6825 matches found
Penetration Testing of Agentic AI: A Comparative Security Analysis across Models and Frameworks
Agentic AI introduces security vulnerabilities that traditional LLM safeguards fail to address. Although recent work by Unit 42 at Palo Alto Networks demonstrated that ChatGPT-4o successfully executes attacks as an agent that it refuses in chat mode, there is no comparative analysis in multiple...
CIS-BA: Continuous Interaction Space Based Backdoor Attack for Object Detection in the Real-World
Object detection models deployed in real-world applications such as autonomous driving face serious threats from backdoor attacks. Despite their practical effectiveness,existing methods are inherently limited in both capability and robustness due to their dependence on single-trigger-single-objec...
Cybersecurity Skills in New Graduates: A Philippine Perspective
This study investigates the key skills and competencies needed by new cybersecurity graduates in the Philippines for entry-level positions. Using a descriptive cross-sectional research design, it combines analysis of job listings from Philippine online platforms with surveys of students, teachers...
Quantum Disruption: An SOK of How Post-Quantum Attackers Reshape Blockchain Security and Performance
As quantum computing advances toward practical deployment, it threatens a wide range of classical cryptographic mechanisms, including digital signatures, key exchange protocols, public-key encryption, and certain hash-based constructions that underpin modern network infrastructures. These...
Weak Enforcement and Low Compliance in PCI~DSS: A Comparative Security Study
Although credit and debit card data continue to be a prime target for attackers, organizational adherence to the Payment Card Industry Data Security Standard PCI DSS remains surprisingly low. Despite prior work showing that PCI DSS can reduce card fraud, only 32.4% of organizations were fully...
From Obfuscated to Obvious: A Comprehensive JavaScript Deobfuscation Tool for Security Analysis
JavaScript's widespread adoption has made it an attractive target for malicious attackers who employ sophisticated obfuscation techniques to conceal harmful code. Current deobfuscation tools suffer from critical limitations that severely restrict their practical effectiveness. Existing tools...
Behavior-Aware and Generalizable Defense against Black-Box Adversarial Attacks for ML-Based IDS
Machine learning based intrusion detection systems are increasingly targeted by black box adversarial attacks, where attackers craft evasive inputs using indirect feedback such as binary outputs or behavioral signals like response time and resource usage. While several defenses have been proposed...
Security and Detectability Analysis of Unicode Text Watermarking Methods against Large Language Models
Securing digital text is becoming increasingly relevant due to the widespread use of large language models. Individuals' fear of losing control over data when it is being used to train such machine learning models or when distinguishing model-generated output from text written by humans. Digital...
Zed Attack Proxy 2.17.0 Cross Platform Package
The Zed Attack Proxy ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testin...
Quantigence: A Multi-Agent AI Framework for Quantum Security Research
Cryptographically Relevant Quantum Computers CRQCs pose a structural threat to the global digital economy. Algorithms like Shor's factoring and Grover's search threaten to dismantle the public-key infrastructure PKI securing sovereign communications and financial transactions. While the timeline...
Fortra GoAnywhere MFT 7.x Vulnerability Scanner
Fortra GoAnywhere MFT version7.x vulnerability scanner that looks for systems with a deserialization vulnerability using remote fingerprinting of the system. It does not perform exploitation...
Detecting Malicious Entra OAuth Apps with LLM-Based Permission Risk Scoring
This project presents a unified detection framework that constructs a complete corpus of Microsoft Graph permissions, generates consistent LLM-based risk scores, and integrates them into a real-time detection engine to identify malicious OAuth consent activity...
Towards a Systematic Taxonomy of Attacks against Space Infrastructures
Space infrastructures represent an emerging domain that is critical to the global economy and society. However, this domain is vulnerable to attacks. To enhance the resilience of this domain, we must understand the attacks that can be waged against it. The status quo is that there is no systemati...
Cisco Integrated AI Security and Safety Framework Report
Artificial intelligence AI systems are being readily and rapidly adopted, increasingly permeating critical domains: from consumer platforms and enterprise software to networked systems with embedded agents. While this has unlocked potential for human productivity gains, the attack surface has...
One Leak Away: How Pretrained Model Exposure Amplifies Jailbreak Risks in Finetuned LLMs
Finetuning pretrained large language models LLMs has become the standard paradigm for developing downstream applications. However, its security implications remain unclear, particularly regarding whether finetuned LLMs inherit jailbreak vulnerabilities from their pretrained sources. We investigat...
Detecting Prompt Injection Attacks against Application Using Classifiers
Prompt injection attacks can compromise the security and stability of critical systems, from infrastructure to large web applications. This work curates and augments a prompt injection dataset based on the HackAPrompt Playground Submissions corpus and trains several classifiers, including LSTM,...
FiD-QAE: A Fidelity-Driven Quantum Autoencoder for Credit Card Fraud Detection
Credit card fraud detection is a critical task in financial security, as fraudulent transactions are rare, highly imbalanced, and often resemble legitimate ones. A wide range of classical machine learning methods, as well as more recent quantum machine learning approaches, have been investigated ...
CeLLMate: Sandboxing Browser AI Agents
Browser-using agents BUAs are an emerging class of autonomous agents that interact with web browsers in human-like ways, including clicking, scrolling, filling forms, and navigating across pages. While these agents help automate repetitive online tasks, they are vulnerable to prompt injection...
Hyperparameter Tuning-Based Optimized Performance Analysis of Machine Learning Algorithms for Network Intrusion Detection
Network Intrusion Detection Systems NIDS are essential for securing networks by identifying and mitigating unauthorized activities indicative of cyberattacks. As cyber threats grow increasingly sophisticated, NIDS must evolve to detect both emerging threats and deviations from normal behavior. Th...
SHERLOCK: A Deep Learning Approach to Detect Software Vulnerabilities
The increasing reliance on software in various applications has made the problem of software vulnerability detection more critical. Software vulnerabilities can lead to security breaches, data theft, and other negative outcomes. Traditional software vulnerability detection techniques, such as...
The Role of AI in Modern Penetration Testing
Penetration testing is a cornerstone of cybersecurity, traditionally driven by manual, time-intensive processes. As systems grow in complexity, there is a pressing need for more scalable and efficient testing methodologies. This systematic literature review examines how Artificial Intelligence AI...
Taint-Based Code Slicing for LLMs-Based Malicious NPM Package Detection
The increasing sophistication of malware attacks in the npm ecosystem, characterized by obfuscation and complex logic, necessitates advanced detection methods. Recently, researchers have turned their attention from traditional detection approaches to Large Language Models LLMs due to their strong...
Agentic AI for 6G: A New Paradigm for Autonomous RAN Security Compliance
Agentic AI systems are emerging as powerful tools for automating complex, multi-step tasks across various industries. One such industry is telecommunications, where the growing complexity of next-generation radio access networks RANs opens up numerous opportunities for applying these systems...
Diverse LLMs Vs. Vulnerabilities: Who Detects and Fixes Them Better?
Large Language Models LLMs are increasingly being studied for Software Vulnerability Detection SVD and Repair SVR. Individual LLMs have demonstrated code understanding abilities, but they frequently struggle when identifying complex vulnerabilities and generating fixes. This study presents...
Proving DNSSEC Correctness: A Formal Approach to Secure Domain Name Resolution
The Domain Name System Security Extensions DNSSEC are critical for preventing DNS spoofing, yet its specifications contain ambiguities and vulnerabilities that elude traditional "break-and-fix" approaches. A holistic, foundational security analysis of the protocol has thus remained an open proble...
Visualisation for the CIS Benchmark Scanning Results
In this paper, we introduce GraphSecure, a web application that provides advanced analysis and visualisation of security scanning results. GraphSecure enables users to initiate scans for their AWS account, validate them against specific Center for Internet Security CIS Benchmarks and return...
A Systematic Mapping Study on Risks and Vulnerabilities in Software Containers
Software containers are widely adopted for developing and deploying software applications. Despite their popularity, major security concerns arise during container development and deployment. Software Engineering SE research literature reveals a lack of reviewed, aggregated, and organized knowled...
Persistent Backdoor Attacks under Continual Fine-Tuning of LLMs
Backdoor attacks embed malicious behaviors into Large Language Models LLMs, enabling adversaries to trigger harmful outputs or bypass safety controls. However, the persistence of the implanted backdoors under user-driven post-deployment continual fine-tuning has been rarely examined. Most prior...
Quantum-Augmented AI/ML for O-RAN: Hierarchical Threat Detection with Synergistic Intelligence and Interpretability (Technical Report)
Open Radio Access Networks O-RAN enhance modularity and telemetry granularity but also widen the cybersecurity attack surface across disaggregated control, user and management planes. We propose a hierarchical defense framework with three coordinated layers-anomaly detection, intrusion...
PHANTOM: Progressive High-Fidelity Adversarial Network for Threat Object Modeling
The scarcity of cyberattack data hinders the development of robust intrusion detection systems. This paper introduces PHANTOM, a novel adversarial variational framework for generating high-fidelity synthetic attack data. Its innovations include progressive training, a dual-path VAE-GAN...
Faraday 5.18.0
Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use...
EIP-7702 Phishing Attack
EIP-7702 introduces a delegation-based authorization mechanism that allows an externally owned account EOA to authenticate a single authorization tuple, after which all subsequent calls are routed to arbitrary delegate code. We show that this design enables a qualitatively new class of phishing...
Automated Penetration Testing with LLM Agents and Classical Planning
While penetration testing plays a vital role in cybersecurity, achieving fully automated, hands-off-the-keyboard execution remains a significant research challenge. In this paper, we introduce the "Planner-Executor-Perceptor PEP" design paradigm and use it to systematically review existing work a...
LLM-Assisted AHP for Explainable Cyber Range Evaluation
Cyber Ranges CRs have emerged as prominent platforms for cybersecurity training and education, especially for Critical Infrastructure CI sectors that face rising cyber threats. One way to address these threats is through hands-on exercises that bridge IT and OT domains to improve defensive...
Virtual Camera Detection: Catching Video Injection Attacks in Remote Biometric Systems
Face anti-spoofing FAS is a vital component of remote biometric authentication systems based on facial recognition, increasingly used across web-based applications. Among emerging threats, video injection attacks -- facilitated by technologies such as deepfakes and virtual camera software -- pose...
SOAPwn: Pwning .NET Framework Applications through HTTP Client Proxies and WSDL
This is a whitepaper which supplements the BlackHat Europe 2025 presentation called "SOAPwn: Pwning .NET Framework Applications Through HTTP Client Proxies and WSDL". In this whitepaper, the author presents new exploitation sinks in .NET Framework, which may allow an attacker to achieve either...
Authority Backdoor: A Certifiable Backdoor Mechanism for Authoring DNNs
Deep Neural Networks DNNs, as valuable intellectual property, face unauthorized use. Existing protections, such as digital watermarking, are largely passive; they provide only post-hoc ownership verification and cannot actively prevent the illicit use of a stolen model. This work proposes a...
Stealth and Evasion in Rogue AP Attacks: An Analysis of Modern Detection and Bypass Techniques
Wireless networks act as the backbone of modern digital connectivity, making them a primary target for cyber adversaries. Rogue Access Point attacks, specifically the Evil Twin variant, enable attackers to clone legitimate wireless network identifiers to deceive users into connecting. Once a...
Cybersecurity Policy Adoption in South Africa: Does Public Trust Matter?
This study examines how public perception influences the implementation and adoption of cybersecurity frameworks in South Africa. Using the PRISMA methodology, a systematic literature review was conducted across reputable scholarly databases, yielding 34 relevant sources aligned with predefined...
Pattern Based Quantum Key Distribution Using the Five Qubit Perfect Code for Eavesdropper Detection
I propose a new quantum key distribution protocol that uses the five qubit error correction code to detect the presence of eavesdropper reliably. The protocol turns any information theoretical attacks into a classical guess about the pattern. The logical qubit is encoded with a specific pattern...
Comparing AI Agents to Cybersecurity Professionals in Real-World Penetration Testing
We present the first comprehensive evaluation of AI agents against human cybersecurity professionals in a live enterprise environment. We evaluate ten cybersecurity professionals alongside six existing AI agents and ARTEMIS, our new agent scaffold, on a large university network consisting of 8,00...
Lightweight Security for Private Networks: Real-World Evaluation of WireGuard
This paper explores WireGuard as a lightweight alternative to IPsec for securing the user plane as well as the control plane in an industrial Open RAN deployment at the Adtran Terafactory in Meiningen. We focus on a realistic scenario where external vendors access their hardware in our 5G factory...
Defining Cost Function of Steganography with Large Language Models
In this paper, we make the first attempt towards defining cost function of steganography with large language models LLMs, which is totally different from previous works that rely heavily on expert knowledge or require large-scale datasets for cost learning. To achieve this goal, a two-stage...
LLM-PEA: Leveraging Large Language Models against Phishing Email Attacks
Email phishing is one of the most prevalent and globally consequential vectors of cyber intrusion. As systems increasingly deploy Large Language Models LLMs applications, these systems face evolving phishing email threats that exploit their fundamental architectures. Current LLMs require...
ByteShield: Adversarially Robust End-To-End Malware Detection through Byte Masking
Research has proven that end-to-end malware detectors are vulnerable to adversarial attacks. In response, the research community has proposed defenses based on randomized and derandomized smoothing. However, these techniques remain susceptible to attacks that insert large adversarial payloads. To...
Chasing Shadows: Pitfalls in LLM Security Research
Large language models LLMs are increasingly prevalent in security research. Their unique characteristics, however, introduce challenges that undermine established paradigms of reproducibility, rigor, and evaluation. Prior work has identified common pitfalls in traditional machine learning researc...
True Random Number Generators on IQM Spark
Random number generation is fundamental for many modern applications including cryptography, simulations and machine learning. Traditional pseudo-random numbers may offer statistical unpredictability, but are ultimately deterministic. On the other hand, True Random Number Generation TRNG offers...
Malicious GenAI Chrome Extensions: Unpacking Data Exfiltration and Malicious Behaviours
The rapid proliferation of AI and GenAI tools has extended to the Chrome Web Store. Cybercriminals are exploiting this trend, deploying malicious Chrome extensions posing as AI tools or impersonating popular GenAI models to target users. These extensions often appear legitimate while secretly...
An Efficient Secret Communication Scheme for the Bosonic Wiretap Channel
We propose a new secret communication scheme over the bosonic wiretap channel. It uses readily available hardware such as lasers and direct photodetectors. The scheme is based on randomness extractors, pulse-position modulation, and Reed-Solomon codes and is therefore computationally efficient. I...
Integrating Public Input and Technical Expertise for Effective Cybersecurity Policy Formulation
The evolving of digital transformation and increased use of technology comes with increased cyber vulnerabilities, which compromise national security. Cyber-threats become more sophisticated as the technology advances. This emphasises the need for strong risk mitigation strategies. To define stro...