6825 matches found
Analysis of the Security Design, Engineering, and Implementation of the SecureDNA System
We analyze security aspects of the SecureDNA system regarding its system design, engineering, and implementation. This system enables DNA synthesizers to screen order requests against a database of hazards. By applying novel cryptography, the system aims to keep order requests and the database of...
LLM-Based Vulnerable Code Augmentation: Generate or Refactor?
Vulnerability code-bases often suffer from severe imbalance, limiting the effectiveness of Deep Learning-based vulnerability classifiers. Data Augmentation could help solve this by mitigating the scarcity of under-represented CWEs. In this context, we investigate LLM-based augmentation for...
Exposing Vulnerabilities in Counterfeit Prevention Systems Utilizing Physically Unclonable Surface Features
Counterfeit products pose significant risks to public health and safety through infiltrating untrusted supply chains. Among numerous anti-counterfeiting techniques, leveraging inherent, unclonable microscopic irregularities of paper surfaces is an accurate and cost-effective solution. Prior work ...
Secure Wireless Communication Using Distributed Coherent Transmission and Spatial Signal Decomposition
We present a new approach to secure wireless communications using coherent distributed transmission of signals that are spatially decomposed between a two-element distributed antenna array. High-accuracy distributed coordination of microwave wireless systems supports the ability to transmit...
Llama-Based Source Code Vulnerability Detection: Prompt Engineering Vs Fine Tuning
The significant increase in software production, driven by the acceleration of development cycles over the past two decades, has led to a steady rise in software vulnerabilities, as shown by statistics published yearly by the CVE program. The automation of the source code vulnerability detection...
Information-Dense Reasoning for Efficient and Auditable Security Alert Triage
Security Operations Centers face massive, heterogeneous alert streams under minute-level service windows, creating the Alert Triage Latency Paradox: verbose reasoning chains ensure accuracy and compliance but incur prohibitive latency and token costs, while minimal chains sacrifice transparency a...
Agentic Artificial Intelligence for Ethical Cybersecurity in Uganda: A Reinforcement Learning Framework for Threat Detection in Resource-Constrained Environments
Uganda's rapid digital transformation, supported by national strategies such as Vision 2040 and the Digital Transformation Roadmap, has expanded reliance on networked services while simultaneously increasing exposure to sophisticated cyber threats. In resource-constrained settings, commonly...
Detecting Ambiguity Aversion in Cyberattack Behavior to Inform Cognitive Defense Strategies
Adversaries hackers attempting to infiltrate networks frequently face uncertainty in their operational environments. This research explores the ability to model and detect when they exhibit ambiguity aversion, a cognitive bias reflecting a preference for known versus unknown probabilities. We...
Breaking ECDSA with Electromagnetic Side-Channel Attacks: Challenges and Practicality on Modern Smartphones
Smartphones handle sensitive tasks such as messaging and payment and may soon support critical electronic identification through initiatives such as the European Digital Identity EUDI wallet, currently under development. Yet the susceptibility of modern smartphones to physical side-channel analys...
A Practical Framework for Evaluating Medical AI Security: Reproducible Assessment of Jailbreaking and Privacy Vulnerabilities across Clinical Specialties
Medical Large Language Models LLMs are increasingly deployed for clinical decision support across diverse specialties, yet systematic evaluation of their robustness to adversarial misuse and privacy leakage remains inaccessible to most researchers. Existing security benchmarks require GPU cluster...
Privacy Practices of Browser Agents
This paper presents a systematic evaluation of the privacy behaviors and attributes of eight recent, popular browser agents. Browser agents are software that automate Web browsing using large language models and ancillary tooling. However, the automated capabilities that make browser agents...
Evaluating Vulnerabilities of Connected Vehicles under Cyber Attacks by Attack-Defense Tree
Connected vehicles represent a key enabler of intelligent transportation systems, where vehicles are equipped with advanced communication, sensing, and computing technologies to interact not only with one another but also with surrounding infrastructures and the environment. Through continuous da...
RunawayEvil: Jailbreaking the Image-To-Video Generative Models
Image-to-Video I2V generation synthesizes dynamic visual content from image and text inputs, providing significant creative control. However, the security of such multimodal systems, particularly their vulnerability to jailbreak attacks, remains critically underexplored. To bridge this gap, we...
PrivLLMSwarm: Privacy-Preserving LLM-Driven UAV Swarms for Secure IoT Surveillance
Large Language Models LLMs are emerging as powerful enablers for autonomous reasoning and natural-language coordination in unmanned aerial vehicle UAV swarms operating within Internet of Things IoT environments. However, existing LLM-driven UAV systems process sensitive operational data in...
The Evolution of Agentic AI in Cybersecurity: From Single LLM Reasoners to Multi-Agent Systems and Autonomous Pipelines
Cybersecurity has become one of the earliest adopters of agentic AI, as security operations centers increasingly rely on multi-step reasoning, tool-driven analysis, and rapid decision-making under pressure. While individual large language models can summarize alerts or interpret unstructured...
Towards Small Language Models for Security Query Generation in SOC Workflows
Analysts in Security Operations Centers routinely query massive telemetry streams using Kusto Query Language KQL. Writing correct KQL requires specialized expertise, and this dependency creates a bottleneck as security teams scale. This paper investigates whether Small Language Models SLMs can...
A Comprehensive Study of Supervised Machine Learning Models for Zero-Day Attack Detection: Analyzing Performance on Imbalanced Data
Among the various types of cyberattacks, identifying zero-day attacks is problematic because they are unknown to security systems as their pattern and characteristics do not match known blacklisted attacks. There are many Machine Learning ML models designed to analyze and detect network attacks,...
ThinkTrap: Denial-Of-Service Attacks against Black-Box LLM Services Via Infinite Thinking
Large Language Models LLMs have become foundational components in a wide range of applications, including natural language understanding and generation, embodied intelligence, and scientific discovery. As their computational requirements continue to grow, these models are increasingly deployed as...
Hyperflex: A SIMD-Based DFA Model for Deep Packet Inspection
Deep Packet Inspection DPI has been extensively employed for network security. It examines traffic payloads by searching for regular expressions regex with the Deterministic Finite Automaton DFA model. However, as the network bandwidth and ruleset size are increasing rapidly, the conventional DFA...
Deep Reinforcement Learning for Phishing Detection with Transformer-Based Semantic Features
Phishing is a cybercrime in which individuals are deceived into revealing personal information, often resulting in financial loss. These attacks commonly occur through fraudulent messages, misleading advertisements, and compromised legitimate websites. This study proposes a Quantile Regression De...
Managed TLS under Migration: Authentication Authority across CDN and Hosting Transitions
Managed TLS has become a common approach for deploying HTTPS, with platforms generating and storing private keys and automating certificate issuance on behalf of domain operators. This model simplifies operational management but shifts control of authentication material from the domain owner to t...
Characterizing Large-Scale Adversarial Activities through Large-Scale Honey-Nets
The increasing sophistication of cyber threats demands novel approaches to characterize adversarial strategies, particularly those targeting critical infrastructure and IoT ecosystems. This paper presents a longitudinal analysis of attacker behavior using HoneyTrap, an adaptive honeypot framework...
Smart Surveillance: Identifying IoT Device Behaviours Using ML-Powered Traffic Analysis
The proliferation of Internet of Things IoT devices has grown exponentially in recent years, introducing significant security challenges. Accurate identification of the types of IoT devices and their associated actions through network traffic analysis is essential to mitigate potential threats. B...
Web Technologies Security in the AI Era: A Survey of CDN-Enhanced Defenses
The modern web stack, which is dominated by browser-based applications and API-first backends, now operates under an adversarial equilibrium where automated, AI-assisted attacks evolve continuously. Content Delivery Networks CDNs and edge computing place programmable defenses closest to users and...
AgenticCyber: A GenAI-Powered Multi-Agent System for Multimodal Threat Detection and Adaptive Response in Cybersecurity
The increasing complexity of cyber threats in distributed environments demands advanced frameworks for real-time detection and response across multimodal data streams. This paper introduces AgenticCyber, a generative AI powered multi-agent system that orchestrates specialized agents to monitor...
OmniSafeBench-MM: A Unified Benchmark and Toolbox for Multimodal Jailbreak Attack-Defense Evaluation
Recent advances in multi-modal large language models MLLMs have enabled unified perception-reasoning capabilities, yet these systems remain highly vulnerable to jailbreak attacks that bypass safety alignment and induce harmful behaviors. Existing benchmarks such as JailBreakV-28K, MM-SafetyBench,...
Securing the Model Context Protocol: Defending LLMs against Tool Poisoning and Adversarial Attacks
The Model Context Protocol MCP enables Large Language Models to integrate external tools through structured descriptors, increasing autonomy in decision-making, task execution, and multi-agent workflows. However, this autonomy creates a largely overlooked security gap. Existing defenses focus on...
BEACON: A Unified Behavioral-Tactical Framework for Explainable Cybercrime Analysis with Large Language Models
Cybercrime increasingly exploits human cognitive biases in addition to technical vulnerabilities, yet most existing analytical frameworks focus primarily on operational aspects and overlook psychological manipulation. This paper proposes BEACON, a unified dual-dimension framework that integrates...
TeleAI-Safety: A Comprehensive LLM Jailbreaking Benchmark Towards Attacks, Defenses, and Evaluations
While the deployment of large language models LLMs in high-value industries continues to expand, the systematic assessment of their safety against jailbreak and prompt-based attacks remains insufficient. Existing safety evaluation benchmarks and frameworks are often limited by an imbalanced...
Adobe Acrobat Force-Installed Vulnerable Chrome Extension
Back in 2017, Adobe Acrobat force-installed a vulnerable chrome extension susceptible to cross site scripting...
Frequency-Matching Quantum Key Distribution
Quantum key distribution QKD enables information-theoretically secure communication against eavesdropping. However, phase instability remains a challenge across many QKD applications, particularly in schemes such as twin-field QKD and measurement-device-independent QKD. The most dominant source o...
Sift or Get off the PoC: Applying Information Retrieval to Vulnerability Research with SiftRank
Security research is fundamentally a problem of resource constraint and consequent prioritization. There is simply too much attack surface and too little time and energy to spend analyzing it all. The most effective security researchers are often those who are most skilled at intuitively deciding...
Nuclei 3.6.0
Nuclei is a modern, high-performance vulnerability scanner that leverages simple YAML-based templates. It empowers you to design custom vulnerability detection scenarios that mimic real-world conditions, leading to zero false positives...
MalwareBytes Missing Signing / Privilege Escalation
This is older research from 2016 when Google found that MalwareBytes failed to sign packages and download them over a secure channel as well as various other security issues...
LLM Causality Analysis Framework
A comprehensive framework for multi-level causality analysis in Large Language Models LLMs, enabling systematic investigation of safety mechanisms and misbehavior detection across token, neuron, layer, and representation levels. Includes the whitepaper 2512.04841.pdf titled SoK: A Comprehensive...
The Road of Adaptive AI for Precision in Cybersecurity
Cybersecurity's evolving complexity presents unique challenges and opportunities for AI research and practice. This paper shares key lessons and insights from designing, building, and operating production-grade GenAI pipelines in cybersecurity, with a focus on the continual adaptation required to...
Transmission Integer Overflow
2017 research from Google where Tavis found that transmission suffered from various integer overflows when parsing torrent files...
A Novel Trust-Based DDoS Cyberattack Detection Model for Smart Business Environments
As the frequency and complexity of Distributed Denial-of-Service DDoS attacks continue to increase, the level of threats posed to Smart Internet of Things SIoT business environments have also increased. These environments generally have several interconnected SIoT systems and devices that are...
CISA: Principles for the Secure Integration of Artificial Intelligence in Operational Technology
Artificial intelligence AI has the potential to increase efficiency and productivity, enhance decision-making, cut costs and improve customer experience, but introducing AI in operational technology OT environments can introduce risks that require careful management to support the safety, securit...
A Practical Honeypot-Based Threat Intelligence Framework for Cyber Defence in the Cloud
In cloud environments, conventional firewalls rely on predefined rules and manual configurations, limiting their ability to respond effectively to evolving or zero-day threats. As organizations increasingly adopt platforms such as Microsoft Azure, this static defense model exposes cloud assets to...
ASTRIDE: A Security Threat Modeling Platform for Agentic-AI Applications
AI agent-based systems are becoming increasingly integral to modern software architectures, enabling autonomous decision-making, dynamic task execution, and multimodal interactions through large language models LLMs. However, these systems introduce novel and evolving security challenges, includi...
Beyond Detection: A Comprehensive Benchmark and Study on Representation Learning for Fine-Grained Webshell Family Classification
Malicious WebShells pose a significant and evolving threat by compromising critical digital infrastructures and endangering public services in sectors such as healthcare and finance. While the research community has made significant progress in WebShell detection i.e., distinguishing malicious...
BGPFuzz: Automated Configuration Fuzzing of the Border Gateway Protocol
Telecommunications networks rely on configurations to define routing behavior, especially in the Border Gateway Protocol BGP, where misconfigurations can lead to severe outages and security breaches, as demonstrated by the 2021 Facebook outage. Unlike existing approaches that rely on synthesis or...
React 19.0 / 19.1.0 / 19.1.1 / 19.2.0 Remote Code Execution
On November 29th, Lachlan Davidson reported a security vulnerability in React that allows unauthenticated remote code execution by exploiting a flaw in how React decodes payloads sent to React Server Function endpoints. Even if your app does not implement any React Server Function endpoints it ma...
Hybrid Quantum-Classical Autoencoders for Unsupervised Network Intrusion Detection
Unsupervised anomaly-based intrusion detection requires models that can generalize to attack patterns not observed during training. This work presents the first large-scale evaluation of hybrid quantum-classical HQC autoencoders for this task. We construct a unified experimental framework that...
Wireshark Analyzer 4.6.2
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. Thi...
Safe2Harm: Semantic Isomorphism Attacks for Jailbreaking Large Language Models
Large Language Models LLMs have demonstrated exceptional performance across various tasks, but their security vulnerabilities can be exploited by attackers to generate harmful content, causing adverse impacts across various societal domains. Most existing jailbreak methods revolve around Prompt...
PBFuzz: Agentic Directed Fuzzing for PoV Generation
Proof-of-Vulnerability PoV input generation is a critical task in software security and supports downstream applications such as path generation and validation. Generating a PoV input requires solving two sets of constraints: 1 reachability constraints for reaching vulnerable code locations, and ...
WildCode: An Empirical Analysis of Code Generated by ChatGPT
LLM models are increasingly used to generate code, but the quality and security of this code are often uncertain. Several recent studies have raised alarm bells, indicating that such AI-generated code may be particularly vulnerable to cyberattacks. However, most of these studies rely on code that...
ReFuzz: Reusing Tests for Processor Fuzzing with Contextual Bandits
Processor designs rely on iterative modifications and reuse well-established designs. However, this reuse of prior designs also leads to similar vulnerabilities across multiple processors. As processors grow increasingly complex with iterative modifications, efficiently detecting vulnerabilities...