6825 matches found
Smartphone User Fingerprinting on Wireless Traffic
Due to the openness of the wireless medium, smartphone users are susceptible to user privacy attacks, where user privacy information is inferred from encrypted Wi-Fi wireless traffic. Existing attacks are limited to recognizing mobile apps and their actions and cannot infer the smartphone user...
Security and Privacy Management of IoT Using Quantum Computing
The convergence of the Internet of Things IoT and quantum computing is redefining the security paradigm of interconnected digital systems. Classical cryptographic algorithms such as RSA, Elliptic Curve Cryptography ECC, and Advanced Encryption Standard AES have long provided the foundation for...
AutoAdv: Automated Adversarial Prompting for Multi-Turn Jailbreaking of Large Language Models
Large Language Models LLMs remain vulnerable to jailbreaking attacks where adversarial prompts elicit harmful outputs, yet most evaluations focus on single-turn interactions while real-world attacks unfold through adaptive multi-turn conversations. We present AutoAdv, a training-free framework fo...
Aether - Adaptive Exploit and Threat Hunting Engine for EVM-based Repositories
Aether is a Python-based framework for analyzing Solidity smart contracts, generating vulnerability findings, producing Foundry-based proof-of-concept PoC tests, and optionally validating those tests on mainnet forks. It combines static analysis, prompt-driven LLM analysis, and AI-ensemble...
1 PoCo: Agentic Proof-Of-Concept Exploit Generation for Smart Contracts
Smart contracts operate in a highly adversarial environment, where vulnerabilities can lead to substantial financial losses. Thus, smart contracts are subject to security audits. In auditing, proof-of-concept PoC exploits play a critical role by demonstrating to the stakeholders that the reported...
On the Dangers of Poisoned LLMs in Security Automation
This paper investigates some of the risks introduced by "LLM poisoning," the intentional or unintentional introduction of malicious or biased data during model training. We demonstrate how a seemingly improved LLM, fine-tuned on a limited dataset, can introduce significant bias, to the extent tha...
Jailbreaking in the Haystack
Recent advances in long-context language models LMs have enabled million-token inputs, expanding their capabilities across complex tasks like computer-use agents. Yet, the safety implications of these extended contexts remain unclear. To bridge this gap, we introduce NINJA short for...
Designing Proportionate Cybersecurity Frameworks for European Micro-Enterprises: Lessons from the Squad 2025 Case
Micro and small enterprises SMEs account for most European businesses yet remain highly vulnerable to cyber threats. This paper analyses the design logic of a recent European policy initiative -- the Squad 2025 Playbook on Cybersecurity Awareness for Micro-SMEs -- to extract general principles fo...
Trustworthy Quantum Machine Learning: A Roadmap for Reliability, Robustness, and Security in the NISQ Era
Quantum machine learning QML is a promising paradigm for tackling computational problems that challenge classical AI. Yet, the inherent probabilistic behavior of quantum mechanics, device noise in NISQ hardware, and hybrid quantum-classical execution pipelines introduce new risks that prevent...
Enhancing NTRUEncrypt Security Using Markov Chain Monte Carlo Methods: Theory and Practice
This paper presents a novel framework for enhancing the quantum resistance of NTRUEncrypt using Markov Chain Monte Carlo MCMC methods. We establish formal bounds on sampling efficiency and provide security reductions to lattice problems, bridging theoretical guarantees with practical...
Detecting Vulnerabilities from Issue Reports for Internet-Of-Things
Timely identification of issue reports reflecting software vulnerabilities is crucial, particularly for Internet-of-Things IoT where analysis is slower than non-IoT systems. While Machine Learning ML and Large Language Models LLMs detect vulnerability-indicating issues in non-IoT systems, their I...
Scam Shield: Multi-Model Voting and Fine-Tuned LLMs against Adversarial Attacks
Scam detection remains a critical challenge in cybersecurity as adversaries craft messages that evade automated filters. We propose a Hierarchical Scam Detection System HSDS that combines a lightweight multi-model voting front end with a fine-tuned LLaMA 3.1 8B Instruct back end to improve accura...
Characterizing Build Compromises through Vulnerability Disclosure Analysis
The software build process transforms source code into deployable artifacts, representing a critical yet vulnerable stage in software development. Build infrastructure security poses unique challenges: the complexity of multi-component systems source code, dependencies, build tools, the difficult...
Machine and Deep Learning for Indoor UWB Jammer Localization
Ultra-wideband UWB localization delivers centimeter-scale accuracy but is vulnerable to jamming attacks, creating security risks for asset tracking and intrusion detection in smart buildings. Although machine learning ML and deep learning DL methods have improved tag localization, localizing...
Federated Cyber Defense: Privacy-Preserving Ransomware Detection across Distributed Systems
Detecting malware, especially ransomware, is essential to securing today's interconnected ecosystems, including cloud storage, enterprise file-sharing, and database services. Training high-performing artificial intelligence AI detectors requires diverse datasets, which are often distributed acros...
Towards Ultra-Low Latency: Binarized Neural Network Architectures for In-Vehicle Network Intrusion Detection
The Control Area Network CAN protocol is essential for in-vehicle communication, facilitating high-speed data exchange among Electronic Control Units ECUs. However, its inherent design lacks robust security features, rendering vehicles susceptible to cyberattacks. While recent research has...
A Large Scale Study of AI-Based Binary Function Similarity Detection Techniques for Security Researchers and Practitioners
Binary Function Similarity Detection BFSD is a foundational technique in software security, underpinning a wide range of applications including vulnerability detection, malware analysis. Recent advances in AI-based BFSD tools have led to significant performance improvements. However, existing...
Android Malware Detection: A Machine Learning Approach
This study examines machine learning techniques like Decision Trees, Support Vector Machines, Logistic Regression, Neural Networks, and ensemble methods to detect Android malware. The study evaluates these models on a dataset of Android applications and analyzes their accuracy, efficiency, and...
AthenaBench: A Dynamic Benchmark for Evaluating LLMs in Cyber Threat Intelligence
Large Language Models LLMs have demonstrated strong capabilities in natural language reasoning, yet their application to Cyber Threat Intelligence CTI remains limited. CTI analysis involves distilling large volumes of unstructured reports into actionable knowledge, a process where LLMs could...
An Efficient Anomaly Detection Framework for Wireless Sensor Networks Using Markov Process
Wireless Sensor Networks forms the backbone of modern cyber physical systems used in various applications such as environmental monitoring, healthcare monitoring, industrial automation, and smart infrastructure. Ensuring the reliability of data collected through these networks is essential as the...
Meta-Learning Based Radio Frequency Fingerprinting for GNSS Spoofing Detection
The rapid development of technology has led to an increase in the number of devices that rely on position, velocity, and time PVT information to perform their functions. As such, the Global Navigation Satellite Systems GNSS have been adopted as one of the most promising solutions to provide PVT...
Penetrating the Hostile: Detecting DeFi Protocol Exploits through Cross-Contract Analysis
Decentralized finance DeFi protocols are crypto projects developed on the blockchain to manage digital assets. Attacks on DeFi have been frequent and have resulted in losses exceeding $80 billion. Current tools detect and locate possible vulnerabilities in contracts by analyzing the state changes...
Mind the Gap: Missing Cyber Threat Coverage in NIDS Datasets for the Energy Sector
Network Intrusion Detection Systems NIDS developed using publicly available datasets predominantly focus on enterprise environments, raising concerns about their effectiveness for converged Information Technology IT and Operational Technology OT in energy infrastructures. This study evaluates the...
Sustaining Cyber Awareness: The Long-Term Impact of Continuous Phishing Training and Emotional Triggers
Phishing constitutes more than 90% of successful cyberattacks globally, remaining one of the most persistent threats to organizational security. Despite organizations tripling their cybersecurity budgets between 2015 and 2025, the human factor continues to pose a critical vulnerability. This stud...
Exploiting Latent Space Discontinuities for Building Universal LLM Jailbreaks and Data Extraction Attacks
The rapid proliferation of Large Language Models LLMs has raised significant concerns about their security against adversarial attacks. In this work, we propose a novel approach to crafting universal jailbreaks and data extraction attacks by exploiting latent space discontinuities, an architectur...
Security Audit of Intel ICE Driver for E810 Network Interface Card
The security of enterprise-grade networking hardware and software is critical to ensuring the integrity, availability, and confidentiality of data in modern cloud and data center environments. Network interface controllers NICs play a pivotal role in high-performance computing and virtualization,...
Coordinated Position Falsification Attacks and Countermeasures for Location-Based Services
With the rise of location-based service LBS applications that rely on terrestrial and satellite infrastructures e.g., GNSS and crowd-sourced Wi-Fi, Bluetooth, cellular, and IP databases for positioning, ensuring their integrity and security is paramount. However, we demonstrate that these...
MalDataGen: A Modular Framework for Synthetic Tabular Data Generation in Malware Detection
High-quality data scarcity hinders malware detection, limiting ML performance. We introduce MalDataGen, an open-source modular framework for generating high-fidelity synthetic tabular data using modular deep learning models e.g., WGAN-GP, VQ-VAE. Evaluated via dual validation TR-TS/TS-TR, seven...
On Selecting Few-Shot Examples for LLM-Based Code Vulnerability Detection
Large language models LLMs have demonstrated impressive capabilities for many coding tasks, including summarization, translation, completion, and code generation. However, detecting code vulnerabilities remains a challenging task for LLMs. An effective way to improve LLM performance is in-context...
MH-1M: A 1.34 Million-Sample Comprehensive Multi-Feature Android Malware Dataset for Machine Learning, Deep Learning, Large Language Models, and Threat Intelligence Research
We present MH-1M, one of the most comprehensive and up-to-date datasets for advanced Android malware research. The dataset comprises 1,340,515 applications, encompassing a wide range of features and extensive metadata. To ensure accurate malware classification, we employ the VirusTotal API,...
Windows Persistent Task Scheduler
This Metasploit module establishes persistence by creating a scheduled task to run a payload...
Prevalence of Security and Privacy Risk-Inducing Usage of AI-Based Conversational Agents
Recent improvement gains in large language models LLMs have lead to everyday usage of AI-based Conversational Agents CAs. At the same time, LLMs are vulnerable to an array of threats, including jailbreaks and, for example, causing remote code execution when fed specific inputs. As a result, users...
Service Upstart Persistence
This Metasploit module will create a service on the box, and mark it for auto-restart. You need enough access to write service files and potentially restart services...
LLM-Based Multi-Class Attack Analysis and Mitigation Framework in IoT/IIoT Networks
The Internet of Things has expanded rapidly, transforming communication and operations across industries but also increasing the attack surface and security breaches. Artificial Intelligence plays a key role in securing IoT, enabling attack detection, attack behavior analysis, and mitigation...
A Survey of Heterogeneous Graph Neural Networks for Cybersecurity Anomaly Detection
Anomaly detection is a critical task in cybersecurity, where identifying insider threats, access violations, and coordinated attacks is essential for ensuring system resilience. Graph-based approaches have become increasingly important for modeling entity interactions, yet most rely on homogeneou...
CyberNER: A Harmonized STIX Corpus for Cybersecurity Named Entity Recognition
Extracting structured intelligence via Named Entity Recognition NER is critical for cybersecurity, but the proliferation of datasets with incompatible annotation schemas hinders the development of comprehensive models. While combining these resources is desirable, we empirically demonstrate that...
A Comparative Study of Hybrid Post-Quantum Cryptographic X.509 Certificate Schemes
As quantum computing hardware continues to advance, the integration of such technology with quantum algorithms is anticipated to enable the decryption of ciphertexts produced by RSA and Elliptic Curve Cryptography ECC within polynomial time. In response to this emerging threat, the U.S. National...
Adapting Large Language Models to Emerging Cybersecurity Using Retrieval Augmented Generation
Security applications are increasingly relying on large language models LLMs for cyber threat detection; however, their opaque reasoning often limits trust, particularly in decisions that require domain-specific cybersecurity knowledge. Because security threats evolve rapidly, LLMs must not only...
Unvalidated Trust: Cross-Stage Vulnerabilities in Large Language Model Architectures
As Large Language Models LLMs are increasingly integrated into automated, multi-stage pipelines, risk patterns that arise from unvalidated trust between processing stages become a practical concern. This paper presents a mechanism-centered taxonomy of 41 recurring risk patterns in commercial LLMs...
A DRL-Empowered Multi-Level Jamming Approach for Secure Semantic Communication
Semantic communication SemCom aims to transmit only task-relevant information, thereby improving communication efficiency but also exposing semantic information to potential eavesdropping. In this paper, we propose a deep reinforcement learning DRL-empowered multi-level jamming approach to enhanc...
A Comprehensive Evaluation and Practice of System Penetration Testing
With the rapid advancement of information technology, the complexity of applications continues to increase, and the cybersecurity challenges we face are also escalating. This paper aims to investigate the methods and practices of system security penetration testing, exploring how to enhance syste...
TEE.fail: Breaking Trusted Execution Environments via DDR5 Memory Bus Interposition
In this paper, the researchers show that the security guarantees of modern TEE offerings by Intel and AMD can be broken cheaply and easily, by building a memory interposition device that allows attackers to physically inspect all memory traffic inside a DDR5 server...
Twin-Field Quantum Key Distribution: Protocols, Security, and Open Problems
Twin-Field Quantum Key Distribution TF-QKD has emerged as a potential protocol for long distance secure communication, overcoming the rate-distance limitations of conventional quantum key distribution without requiring trusted repeaters. By having two parties transmit phase encoded weak coherent...
AAGATE: A NIST AI RMF-Aligned Governance Platform for Agentic AI
This paper introduces the Agentic AI Governance Assurance & Trust Engine AAGATE, a Kubernetes-native control plane designed to address the unique security and governance challenges posed by autonomous, language-model-driven agents in production. Recognizing the limitations of traditional...
Identity Management for Agentic AI: The New Frontier of Authorization, Authentication, and Security for an AI Agent World
The rapid rise of AI agents presents urgent challenges in authentication, authorization, and identity management. Current agent-centric protocols like MCP highlight the demand for clarified best practices in authentication and authorization. Looking ahead, ambitions for highly autonomous agents...
tc Tor Chat Client 1.3
tc is a low-tech free solution to make yourself anonymously reachable for chat by anyone who only know your onion address and your public key. Messages are PGP encrypted end-to-end and forwarded by Tor's relays...
An In-Depth Analysis of Cyber Attacks in Secured Platforms
There is an increase in global malware threats. To address this, an encryption-type ransomware has been introduced on the Android operating system. The challenges associated with malicious threats in phone use have become a pressing issue in mobile communication, disrupting user experiences and...
Packet Fence 15.0.0
PacketFence is a network access control NAC system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration...
Windows Persistent Startup Folder
This Metasploit module establishes persistence by creating a payload in the user or system startup folder. Works on Vista and newer systems...
Model Inversion Attacks Meet Cryptographic Fuzzy Extractors
Model inversion attacks pose an open challenge to privacy-sensitive applications that use machine learning ML models. For example, face authentication systems use modern ML models to compute embedding vectors from face images of the enrolled users and store them. If leaked, inversion attacks can...