6825 matches found
Human-Centered Threat Modeling in Practice: Lessons, Challenges, and Paths Forward
Human-centered threat modeling HCTM is an emerging area within security and privacy research that focuses on how people define and navigate threats in various social, cultural, and technological contexts. While researchers increasingly approach threat modeling from a human-centered perspective,...
Incentive Attacks in BTC: Short-Term Revenue Changes and Long-Term Efficiencies
Bitcoin's BTC Difficulty Adjustment Algorithm DAA has been a source of vulnerability for incentive attacks such as selfish mining, block withholding and coin hopping strategies. In this paper, first, we rigorously study the short-term revenue change per hashpower of the adversarial and honest...
Adaptive Intrusion Detection for Evolving RPL IoT Attacks Using Incremental Learning
The routing protocol for low-power and lossy networks RPL has become the de facto routing standard for resource-constrained IoT systems, but its lightweight design exposes critical vulnerabilities to a wide range of routing-layer attacks such as hello flood, decreased rank, and version number...
Prompt Engineering Vs. Fine-Tuning for LLM-Based Vulnerability Detection in Solana and Algorand Smart Contracts
Smart contracts have emerged as key components within decentralized environments, enabling the automation of transactions through self-executing programs. While these innovations offer significant advantages, they also present potential drawbacks if the smart contract code is not carefully design...
Finding Software Supply Chain Attack Paths with Logical Attack Graphs
Cyberattacks are becoming increasingly frequent and sophisticated, often exploiting the software supply chain SSC as an attack vector. Attack graphs provide a detailed representation of the sequence of events and vulnerabilities that could lead to a successful security breach in a system. MulVal ...
The Jasmin Compiler Preserves Cryptographic Security
Jasmin is a programming and verification framework for developing efficient, formally verified, cryptographic implementations. A main component of the framework is the Jasmin compiler, which empowers programmers to write efficient implementations of state-of-the-art cryptographic primitives,...
Data Poisoning Vulnerabilities across Healthcare AI Architectures: A Security Threat Analysis
Healthcare AI systems face major vulnerabilities to data poisoning that current defenses and regulations cannot adequately address. We analyzed eight attack scenarios in four categories: architectural attacks on convolutional neural networks, large language models, and reinforcement learning...
Grid-STIX: A STIX 2.1-Compliant Cyber-Physical Security Ontology for Power Grid
Modern electrical power grids represent complex cyber-physical systems requiring specialized cybersecurity frameworks beyond traditional IT security models. Existing threat intelligence standards such as STIX 2.1 and MITRE ATT&CK lack coverage for grid-specific assets, operational technology...
Automated Side-Channel Analysis of Cryptographic Protocol Implementations
We extract the first formal model of WhatsApp from its implementation by combining binary-level analysis via CryptoBap with reverse engineering via Ghidra to handle this large closed-source application. Using this model, we prove forward secrecy, identify a known clone-attack against...
SoK: Security Evaluation of Wi-Fi CSI Biometrics: Attacks, Metrics, and Systemic Weaknesses
Wi-Fi Channel State Information CSI has been repeatedly proposed as a biometric modality, often with reports of high accuracy and operational feasibility. However, the field lacks a consolidated understanding of its security properties, adversarial resilience, and methodological consistency. This...
Retrofit: Continual Learning with Bounded Forgetting for Security Applications
Modern security analytics are increasingly powered by deep learning models, but their performance often degrades as threat landscapes evolve and data representations shift. While continual learning CL offers a promising paradigm to maintain model effectiveness, many approaches rely on full...
NegBLEURT Forest: Leveraging Inconsistencies for Detecting Jailbreak Attacks
Jailbreak attacks designed to bypass safety mechanisms pose a serious threat by prompting LLMs to generate harmful or inappropriate content, despite alignment with ethical guidelines. Crafting universal filtering rules remains difficult due to their inherent dependence on specific contexts. To...
VULPO: Context-Aware Vulnerability Detection Via On-Policy LLM Optimization
The widespread reliance on open-source software dramatically increases the risk of vulnerability exploitation, underscoring the need for effective and scalable vulnerability detection VD. Existing VD techniques, whether traditional machine learning-based or LLM-based approaches like prompt...
PATCHEVAL: A New Benchmark for Evaluating LLMs on Patching Real-World Vulnerabilities
Software vulnerabilities are increasing at an alarming rate. However, manual patching is both time-consuming and resource-intensive, while existing automated vulnerability repair AVR techniques remain limited in effectiveness. Recent advances in large language models LLMs have opened a new paradi...
How Worrying Are Privacy Attacks against Machine Learning?
In several jurisdictions, the regulatory framework on the release and sharing of personal data is being extended to machine learning ML. The implicit assumption is that disclosing a trained ML model entails a privacy risk for any personal data used in training comparable to directly releasing tho...
Robustness of LLM-Enabled Vehicle Trajectory Prediction under Data Security Threats
The integration of large language models LLMs into automated driving systems has opened new possibilities for reasoning and decision-making by transforming complex driving contexts into language-understandable representations. Recent studies demonstrate that fine-tuned LLMs can accurately predict...
Phantom Menace: Exploring and Enhancing the Robustness of VLA Models against Physical Sensor Attacks
Vision-Language-Action VLA models revolutionize robotic systems by enabling end-to-end perception-to-action pipelines that integrate multiple sensory modalities, such as visual signals processed by cameras and auditory signals captured by microphones. This multi-modality integration allows VLA...
OpenSCAP Libraries 1.3.13
The openscap project is a set of open source libraries that support the SCAP Security Content Automation Protocol set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF...
Can AI Models Be Jailbroken to Phish Elderly Victims? an End-To-End Evaluation
We present an end-to-end demonstration of how attackers can exploit AI safety failures to harm vulnerable populations: from jailbreaking LLMs to generate phishing content, to deploying those messages against real targets, to successfully compromising elderly victims. We systematically evaluated...
Enhanced Anonymous Credentials for E-Voting Systems
A simple and practical method for achieving everlasting privacy in e-voting systems, without relying on advanced cryptographic techniques, is to use anonymous voter credentials. The simplicity of this approach may, however, create some challenges, when combined with other security features, such ...
An In-Depth Systematic Analysis of the Security, Usability, and Automation Capabilities of Password Update Processes on Top-Ranked Websites
Password updates are a critical account security measure and an essential part of the password lifecycle. Service providers and common security recommendations advise users to update their passwords in response to incidents or as a critical cyber hygiene measure. However, password update processe...
Wazuh 4.14.1
Wazuh is a free and open source security platform that unifies XDR and SIEM capabilities. It protects workloads across on-premises, virtualized, containerized, and cloud-based environments. This is the source code release...
AFLGopher: Accelerating Directed Fuzzing Via Feasibility-Aware Guidance
Directed fuzzing is a useful testing technique that aims to efficiently reach target code sites in a program. The core of directed fuzzing is the guiding mechanism that directs the fuzzing to the specified target. A general guiding mechanism adopted in existing directed fuzzers is to calculate th...
MTAttack: Multi-Target Backdoor Attacks against Large Vision-Language Models
Recent advances in Large Visual Language Models LVLMs have demonstrated impressive performance across various vision-language tasks by leveraging large-scale image-text pretraining and instruction tuning. However, the security vulnerabilities of LVLMs have become increasingly concerning,...
GraphFaaS: Serverless GNN Inference for Burst-Resilient, Real-Time Intrusion Detection
Provenance-based intrusion detection is an increasingly popular application of graphical machine learning in cybersecurity, where system activities are modeled as provenance graphs to capture causality and correlations among potentially malicious actions. Graph Neural Networks GNNs have...
Decoupling Bias, Aligning Distributions: Synergistic Fairness Optimization for Deepfake Detection
Fairness is a core element in the trustworthy deployment of deepfake detection models, especially in the field of digital identity security. Biases in detection models toward different demographic groups, such as gender and race, may lead to systemic misjudgments, exacerbating the digital divide...
An Explainable Recursive Feature Elimination to Detect Advanced Persistent Threats Using Random Forest Classifier
Intrusion Detection Systems IDS play a vital role in modern cybersecurity frameworks by providing a primary defense mechanism against sophisticated threat actors. In this paper, we propose an explainable intrusion detection framework that integrates Recursive Feature Elimination RFE with Random...
Enhancing Password Security through a High-Accuracy Scoring Framework Using Random Forests
Password security plays a crucial role in cybersecurity, yet traditional password strength meters, which rely on static rules like character-type requirements, often fail. Such methods are easily bypassed by common password patterns e.g., 'P@ssw0rd1!', giving users a false sense of security. To...
Toward an Intrusion Detection System for a Virtualization Framework in Edge Computing
Edge computing pushes computation closer to data sources, but it also expands the attack surface on resource-constrained devices. This work explores the deployment of the Lightweight Deep Anomaly Detection for Network Traffic LDPI integrated as an isolated service within a virtualization framewor...
Pack-A-Mal: A Malware Analysis Framework for Open-Source Packages
The increasingly sophisticated environment in which attackers operate makes software security an even greater challenge in open-source projects, where malicious packages are prevalent. Static analysis tools, such as Malcontent, are highly useful but are often incapable of dealing with obfuscated...
One Signature, Multiple Payments: Demystifying and Detecting Signature Replay Vulnerabilities in Smart Contracts
Smart contracts have significantly advanced blockchain technology, and digital signatures are crucial for reliable verification of contract authority. Through signature verification, smart contracts can ensure that signers possess the required permissions, thus enhancing security and scalability...
StyleBreak: Revealing Alignment Vulnerabilities in Large Audio-Language Models Via Style-Aware Audio Jailbreak
Large Audio-language Models LAMs have recently enabled powerful speech-based interactions by coupling audio encoders with Large Language Models LLMs. However, the security of LAMs under adversarial attacks remains underexplored, especially through audio jailbreaks that craft malicious audio promp...
Taught by the Flawed: How Dataset Insecurity Breeds Vulnerable AI Code
AI programming assistants have demonstrated a tendency to generate code containing basic security vulnerabilities. While developers are ultimately responsible for validating and reviewing such outputs, improving the inherent quality of these generated code snippets remains essential. A key...
TOR Virtual Network Tunneling Tool 0.4.8.20
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow...
How Can We Effectively Use LLMs for Phishing Detection?: Evaluating the Effectiveness of Large Language Model-Based Phishing Detection Models
Large language models LLMs have emerged as a promising phishing detection mechanism, addressing the limitations of traditional deep learning-based detectors, including poor generalization to previously unseen websites and a lack of interpretability. However, LLMs' effectiveness for phishing...
SecTracer: A Framework for Uncovering the Root Causes of Network Intrusions Via Security Provenance
Modern enterprise networks comprise diverse and heterogeneous systems that support a wide range of services, making it challenging for administrators to track and analyze sophisticated attacks such as advanced persistent threats APTs, which often exploit multiple vectors. To address this challeng...
Slice-Aware Spoofing Detection in 5G Networks Using Lightweight Machine Learning
The increasing virtualization of fifth generation 5G networks expands the attack surface of the user plane, making spoofing a persistent threat to slice integrity and service reliability. This study presents a slice-aware lightweight machine-learning framework for detecting spoofing attacks withi...
Framing the Hacker: Media Representations and Public Discourse in Germany
This paper examines how the figure of the hacker is portrayed in German mainstream media and explores the impact of media framing on public discourse. Through a longitudinal content analysis of 301 articles from four of the most widely circulated German newspapers Die Zeit, S�ddeutsche Zeitung,...
CAHICHA: Computer Automated Hardware Interaction Test to Tell Computer and Humans Apart
As automation bot technology and Artificial Intelligence is evolving rapidly, conventional human verification techniques like voice CAPTCHAs and knowledge-based authentication are becoming less effective. Bots and scrapers with Artificial Intelligence AI capabilities can now detect and solve visu...
Introducing Nylon Face Mask Attacks: A Dataset for Evaluating Generalised Face Presentation Attack Detection
Face recognition systems are increasingly deployed across a wide range of applications, including smartphone authentication, access control, and border security. However, these systems remain vulnerable to presentation attacks PAs, which can significantly compromise their reliability. In this wor...
Automated Hardware Trojan Insertion in Industrial-Scale Designs
Industrial Systems-on-Chips SoCs often comprise hundreds of thousands to millions of nets and millions to tens of millions of connectivity edges, making empirical evaluation of hardware-Trojan HT detectors on realistic designs both necessary and difficult. Public benchmarks remain significantly...
Publish Your Threat Models! the Benefits Far Outweigh the Dangers
Threat modeling has long guided software development work, and we consider how Public Threat Models PTM can convey useful security information to others. We list some early adopter precedents, explain the many benefits, address potential objections, and cite regulatory drivers. Internal threat...
Binary and Multiclass Cyberattack Classification on GeNIS Dataset
The integration of Artificial Intelligence AI in Network Intrusion Detection Systems NIDS is a promising approach to tackle the increasing sophistication of cyberattacks. However, since Machine Learning ML and Deep Learning DL models rely heavily on the quality of their training data, the lack of...
Toward Autonomous and Efficient Cybersecurity: A Multi-Objective AutoML-Based Intrusion Detection System
With increasingly sophisticated cybersecurity threats and rising demand for network automation, autonomous cybersecurity mechanisms are becoming critical for securing modern networks. The rapid expansion of Internet of Things IoT systems amplifies these challenges, as resource-constrained IoT...
Endpoint Security Agent: A Comprehensive Approach to Real-Time System Monitoring and Threat Detection
As cyber threats continue to evolve in complexity and frequency, robust endpoint protection is essential for organizational security. This paper presents "Endpoint Security Agent: A Comprehensive Approach to Real-time System Monitoring and Threat Detection" a modular, real-time security solution...
From LLMs to Agents: A Comparative Evaluation of LLMs and LLM-Based Agents in Security Patch Detection
The widespread adoption of open-source software OSS has accelerated software innovation but also increased security risks due to the rapid propagation of vulnerabilities and silent patch releases. In recent years, large language models LLMs and LLM-based agents have demonstrated remarkable...
QLCoder: A Query Synthesizer for Static Analysis of Security Vulnerabilities
Static analysis tools provide a powerful means to detect security vulnerabilities by specifying queries that encode vulnerable code patterns. However, writing such queries is challenging and requires diverse expertise in security and program analysis. To address this challenge, we present QLCoder...
Falco 0.42.1
Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco...
Wapiti Web Application Vulnerability Scanner 3.2.9 Source Code
Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities. This is the source code release...
Quantum Semantic Communication beyond the Shannon-Wyner Channel Capacity
Quantum Secure Direct Communication QSDC, a paradigm-shifting breakthrough in quantum communication, exploits quantum states for unmediated information transmission. Rooted in the inviolable fundamental laws of quantum mechanics, QSDC enables ultrasensitive detection of even the faintest...