6803 matches found
Large Language Models As Explainable Cyberattack Detectors for Energy Industrial Control Systems
In modern energy systems, industrial control systems ICS and power-system SCADA require intrusion detection that is not only accurate but also auditable by operators. The ICS intrusion-detection landscape is currently dominated by established supervised detectors. In this paper, we study whether ...
Towards Agentic Investigation of Security Alerts
Security analysts are overwhelmed by the volume of alerts and the low context provided by many detection systems. Early-stage investigations typically require manual correlation across multiple log sources, a task that is usually time-consuming. In this paper, we present an experimental, agentic...
Logic-to-Code Execution via Indirect Prompt Injection
This document explores a critical architectural vulnerability in Large Language Model LLM implementations, specifically within Command Line Interface CLI tools and automated agentic workflows. The research demonstrates how the absence of separation between the control plane instructions and the...
Windows Persistence via UserInitMprLogonScript Registry Key
This Python script demonstrates a Windows persistence technique based on modifying the HKCU\Environment\UserInitMprLogonScript registry value, which allows execution of a program each time the user logs in...
MARD: A Multi-Agent Framework for Robust Android Malware Detection
With the rapid evolution of Android applications, traditional machine learning-based detection models suffer from concept drift. Additionally, they are constrained by shallow features, lacking deep semantic understanding and interpretability of decisions. Although Large Language Models LLMs...
Medoid Prototype Alignment for Cross-Plant Unknown Attack Detection in Industrial Control Systems
Deploying an intrusion detector trained in one industrial plant to another remains difficult because Industrial Control System ICS traffic is highly site-dependent, labels are scarce, and unseen attacks often appear after deployment. To address this challenge, this paper introduces a medoid...
An Empirical Security Evaluation of LLM-Generated Cryptographic Rust Code
Developers and organizations are using Large Language Models LLMs to generate security-critical code more frequently than ever, including cryptographic solutions for their products. This study presents an empirical evaluation of cryptographic security in 240 Rust code samples for two crypto...
Threat-Oriented Digital Twinning for Security Evaluation of Autonomous Platforms
Open, unclassified research on secure autonomy is constrained by limited access to operational platforms, contested communications infrastructure, and representative adversarial test conditions. This paper presents a threat-oriented digital twinning methodology for cybersecurity evaluation of...
OpenSOC-AI: Democratizing Security Operations with Parameter Efficient LLM Log Analysis
Small and medium sized businesses SMBs face an escalating cybersecurity threat landscape, yet most lack the resources to staff full Security Operations Centers SOCs or deploy enterprise grade detection platforms. This paper presents OpenSOC-AI, a lightweight log analysis framework that uses...
GoAT-X: A Graph of Auditing Thoughts for Securing Token Transactions in Cross-Chain Contracts
Cross-chain bridges, the critical infrastructure of the multi-chain ecosystem, have become a primary target for attackers, resulting in over $2.8 billion in losses due to subtle implementation flaws. Existing defenses, such as bytecode-level static analysis, are ill-equipped to handle the semanti...
Vulnerability Identification by Harnessing Inter-Connected Multi-Source Information
The utilization of third-party open-source libraries is widespread in modern software development. Due to the dependency relationships, vulnerabilities within open-source libraries pose significant security threats to downstream software. However, the library vulnerabilities are usually implicitl...
Jailbreaking Frontier Foundation Models through Intention Deception
Large vision-language models exhibit remarkable capability but remain highly susceptible to jailbreaking. Existing safety training approaches aim to have the model learn a refusal boundary between safe and unsafe, based on the user's intent. It has been found that this binary training regime ofte...
Evaluating Cryptographic API Misuse Detectors for Go
Cryptographic API misuse represents a critical vulnerability class that undermines the security foundations of modern software. Yet, it remains largely unexplored in Go despite its dominance in security-critical infrastructure. This paper presents the first comprehensive study of cryptographic AP...
AgentVisor: Defending LLM Agents against Prompt Injection Via Semantic Virtualization
Large Language Model LLM agents are increasingly used to automate complex workflows, but integrating untrusted external data with privileged execution exposes them to severe security risks, particularly direct and indirect prompt injection. Existing defenses face significant challenges in balanci...
Structured Security Auditing and Robustness Enhancement for Untrusted Agent Skills
Agent Skills package SKILL.md files, scripts, reference documents, and repository context into reusable capability units, turning pre-load auditing from single-prompt filtering into cross-file security review. Existing guardrails often flag risk but recover malicious intent inconsistently under...
System-Aware Contextual Digital Twin for ICS Anomaly Diagnosis
Industrial Control Systems ICS integrate computing, physical processes, and communication to operate critical infrastructures such as power grids, water treatment plants, and oil and gas facilities. As ICS become increasingly targeted by cyberattacks, timely and reliable anomaly diagnosis is...
Dynamic Cyber Ranges
As LLM-driven agents advance in cybersecurity, Jeopardy CTF benchmarks are approaching saturation and cyber ranges, the natural next evaluation frontier, offer diminishing resistance under their current static design. We validate this observation by deploying an LLM-driven Advanced Persistent...
Converging Zero Trust and IoT Security: A Multivocal Literature Review
The convergence of Internet of Things IoT security and Zero Trust ZT principles is a trending topic, demanding a comprehensive, multi-perspective analysis. We present the first multivocal literature review MLR on this topic, combining 68 academic and 36 industrial studies. This comprehensive revi...
Poster: ClawdGo: Endogenous Security Awareness Training for Autonomous AI Agents
Autonomous AI agents deployed on platforms such as OpenClaw face prompt injection, memory poisoning, supply-chain attacks, and social engineering, yet existing defences address only the platform perimeter, leaving the agent's own threat judgement entirely untrained. We present ClawdGo, a framewor...
A Systematic Literature Review for Transformer-Based Software Vulnerability Detection
Context: Software vulnerabilities pose significant security threats to software systems, especially as software is increasingly used across many areas of daily life, including health, government, and finance. Recently, transformer-based models have demonstrated promising results in automatic...
Machine-Checked Cardinality Bounds for Masked Barrett Reduction: A 1-Bit Side-Channel Leakage Barrier in Post-Quantum Cryptographic Hardware
Barrett reduction is the nonlinear core of every practical NTT-based post-quantum cryptography implementation. Existing composition frameworks ISW, t-SNI, PINI, DOM address Boolean masking over GF2; none provides a machine-checked characterization of Barrett's leakage under first-order arithmetic...
Detecting Avalanche Effect in Adversarial Settings: Spotting the Encryption Loops in Ransomware
Spotting encryption loops in binary-only ransomware is a critical reverse engineering task. Since the existence of avalanche effect, an intrinsic characteristic of any secure encryption algorithms, is unavoidable during a victim data encryption attack, it is a very promising direction to spot...
A Comparative Evaluation of AI Agent Security Guardrails
This report presents a comparative evaluation of DKnownAI Guard in AI agent security scenarios, benchmarked against three competing products: AWS Bedrock Guardrails, Azure Content Safety, and Lakera Guard. Using human annotation as the ground truth, we assess each guardrail's ability to detect tw...
V8 BigInt SharedArrayBuffer Concurrency Synchronization
This JavaScript code is a concurrency demonstration using SharedArrayBuffer, Web Workers, and Atomics to coordinate execution between the main thread and a worker thread...
RowHammer Vulnerability Counter (RVC): Redefining RowHammer Detection with Victim-Centric Tracking
The Rowhammer vulnerability poses an increasing challenge with newer generations of DRAM and aggressive technology scaling. Existing mitigation techniques, such as Graphene, Twice, and Hydra, primarily rely on tracking activation counts for each row and issuing refreshes when a row reaches a...
MAS-SZZ: Multi-Agentic SZZ Algorithm for Vulnerability-Inducing Commit Identification
Accurate vulnerability-inducing commit identification serves as a foundation for a series of software security tasks, such as vulnerability detection and affected version analysis. A straightforward solution is the SZZ algorithm, which traces back through the code history to identify the earliest...
From Spoofing to Trust: Emergency Alerts Spoofing Testbed and Cross-Cell Verification
Public warning systems PWS in cellular networks enable authorities to broadcast emergency alerts to all mobile phones in a geographic region in the event of threats such as earthquakes or severe weather. If an attacker can imitate these alerts and transmit a forged warning containing fake news or...
SNF - Shadow Network Fingerprinting Engine
SNF Shadow Network Fingerprinting Engine is a 100% offline, air-gap-native passive network intelligence engine written entirely in Rust. It was designed from the ground up for environments where outbound connectivity is not just unavailable but prohibited: classified defense networks, nuclear...
Symbolic Execution Meets Multi-LLM Orchestration: Detecting Memory Vulnerabilities in Incomplete Rust CVE Snippets
This paper presents a system combining symbolic execution KLEE with a 4-agent multi-LLM architecture for detecting memory vulnerabilities in Rust unsafe code. A central challenge we address is the incomplete-code problem: CVE database entries provide only isolated code snippets that lack struct...
DETOUR: A Practical Backdoor Attack against Object Detection
Object detection OD is critical to real-world vision systems, yet existing backdoor attacks on detection transformers DETRs for OD tasks rely on patch-wise triggers optimized at fixed locations with minimal perturbations. Such attacks overlook that backdoor triggers in the real world may appear a...
Network Impact of Post-Quantum Certificate Chain Sizes on Time to First Byte in TLS Deployments
Post-Quantum Cryptography PQC is a rapidly growing deployment challenge as cryptographically relevant quantum computers CRQC continue to advance, leaving traditional cryptographic algorithms used in X.509 vulnerable to attack. However, PQC introduces significant deployment challenges in real-worl...
Joern 4.0.528
Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...
python-ecdsa DER Parser Security Test Suite
This Python script is a security test and validation suite for the python-ecdsa library, focused on detecting potential DER Distinguished Encoding Rules parsing anomalies that may relate to CVE-2026-33936...
Selenium Grid 4.11.0 Selenoid Backend Detection and Safe Session Validation Inspector
The provided Python script is a non-exploit reconnaissance and validation tool designed to identify Selenium Grid or Selenoid deployments exposed via HTTP APIs...
Safeguarding Skies: Airport Cybersecurity in the Digital Age
The aviation industry faces significant vulnerabilities from both physical and cybersecurity threats, highlighting the urgent need for enhanced cybersecurity measures amid increasingly sophisticated attacks. This paper systematically reviews emerging threats at airports, analyzing real-world...
Evaluation of Prompt Injection Defenses in Large Language Models
LLM-powered applications routinely embed secrets in system prompts, yet models can be tricked into revealing them. We built an adaptive attacker that evolves its strategies over hundreds of rounds and tested it against nine defense configurations across more than 20,000 attacks. Every defense tha...
SMSI: System Model Security Inference: Automated Threat Modeling for Cyber-Physical Systems
Threat modeling for cyber-physical systems CPS remains a largely manual exercise. This project presents SMSI System Model Security Inference, a hybrid neuro-symbolic pipeline that starts from a SysML architecture model and produces a prioritized list of NIST 800-53 security controls. The prototyp...
Constraint-Guided Multi-Agent Decompilation for Executable Binary Recovery
Decompilation -- recovering source code from compiled binaries -- is essential for security analysis, malware reverse engineering, and legacy software maintenance. However, existing decompilers produce code that often fails to compile or execute correctly, limiting their practical utility. We...
Analysis of Personal Data Exposure in Thailand
In the digital era, personal data, particularly sensitive identifiers such as the Social Security Number and National Identification Number, have become a highly valuable asset, raising significant concerns regarding privacy and security. This study examines the risks associated with the online...
SeqShield: A Behavioral Analysis Approach to Uncover Rootkits
Rootkits are among the most elusive types of malware, capable of bypassing traditional static analysis methods due to their metamorphic behavior. Signature-based detection techniques struggle against these threats, necessitating a shift toward dynamic analysis approaches. We propose SeqShield, a...
The Vehicle May Be Sick: Denial of Diagnostic Services by Exploiting the CAN Transport Protocol
Vehicle diagnostics has become essential for detecting in-vehicle errors and ensuring safety. While the Unified Diagnostic Services UDS protocol is widely adopted for diagnostic operations, it relies on the ISO 15765-2 standard as the transport protocol over the Controller Area Network CAN, which...
AsmRAG: LLM-Driven Malware Detection by Retrieving Functionally Similar Assembly Code
Deep learning malware detectors achieve high classification accuracy but suffer from severe interpretability limitations, typically returning probabilistic verdicts that lack forensic context. We introduce AsmRAG, a framework performing malware analysis through Assembly-Level Retrieval-Augmented...
Scalable and Verifiable Federated Learning for Cross-Institution Financial Fraud Detection
The global financial ecosystem confronts a critical asymmetry: while fraud syndicates operate as borderless, distributed networks, banking institutions remain constrained by regulatory data silos, limiting visibility into cross-institutional threat patterns under strict privacy laws such as GDPR...
Operationalising Information Security Management: A Procedural Framework Analysis of ISO/IEC 27001:2022 Implementation in a Financial-Technology Organisation
Organisations operating within information-intensive environments face intensifying pressure to formalise the governance of information security. The ISO/IEC 27001:2022 standard provides a globally recognised framework for establishing, implementing, maintaining, and continually improving an...
Evaluating Jailbreaking Vulnerabilities in LLMs Deployed As Assistants for Smart Grid Operations: A Benchmark against NERC Standards
The deployment of Large Language Models LLMs as assistants in electric grid operations promises to streamline compliance and decision-making but exposes new vulnerabilities to prompt-based adversarial attacks. This paper evaluates the risk of jailbreaking LLMs, i.e., circumventing safety alignmen...
Architecture Matters for Multi-Agent Security
Multi-agent systems MAS, composed of networks of two or more autonomous AI agents, have become increasingly popular in production deployments, yet introduce security risks that do not arise in single-agent settings. Even if individual agents exhibit robust security, architectural decisions...
From Stateless Queries to Autonomous Actions: A Layered Security Framework for Agentic AI Systems
Agentic AI systems face security challenges that stateless large language models do not. They plan across extended horizons, maintain persistent memory, invoke external tools, and coordinate with peer agents. Existing security analyses organize threats by attack type prompt injection, jailbreakin...
UNSEEN: A Cross-Stack LLM Unlearning Defense against AR-LLM Social Engineering Attacks
Emerging AR-LLM-based Social Engineering attack e.g., SEAR is at the edge of posing great threats to real-world social life. In such AR-LLM-SE attack, the attacker can leverage AR Augmented Reality glass to capture the image and vocal information of the target, using the LLM to identify the targe...
Ghost in the Agent: Redefining Information Flow Tracking for LLM Agents
Autonomous Large Language Model LLM agents are increasingly deployed to conduct complex tasks by interacting with external tools, APIs, and memory stores. However, processing untrusted external data exposes these agents to severe security threats, such as indirect prompt injection and unauthorize...
Semantic Denial of Service in LLM-Controlled Robots
Safety-oriented instruction-following is supposed to keep LLM-controlled robots safe. We show it also creates an availability attack surface. By injecting short safety-plausible phrases 1-5 tokens into a robots audio channel, an adversary can trigger the models safety reasoning to halt or disrupt...