6825 matches found
RAPTOR - Autonomous Offensive/Defensive Security Research Framework
RAPTOR is an autonomous offensive/defensive security research framework, based on Claude Code. It empowers security research with agentic workflows and automation. RAPTOR stands for Recursive Autonomous Penetration Testing and Observation Robot...
CISA: Suspicious Unmanned Aircraft System Activity Guidance
Suspicious Unmanned Aircraft System Activity Guidance for Critical Infrastructure Owners and Operators is intended for critical infrastructure stakeholders who are concerned with unmanned aircraft system UAS activity near or around their facilities...
MAD-OOD: A Deep Learning Cluster-Driven Framework for an Out-Of-Distribution Malware Detection and Classification
Out of distribution OOD detection remains a critical challenge in malware classification due to the substantial intra family variability introduced by polymorphic and metamorphic malware variants. Most existing deep learning based malware detectors rely on closed world assumptions and fail to...
Cryptanalysis of Pseudorandom Error-Correcting Codes
Pseudorandom error-correcting codes PRC is a novel cryptographic primitive proposed at CRYPTO 2024. Due to the dual capability of pseudorandomness and error correction, PRC has been recognized as a promising foundational component for watermarking AI-generated content. However, the security of PR...
Securing Agentic AI Systems -- a Multilayer Security Framework
Securing Agentic Artificial Intelligence AI systems requires addressing the complex cyber risks introduced by autonomous, decision-making, and adaptive behaviors. Agentic AI systems are increasingly deployed across industries, organizations, and critical sectors such as cybersecurity, finance, an...
CISA: Safe Handling Considerations for Downed Unmanned Aircraft Systems
Safe Handling Considerations for Downed Unmanned Aircraft Systems provides information on how to prepare for and respond to downed unmanned aircraft systems UAS that may pose a safety or security concern...
Social Engineering Attacks: A Systemisation of Knowledge on People against Humans
Our systematisation of knowledge on Social Engineering Attacks SEAs, identifies the human, organisational, and adversarial dimensions of cyber threats. It addresses the growing risks posed by SEAs, highly relevant in the context physical cyber places, such as travellers at airports and residents ...
PROVEX: Enhancing SOC Analyst Trust with Explainable Provenance-Based IDS
Modern intrusion detection systems IDS leverage graph neural networks GNNs to detect malicious activity in system provenance data, but their decisions often remain a black box to analysts. This paper presents a comprehensive XAI framework designed to bridge the trust gap in Security Operations...
GRAudit Grep Auditing Tool 4.0
Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very...
Optimizing Epsilon Security Parameters in QKD
We investigate the optimization of epsilon-security parameters in quantum key distribution QKD, aiming to improve the achievable secure key rate under a fixed overall composable security level. For this purpose, we employ a continuous genetic algorithm CGA to optimize the epsilon-security...
GameDriverX64.sys 7.23.4.7 Resource Consumption
GameDriverX64.sys versions 7.23.4.7 and below suffers from an uncontrolled resource consumption vulnerability...
A Practical Solution to Systematically Monitor Inconsistencies in SBOM-Based Vulnerability Scanners
Software Bill of Materials SBOM provides new opportunities for automated vulnerability identification in software products. While the industry is adopting SBOM-based Vulnerability Scanning SVS to identify vulnerabilities, we increasingly observe inconsistencies and unexpected behavior, that resul...
Phishing Detection System: An Ensemble Approach Using Character-Level CNN and Feature Engineering
In actuality, phishing attacks remain one of the most prevalent cybersecurity risks in existence today, with malevolent actors constantly changing their strategies to successfully trick users. This paper presents an AI model for a phishing detection system that uses an ensemble approach to combin...
Jailbreak-Zero: A Path to Pareto Optimal Red Teaming for Large Language Models
This paper introduces Jailbreak-Zero, a novel red teaming methodology that shifts the paradigm of Large Language Model LLM safety evaluation from a constrained example-based approach to a more expansive and effective policy-based framework. By leveraging an attack LLM to generate a high volume of...
Large Language Models As a (Bad) Security Norm in the Context of Regulation and Compliance
The use of Large Language Models LLM by providers of cybersecurity and digital infrastructures of all kinds is an ongoing development. It is suggested and on an experimental basis used to write the code for the systems, and potentially fed with sensitive data or what would otherwise be considered...
SoK: Reviewing Two Decades of Security, Privacy, Accessibility, and Usability Studies on Internet of Things for Older Adults
The Internet of Things IoT has the potential to enhance older adults' independence and quality of life, but it also exposes them to security, privacy, accessibility, and usability SPAU risks. We conducted a systematic review of 44 peer-reviewed studies published between 2004 and 2024 using a...
A Systematic Study of Code Obfuscation against LLM-Based Vulnerability Detection
As large language models LLMs are increasingly adopted for code vulnerability detection, their reliability and robustness across diverse vulnerability types have become a pressing concern. In traditional adversarial settings, code obfuscation has long been used as a general strategy to bypass...
A First Look at Common RPKI Publication Practices
The RPKI is crucial for securing the routing system of the Internet. With the RPKI, owners of Internet resources can make cryptographically backed claims, for example about the legitimate origin of their IP space. Thousands of networks use this information to detect malicious or accidental route...
AutoDFBench 1.0: A Benchmarking Framework for Digital Forensic Tool Testing and Generated Code Evaluation
The National Institute of Standards and Technology NIST Computer Forensic Tool Testing CFTT programme has become the de facto standard for providing digital forensic tool testing and validation. However to date, no comprehensive framework exists to automate benchmarking across the diverse forensi...
Security Risks of Agentic Vehicles: A Systematic Analysis of Cognitive and Cross-Layer Threats
Agentic AI is increasingly being explored and introduced in both manually driven and autonomous vehicles, leading to the notion of Agentic Vehicles AgVs, with capabilities such as memory-based personalization, goal interpretation, strategic reasoning, and tool-mediated assistance. While framework...
NGCaptcha: A CAPTCHA Bridging the past and the Future
CAPTCHAs are widely employed for distinguishing humans from automated bots online. However, current vision based CAPTCHAs face escalating security risks: traditional attacks continue to bypass many deployed CAPTCHA schemes, and recent breakthroughs in AI, particularly large scale vision models,...
Time Will Tell: Large-Scale De-Anonymization of Hidden I2P Services Via Live Behavior Alignment (Extended Version)
I2P Invisible Internet Project is a popular anonymous communication network. While existing de-anonymization methods for I2P focus on identifying potential traffic patterns of target hidden services among extensive network traffic, they often fail to scale effectively across the large and diverse...
Packed Malware Detection Using Grayscale Binary-To-Image Representations
Detecting packed executables is a critical step in malware analysis, as packing obscures the original code and complicates static inspection. This study evaluates both classical feature-based methods and deep learning approaches that transform binary executables into visual representations,...
Random Coding for Long-Range Continuous-Variable QKD
Quantum Key Distribution QKD schemes are key exchange protocols based on the physical properties of quantum channels. They avoid the computational-hardness assumptions that underlie the security of classical key exchange. Continuous-Variable QKD CVQKD, in contrast to qubit-based discrete-variable...
Security Aspects of ISO 15118 Plug and Charge Payment
For the rise of electric vehicles, especially for long-distance driving, minimizing charging times is vital. While multiple standards for DC fast charging exist, the leading standard in Europe is ISO 15118. In theory, this standard is accompanied by a variety of security controls, ensuring the...
WuppieFuzz: Coverage-Guided, Stateful REST API Fuzzing
Many business processes currently depend on web services, often using REST APIs for communication. REST APIs expose web service functionality through endpoints, allowing easy client interaction over the Internet. To reduce the security risk resulting from exposed endpoints, thorough testing is...
Bounty Hunter: Autonomous, Comprehensive Emulation of Multi-Faceted Adversaries
Adversary emulation is an essential procedure for cybersecurity assessments such as evaluating an organization's security posture or facilitating structured training and research in dedicated environments. To allow for systematic and time-efficient assessments, several approaches from academia an...
Talking to the Airgap: Exploiting Radio-Less Embedded Devices As Radio Receivers
Intelligent electronics are deeply embedded in critical infrastructures and must remain reliable, particularly against deliberate attacks. To minimize risks and impede remote compromise, sensitive systems can be physically isolated from external networks, forming an airgap. Yet, airgaps can still...
Analysing Multidisciplinary Approaches to Fight Large-Scale Digital Influence Operations
Crime as a Service CaaS has evolved from isolated criminal incidents to a broad spectrum of illicit activities, including social media manipulation, foreign information manipulation and interference FIMI, and the sale of disinformation toolkits. This article analyses how threat actors exploit...
CAPIO: Safe Kernel-Bypass of Commodity Devices Using Capabilities
Securing low-latency I/O in commodity systems forces a fundamental trade-off: rely on the kernel's high overhead mediated interface, or bypass it entirely, exposing sensitive hardware resources to userspace and creating new vulnerabilities. This dilemma stems from a hardware granularity mismatch:...
Quantum Machine Learning for Cybersecurity: A Taxonomy and Future Directions
The increasing number of cyber threats and rapidly evolving tactics, as well as the high volume of data in recent years, have caused classical machine learning, rules, and signature-based defence strategies to fail, rendering them unable to keep up. An alternative, Quantum Machine Learning QML, h...
Nuclei 3.6.1
Nuclei is a modern, high-performance vulnerability scanner that leverages simple YAML-based templates. It empowers you to design custom vulnerability detection scenarios that mimic real-world conditions, leading to zero false positives...
Trust in LLM-Controlled Robotics: A Survey of Security Threats, Defenses and Challenges
The integration of Large Language Models LLMs into robotics has revolutionized their ability to interpret complex human commands and execute sophisticated tasks. However, such paradigm shift introduces critical security vulnerabilities stemming from the ''embodiment gap'', a discord between the...
FreeBSD Security Advisory - FreeBSD-SA-25:11.ipfw
FreeBSD Security Advisory - In some cases, the 'tcp-setmss' handler may free the packet data and throw an error without halting the rule processing engine. A subsequent rule can then allow the traffic after the packet data is gone, resulting in a NULL pointer dereference...
ScamSweeper: Detecting Illegal Accounts in Web3 Scams Via Transactions Analysis
The web3 applications have recently been growing, especially on the Ethereum platform, starting to become the target of scammers. The web3 scams, imitating the services provided by legitimate platforms, mimic regular activity to deceive users. However, previous studies have primarily concentrated...
An Empirical Analysis of Zero-Day Vulnerabilities Disclosed by the Zero Day Initiative
Zero-day vulnerabilities represent some of the most critical threats in cybersecurity, as they correspond to previously unknown flaws in software or hardware that are actively exploited before vendors can develop and deploy patches. During this exposure window, affected systems remain defenseless...
GRR 4.0.0.0
GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR...
Intrusion Detection in Internet of Vehicles Using Machine Learning
The Internet of Vehicles IoV has evolved modern transportation through enhanced connectivity and intelligent systems. However, this increased connectivity introduces critical vulnerabilities, making vehicles susceptible to cyber-attacks such Denial-ofService DoS and message spoofing. This project...
FreeBSD Security Advisory - FreeBSD-SA-25:12.rtsold
FreeBSD Security Advisory - The rtsol8 and rtsold8 programs do not validate the domain search list options provided in router advertisement messages; the option body is passed to resolvconf8 unmodified. resolvconf8 is a shell script which does not validate its input. A lack of quoting meant that...
HAL -- an Open-Source Framework for Gate-Level Netlist Analysis
HAL is an open-source framework for gate-level netlist analysis, an integral step in hardware reverse engineering. It provides analysts with an interactive GUI, an extensible plugin system, and APIs in both C++ and Python for rapid prototyping and automation. In addition, HAL ships with plugins f...
LegionITS: A Federated Intrusion-Tolerant System Architecture
The growing sophistication, frequency, and diversity of cyberattacks increasingly exceed the capacity of individual entities to fully understand and counter them. While existing solutions, such as Security Information and Event Management SIEM systems, Security Orchestration, Automation, and...
UIXPOSE: Mobile Malware Detection Via Intention-Behaviour Discrepancy Analysis
We introduce UIXPOSE, a source-code-agnostic framework that operates on both compiled and open-source apps. This framework applies Intention Behaviour Alignment IBA to mobile malware analysis, aligning UI-inferred intent with runtime semantics. Previous work either infers intent statically, e.g.,...
Hybrid Ensemble Method for Detecting Cyber-Attacks in Water Distribution Systems Using the BATADAL Dataset
The cybersecurity of Industrial Control Systems that manage critical infrastructure such as Water Distribution Systems has become increasingly important as digital connectivity expands. BATADAL benchmark data is a good source of testing intrusion detection techniques, but it presents several...
SeBERTis: A Framework for Producing Classifiers of Security-Related Issue Reports
Monitoring issue tracker submissions is a crucial software maintenance activity. A key goal is the prioritization of high risk, security-related bugs. If such bugs can be recognized early, the risk of propagation to dependent products and endangerment of stakeholder benefits can be mitigated. To...
Data Protection and Corporate Reputation Management in the Digital Era
This paper analyzes the relationship between cybersecurity management, data protection, and corporate reputation in the context of digital transformation. The study examines how organizations implement strategies and tools to mitigate cyber risks, comply with regulatory requirements, and maintain...
Cybercrime and Computer Forensics in Epoch of Artificial Intelligence in India
The integration of generative Artificial Intelligence into the digital ecosystem necessitates a critical re-evaluation of Indian criminal jurisprudence regarding computational forensics integrity. While algorithmic efficiency enhances evidence extraction, a research gap exists regarding the Digit...
PentestEval: Benchmarking LLM-Based Penetration Testing with Modular and Stage-Level Design
Penetration testing is essential for assessing and strengthening system security against real-world threats, yet traditional workflows remain highly manual, expertise-intensive, and difficult to scale. Although recent advances in Large Language Models LLMs offer promising opportunities for...
Cloud Security Leveraging AI: A Fusion-Based AISOC for Malware and Log Behaviour Detection
Cloud Security Operations Center SOC enable cloud governance, risk and compliance by providing insights visibility and control. Cloud SOC triages high-volume, heterogeneous telemetry from elastic, short-lived resources while staying within tight budgets. In this research, we implement an...
AIAuditTrack: A Framework for AI Security System
The rapid expansion of AI-driven applications powered by large language models has led to a surge in AI interaction data, raising urgent challenges in security, accountability, and risk traceability. This paper presents AiAuditTrack AAT, a blockchain-based framework for AI usage traffic recording...
APT-ClaritySet: A Large-Scale, High-Fidelity Labeled Dataset for APT Malware with Alias Normalization and Graph-Based Deduplication
Large-scale, standardized datasets for Advanced Persistent Threat APT research are scarce, and inconsistent actor aliases and redundant samples hinder reproducibility. This paper presents APT-ClaritySet and its construction pipeline that normalizes threat actor aliases reconciling approximately...