more specifically, mapping malicious executables to known Advanced Persistent Threat APT groups. The main feature of this analysis is the assembly-level instructions present in executables whi...
A Comprehensive Survey of Cybercrimes in India over the Last Decade
Since the 1990s, the integration of technology into daily life has led to the creation of an extensive network of interconnected devices, transforming how individuals and organizations operate. However, this digital transformation has also spurred the rise of cybercrime, criminal activities...
WordPress I Draw 1.0 Shell Upload
WordPress I Draw plugin version 1.0 suffers from a remote shell upload vulnerability...
Extending the ElGamal Cryptosystem to the Third Group of Units of $\Z_{N}$
In this paper, we extend the ElGamal cryptosystem to the third group of units of the ring $\Zn$, which we prove to be more secure than the previous extensions. We describe the arithmetic needed in the new setting. We also provide some numerical simulations that shows the security and efficiency o...
SOLIDO: a Robust Watermarking Method for Speech Synthesis Via Low-Rank Adaptation
Whitepaper called SOLIDO: A Robust Watermarking Method For Speech Synthesis Via Low-Rank Adaptation...
FLARE: Feature-Based Lightweight Aggregation for Robust Evaluation of IoT Intrusion Detection
The proliferation of Internet of Things IoT devices has expanded the attack surface, necessitating efficient intrusion detection systems IDSs for network protection. This paper presents FLARE, a feature-based lightweight aggregation for robust evaluation of IoT intrusion detection to address the...
Large Language Model Empowered Privacy-Protected Framework for PHI Annotation in Clinical Notes
The de-identification of private information in medical data is a crucial process to mitigate the risk of confidentiality breaches, particularly when patient personal details are not adequately removed before the release of medical records. Although rule-based and learning-based methods have been...
DecETT: Accurate App Fingerprinting under Encrypted Tunnels Via Dual Decouple-Based Semantic Enhancement
Whitepaper called DecETT: Accurate App Fingerprinting Under Encrypted Tunnels Via Dual Decouple-Based Semantic Enhancement...
Towards Model Resistant to Transferable Adversarial Examples Via Trigger Activation
Whitepaper called Towards Model Resistant To Transferable Adversarial Examples Via Trigger Activation...
What Lurks Within? Concept Auditing for Shared Diffusion Models at Scale
Diffusion models DMs have revolutionized text-to-image generation, enabling the creation of highly realistic and customized images from text prompts. With the rise of parameter-efficient fine-tuning PEFT techniques like LoRA, users can now customize powerful pre-trained models using minimal...
Decoupling Identity from Access: Credential Broker Patterns for Secure CI/CD
Credential brokers offer a way to separate identity from access in CI/CD systems. This paper shows how verifiable identities issued at runtime, such as those from SPIFFE, can be used with brokers to enable short-lived, policy-driven credentials for pipelines and workloads. We walk through practic...