6771 matches found
Hephaestus: Toward a Cybersecurity AI Scientist
Cyber offense is moving to machine speed; cyber research itself is not. Existing AI scientist systems make end-to-end research automation increasingly plausible, but they target relatively stable scientific domains. We argue that AI-native cybersecurity is a different kind of scientific object. I...
Wireless Backdoor Attack and Defense for Semantic Communications over Multiple Access Channel
Semantic communication SemCom aims to preserve semantic meaning and task-oriented information beyond conventional message recovery over wireless channels. The adoption of SemCom in shared-access wireless networks introduces new vulnerabilities for multi-user semantic inference. This paper conside...
Authentication in Quantum Networks
In this review, we survey the cryptographic task of authentication from the perspective of quantum communication. We review three main flavours of authentication that are often conflated in the literature: authentication of classical messages, authentication of quantum messages, and entity...
A Multi-Task Mixture of Experts Framework for Malware Classification, Packing Detection, and Family Attribution
Malware classification remains a challenging problem due to its inherent heterogeneity, the presence of packed binaries, and the diverse distribution of malware families. Traditional single-model detection mechanisms often fail to generalize across such diverse data, leading to degraded...
An AI-Based Solution for Secure Service Provisioning in IoT
As the Internet of Things IoT continues its rapid expansion, the attack surface grows accordingly, with emerging threats targeting smart objects and their interactions. In this evolving landscape, securing service provisioning is crucial to ensure the proper functioning, security, and reliability...
Maestro 0.17.2
Maestro is a cross-platform desktop app for orchestrating your fleet of AI agents and projects. It's a high-velocity solution for hackers who are juggling multiple projects in parallel. Designed for power users who live on the keyboard and rarely touch the mouse. Collaborate with AI to create...
Explainability-Aware Frustum Attack: Exposing Structural Vulnerabilities in LiDAR-Based 3D Object Detectors
The structural vulnerabilities of point cloud-based 3D object detectors remain poorly understood. Prior work has studied adversarial robustness primarily on isolated 3D object models, while recent LiDAR spoofing attacks target richer and more realistic driving scenes but focus mainly on physical...
Win32k Callback Detouring: Abusing Legitimate Kernel-to-User Callback Dispatch for Code Execution
This injection technique abuses the kernel-to-user callback dispatch path used by the Windows graphical subsystem win32k.sys to obtain code execution inside a remote process. By locating the KernelCallbackTablethrough the target process's Process Environment Block PEB, an operator can enumerate...
Security--Fidelity Tradeoffs: The Hidden Cost of Prompt Injection Defense
We identify a security-fidelity tradeoff in defending LLMs against indirect prompt injection: defenses resist injected instructions largely by suppressing untrusted text, which corrupts tasks that must preserve it, such as translation and document editing. Attack-success metrics cannot see this,...
Your Space Is My Zone: Demystifying the Security Risks of AI-Powered Applications on Pre-Trained Model Hubs
AI-powered Applications AI-Apps, hosted on platforms such as Hugging Face, are democratizing access to pre-trained models through online inference and fine-tuning services. While lowering AI adoption barriers, these platforms introduce an unexplored attack surface, as AI-Apps are often developed ...
Uncovering Similar but Different Packages in PyPI and Potential Security Threats
In this study, we present a large-scale, in-depth study of package replication in PyPI. As a vital platform, PyPI streamlines Python package distribution for developers. However, beyond small-scale code cloning, we observe that many replicated packages exist on PyPI, which duplicate most of the...
AI-Generated PowerShell Malware: An Experimental Framework and Dataset
Generative AI has emerged as a significant cybersecurity threat, with several recent attack campaigns leveraging LLMs to generate code for malicious purposes via scripting languages such as PowerShell. Consequently, for cybersecurity analysts, it is imperative to investigate the offensive...
Multi-Level Distributional Entropy for Explainable Network Intrusion Detection
Machine learning network intrusion detection systems IDS rely on aggregate flow statistics that discard distributional structure, while established entropy measures require raw packet sequences unavailable in pre-aggregated flow datasets. We propose Multi-Level Distributional Entropy MDE, an...
American Fuzzy Lop plus plus 5.02c
Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc...
A Hybrid Framework for Crypto-Ransomware Detection in Enterprise Shared Storage
Most corporate workplace environments enforce policies and technical controls that limit the storage of sensitive data on client endpoints. Consequently, ransomware operators have evolved variants that expand their attack surface from local systems to network drives and shared storage resources. ...
RedAmon 5.1.0
An autonomous AI framework that chains reconnaissance, exploitation, and post-exploitation into a single pipeline, then goes further by triaging every finding, implementing code fixes, and opening pull requests on your repository. From first packet to merged patch, with human oversight at every...
GLPI Plugin Surface Mapper
This is a source-derived GLPI plugin surface mapper for building canonical plugin path wordlists and probing reachable code paths under /plugins/ and /marketplace/...
Joern 4.0.568
Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...
Continuous-Variable Source-Independent Quantum Random Number Generation with General POVMs
Continuous-variable source-independent quantum random number generators offer the highest generation rates among semi-device-independent protocols. In reality, the protocol design is limited due to permissible measurement configurations. In this work, we propose a rigorous security proof framewor...
MESA: Prioritizing Vulnerable Communication Channels for Securing Multi-Agent Systems
Multi-agent systems MAS are increasingly used to automate complex, distributed workflows. However, their inter-agent communication channels introduce new attack surfaces that remain poorly understood and are difficult to defend against. In this paper, we address how defenders should prioritize...
CAN We Trust Your Results? A Cross-Dataset Study of Automotive IDS Evaluation
The increasing connectivity of modern vehicles has made securing in-vehicle communication networks a critical challenge. Intrusion Detection Systems IDS have been widely studied as a defense mechanism for detecting malicious activities on the Controller Area Network CAN bus. However, the evaluati...
Words Speak Louder Than Code: Investigating Cognitive Heuristics in LLM-Based Code Vulnerability Detection
Researchers and practitioners increasingly apply Large Language Models LLMs for automated vulnerability detection. Recent work has shown that LLMs are susceptible to the same cognitive heuristics that bias human judgment. Yet, no work has investigated whether these heuristics affect a model's...
IronCurtain 0.12.0
IronCurtain is an early-stage research project exploring how to make AI agents safe enough to be genuinely useful. It is a runtime for autonomous AI agents, where security policy is derived from a human-readable constitution. APIs, configuration formats, and architecture may change...
TOR Virtual Network Tunneling Tool 0.4.9.11
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow...
Understanding and Evaluating Claw-Like Agent Security through a Computer-Systems Lens
Claw-like AI agents e.g., OpenClaw are always-on processes with persistent access to credentials, files, tools, and external services. They take on system-level responsibilities -- installing packages, maintaining state, scheduling subtasks, and mediating I/O -- making security failures far more...
Forensic Trajectory Signatures for Agent Memory Poisoning Detection
We discover a behavioral invariant in LLM agents under persistent memory poisoning: in architectures where routing information is retrieved through observable memory-tool invocations, successful attacks require calling memoryrecallfact before emailsendemail, a transition that non-exfiltrating...
Beyond Wireless Security: Covert Communications in Large Language Model-Enabled Edge Networks
Large language model LLM-enabled edge networks LLMENs offer mobile users high-quality and low-latency AI-generated content services in the 6G era. However, unlike typical edge networks, LLMENs present unique security challenges due to the inherent complexity of LLMs, their high computational...
Flounder 0.1.1
Flounder turns modern coding agents into an end-to-end security audit system. Give it an authorized target boundary - a repository, source tree, package, deployed clue, or prior run - and the agent can prepare the workspace, read the code and supporting material, map the attack surface, dig into...
Benchmark AUC Is Not Deployable Reliability: A Cross-Dataset Audit of Off-The-Shelf Features for Surveillance Video Anomaly Detection
Automated "suspicious behavior" flagging is a headline promise of AI surveillance, and the field reports high frame-level ROC-AUC on standard video anomaly detection benchmarks. Those numbers are measured by training and testing on the same camera and scene. We audit what happens when that...
Empirical Evaluation of Multi-Modal Touch Detection in Over-The-Shoulder Video Surveillance
Video Intelligence Surveillance VIDINT on over-the-shoulder footage is a proposed vector for monitoring human-computer interaction patterns without direct screen recording access. In this paper, we evaluate a Behavioral Intelligence BEHINT touch-detection framework designed to reconstruct keystro...
An Empirical Evaluation of Prompt Injection Vulnerabilities in Large Language Models across Multilingual and Obfuscated Attack Scenarios
Large Language Models LLMs have rapidly evolved, transforming industries by automating complex tasks and generating human-like content. However, as their adoption accelerates, prompt injection vulnerabilities have become increasingly apparent. Malicious actors exploit these weaknesses to generate...
Toward Comprehensive Risk Assessments and Assurance of AI-Based Systems
Novel safety, socio-economic, and ethical harms arising from the deployment of AI-based systems have led to a breadth of work seeking to map, measure, and mitigate against newly found risks. These works have heavily leveraged techniques and terminology from the fields of System Safety Engineering...
Cybersecurity Is the True Frontier for Generative AI Success or Failure
Cybersecurity is a real-life test-bed for many machine learning problems at once, especially when considering modern strides in using Large Language Models LLMs to automate processes as "agents.'' Cybersecurity workflows require orchestrating hundreds of standard and bespoke tools through various...
A Usable and Secure Bengali CAPTCHA
Text-based CAPTCHAs Completely Automated Public Turing test to tell Computers and Humans Apart have traditionally been a simple, affordable, lightweight, yet very effective security mechanism to distinguish human users from automated bots on the web, serving as a preventive measure against many...
Understanding Binary Code Similarity for Real-World Vulnerability Detection: A Large-Scale Empirical Study
Firmware lies at the heart of IoT devices. Its development depends heavily on third-party libraries TPLs, which greatly accelerate the process but simultaneously introduce associated vulnerabilities. Binary Code Similarity Detection BCSD is an effective technique for identifying vulnerabilities i...
Towards Improved Anomaly Detection for Cloud Cybersecurity Via Graph Neural Networks
Detecting security threats in an organization's cloud computing environment has become necessary due to the increased reliance on cloud infrastructure. Logging of all cloud computing events enables investigation into any incidents after they are detected. Automated detection of threats using the...
Extending Detection Engineering to Digital Forensics: The Velociraptor Unified Detection-Forensics Methodology
Detection engineering and digital forensics have evolved in parallel rather than in partnership, leaving a gap between real-time alerting and forensic analysis. This paper develops a unified detection-forensics methodology using Velociraptor, where detection logic directly initiates targeted...
FlipGuard: Defending Large Language Models against Quantization-Conditioned Backdoor Attacks
Model quantization is essential for the efficient deployment of Large Language Models LLMs, but introduces a critical vulnerability: Quantization-Conditioned Backdoor QCB attacks. In these attacks, malicious behaviors remain dormant in full-precision models and activate only after specific...
PLAA: Packet-Level Adversarial Attacks in Network Traffic Detection
Deep neural networks DNNs are widely applied in Network-based Intrusion Detection System NIDS due to their high accuracy. However, DNNs are highly susceptible to adversarial attacks, which generate malicious traffic to evade NIDS detection. Existing approaches often adapt adversarial attacks from...
How Humans, Bots, and Agents Communicate about Vulnerabilities in Pull Requests
Developers may reference vulnerabilities in pull request discussions through both explicit identifiers, such as CVEs or GHSAs, and implicit security-related language e.g., "unauthorized access" or "SQL injection". Prior work has primarily focused on explicit identifiers, potentially overlooking...
Decoys Cannot Go Everywhere: Mapping the Deception Surface in MITRE ATT&CK
Cyber deception research often assumes that a decoy can be placed wherever there is attacker behavior. This work tests that assumption across MITRE ATT&CK v18.1. We introduce a four-criterion rubric for infrastructure deception and apply it to all 250 ATT&CK techniques. The rubric evaluates wheth...
Joern 4.0.566
Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...
LLM Agents Security Duality: A Comprehensive Survey of Self-Security and Empowered Cybersecurity
Large language model LLM agents are rapidly being integrated into real-world systems. Their autonomy and tool-use capabilities generate substantial value while simultaneously expanding the security attack surface. This survey provides a comprehensive overview of the opportunities and challenges o...
Ghost without Shell: Measuring Non-Interactive SSH Attacks on Honeypots
Cyber deception research has focused on improving honeypot deception capabilities to increase attacker engagement and extend their interactions to collect more and better intelligence. For SSH honeypots, this relies on the assumption that attackers log in, open a shell, and type. We tested whethe...
Decomposing Memorization Reduction in Privacy-Preserving Fine-Tuning of SLMs for CSIRTs
CSIRTs increasingly fine tune language models on vulnerability scan records, but these records expose internal network topology and create privacy risks under regulations such as GDPR and LGPD. We present the first empirical study of how DP SGD and HMAC pseudonymization interact when fine tuning...
Formal Security Analysis of Agent Protocol Composition
AI agent protocols define how agents use tools, delegate work, and coordinate across software systems, but their security requirements remain incomplete and inconsistently enforced across deployments. We present AgentThread, a source-linked framework for security assurance analysis of agent...
GTI-MSEMP Framework : A Proposed Framework to Stimulate Malware Propagation with Inclusion of Attacker-Defender Strategy
The rapid proliferation of automated, multi-vector malware threats poses a significant risk to heterogeneous, resource constrained cyber-physical networks. Conventional epidemiological models often treat security defenses as static parameters, failing to capture the strategic, asymmetric maneuver...
MIRROR: Novelty-Constrained Memory-Guided MCTS Red-Teaming for Agentic RAG
Multimodal agentic retrieval-augmented generation RAG systems expand the attack surface beyond prompt injection to include text poisoning, image injection, direct-query attacks, and orchestrator-level tool manipulation. Existing red-teaming approaches are typically surface-specific and often...
DroidBreaker: Practical and Functional Problem-Space Attacks on Machine-Learning Android Malware Detectors
Adversarial APKs are Android applications modified in the problem space to evade machine-learning malware detectors. In this work, we first show that, despite claims, existing problem-space attacks remain largely impractical. Most techniques leverage software transplantation to inject entire beni...
IoT Product Cybersecurity Guidelines for the Federal Government Initial Public Draft
The National Institute of Standards and Technology NIST has announced it's request for public feedback on the initial draft of NIST SP 800-213r1 ipd / IoT Product Cybersecurity Guidelines for the Federal Government...