6825 matches found
Is Protective DNS Blocking the Wild West?
We perform a passive measurement study investigating how a Protective DNS service might perform in a Research & Education Network serving hundreds of member institutions. Utilizing freely-available DNS blocklists consisting of domain names deemed to be threats, we test hundreds of millions of...
APThreatHunter: An Automated Planning-Based Threat Hunting Framework
Cyber attacks threaten economic interests, critical infrastructure, and public health and safety. To counter this, entities adopt cyber threat hunting, a proactive approach that involves formulating hypotheses and searching for attack patterns within organisational networks. Automating cyber thre...
Security Vulnerabilities in AI-Generated Code: A Large-Scale Analysis of Public GitHub Repositories
This paper presents a comprehensive empirical analysis of security vulnerabilities in AI-generated code across public GitHub repositories. We collected and analyzed 7,703 files explicitly attributed to four major AI tools: ChatGPT 91.52%, GitHub Copilot 7.50%, Amazon CodeWhisperer 0.52%, and...
AgentCyTE: Leveraging Agentic AI to Generate Cybersecurity Training and Experimentation Scenarios
Designing realistic and adaptive networked threat scenarios remains a core challenge in cybersecurity research and training, still requiring substantial manual effort. While large language models LLMs show promise for automated synthesis, unconstrained generation often yields configurations that...
SIRAJ: Diverse and Efficient Red-Teaming for LLM Agents Via Distilled Structured Reasoning
The ability of LLM agents to plan and invoke tools exposes them to new safety risks, making a comprehensive red-teaming system crucial for discovering vulnerabilities and ensuring their safe deployment. We present SIRAJ: a generic red-teaming framework for arbitrary black-box LLM agents. We emplo...
From ECU to VSOC: UDS Security Monitoring Strategies
Increasing complexity and connectivity of modern vehicles have heightened their vulnerability to cyberattacks. This paper addresses security challenges associated with the Unified Diagnostic Services UDS protocol, a critical communication framework for vehicle diagnostics in the automotive...
Quantum-Resistant Networks Using Post-Quantum Cryptography
Quantum networks rely on both quantum and classical channels for coordinated operation. Current architectures employ entanglement distribution and key exchange over quantum channels but often assume that classical communication is sufficiently secure. In practice, classical channels protected by...
Secure Retrieval-Augmented Generation against Poisoning Attacks
Large language models LLMs have transformed natural language processing NLP, enabling applications from content generation to decision support. Retrieval-Augmented Generation RAG improves LLMs by incorporating external knowledge but also introduces security risks, particularly from data poisoning...
Covert Surveillance in Smart Devices: A SCOUR Framework Analysis of Youth Privacy Implications
This paper investigates how smart devices covertly capture private conversations and discusses in more in-depth the implications of this for youth privacy. Using a structured review guided by the PRISMA methodology, the analysis focuses on privacy concerns, data capture methods, data storage and...
Attention Augmented GNN RNN-Attention Models for Advanced Cybersecurity Intrusion Detection
In this paper, we propose a novel hybrid deep learning architecture that synergistically combines Graph Neural Networks GNNs, Recurrent Neural Networks RNNs, and multi-head attention mechanisms to significantly enhance cybersecurity intrusion detection capabilities. By leveraging the comprehensiv...
Hammering the Diagnosis: Rowhammer-Induced Stealthy Trojan Attacks on ViT-Based Medical Imaging
Vision Transformers ViTs have emerged as powerful architectures in medical image analysis, excelling in tasks such as disease detection, segmentation, and classification. However, their reliance on large, attention-driven models makes them vulnerable to hardware-level attacks. In this paper, we...
A Neuro-Symbolic Multi-Agent Approach to Legal-Cybersecurity Knowledge Integration
The growing intersection of cybersecurity and law creates a complex information space where traditional legal research tools struggle to deal with nuanced connections between cases, statutes, and technical vulnerabilities. This knowledge divide hinders collaboration between legal experts and...
Wapiti Web Application Vulnerability Scanner 3.2.8 Source Code
Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities. This is the source code release...
QueryIPI: Query-Agnostic Indirect Prompt Injection on Coding Agents
Modern coding agents integrated into IDEs combine powerful tools and system-level actions, exposing a high-stakes attack surface. Existing Indirect Prompt Injection IPI studies focus mainly on query-specific behaviors, leading to unstable attacks with lower success rates. We identify a more sever...
Agentic AI Security: Threats, Defenses, Evaluation, and Open Challenges
Agentic AI systems powered by large language models LLMs and endowed with planning, tool use, memory, and autonomy, are emerging as powerful, flexible platforms for automation. Their ability to autonomously execute tasks across web, software, and physical environments creates new and amplified...
Wapiti Web Application Vulnerability Scanner 3.2.8
Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities. This is the binary release...
Evaluation of Vision-LLMs in Surveillance Video
The widespread use of cameras in our society has created an overwhelming amount of video data, far exceeding the capacity for human monitoring. This presents a critical challenge for public safety and security, as the timely detection of anomalous or criminal events is crucial for effective...
Victim As a Service: Designing a System for Engaging with Interactive Scammers
Pig butchering, and similar interactive online scams, lower their victims' defenses by building trust over extended periods of conversation - sometimes weeks or months. They have become increasingly public losses at least $75B by one recent study. However, because of their long-term conversationa...
MCPGuard : Automatically Detecting Vulnerabilities in MCP Servers
The Model Context Protocol MCP has emerged as a standardized interface enabling seamless integration between Large Language Models LLMs and external data sources and tools. While MCP significantly reduces development complexity and enhances agent capabilities, its openness and extensibility...
Secure Control of Connected and Autonomous Electrified Vehicles under Adversarial Cyber-Attacks
Connected and Autonomous Electrified Vehicles CAEV is the solution to the future smart mobility having benefits of efficient traffic flow and cleaner environmental impact. Although CAEV has advantages they are still susceptible to adversarial cyber attacks due to their autonomous electric operati...
Network Intrusion Detection: Evolution from Conventional Approaches to LLM Collaboration and Emerging Risks
This survey systematizes the evolution of network intrusion detection systems NIDS, from conventional methods such as signature-based and neural network NN-based approaches to recent integrations with large language models LLMs. It clearly and concisely summarizes the current status, strengths, a...
Is Your Prompt Poisoning Code? Defect Induction Rates and Security Mitigation Strategies
Large language models LLMs have become indispensable for automated code generation, yet the quality and security of their outputs remain a critical concern. Existing studies predominantly concentrate on adversarial attacks or inherent flaws within the models. However, a more prevalent yet...
Breaking Agent Backbones: Evaluating the Security of Backbone LLMs in AI Agents
AI agents powered by large language models LLMs are being deployed at scale, yet we lack a systematic understanding of how the choice of backbone LLM affects agent security. The non-deterministic sequential nature of AI agents complicates security modeling, while the integration of traditional...
Advancing Honeywords for Real-World Authentication Security
Introduced by Juels and Rivest in 2013, Honeywords, which are decoy passwords stored alongside a real password, appear to be a proactive method to help detect password credentials misuse. However, despite over a decade of research, this technique has not been adopted by major authentication...
RejSCore: Rejection Sampling Core for Multivariate-Based Public Key Cryptography
Post-quantum multivariate public key cryptography MPKC schemes resist quantum threats but require heavy operations, such as rejection sampling, which challenge resource-limited devices. Prior hardware designs have addressed various aspects of MPKC signature generation. However, rejection sampling...
SecureLearn - an Attack-Agnostic Defense for Multiclass Machine Learning against Data Poisoning Attacks
Data poisoning attacks are a potential threat to machine learning ML models, aiming to manipulate training datasets to disrupt their performance. Existing defenses are mostly designed to mitigate specific poisoning attacks or are aligned with particular ML algorithms. Furthermore, most defenses a...
SAND: A Self-Supervised and Adaptive NAS-Driven Framework for Hardware Trojan Detection
The globalized semiconductor supply chain has made Hardware Trojans HT a significant security threat to embedded systems, necessitating the design of efficient and adaptable detection mechanisms. Despite promising machine learning-based HT detection techniques in the literature, they suffer from ...
Security Analysis of LTE Connectivity in Connected Cars: A Case Study of Tesla
Modern connected vehicles rely on persistent LTE connectivity to enable remote diagnostics, over-the-air OTA updates, and critical safety services. While mobile network vulnerabilities are well documented in the smartphone ecosystem, their impact in safety-critical automotive settings remains...
Lightweight and Breach-Resilient Authenticated Encryption Framework for Internet of Things
The Internet of Things IoT relies heavily on resource-limited devices to communicate critical e.g., military data information under low-energy adversarial environments and low-latency wireless channels. Authenticated Encryption AE guarantees confidentiality, authenticity, and integrity, making it...
Wazuh 4.14.0
Wazuh is a free and open source security platform that unifies XDR and SIEM capabilities. It protects workloads across on-premises, virtualized, containerized, and cloud-based environments. This is the source code release...
Enhanced MLLM Black-Box Jailbreaking Attacks and Defenses
Multimodal large language models MLLMs comprise of both visual and textual modalities to process vision language tasks. However, MLLMs are vulnerable to security-related issues, such as jailbreak attacks that alter the model's input to induce unauthorized or harmful responses. The incorporation o...
The Qey: Implementation and Performance Study of Post Quantum Cryptography in FIDO2
Authentication systems have evolved a lot since the 1960s when Fernando Corbato first proposed the password-based authentication. In 2013, the FIDO Alliance proposed using secure hardware for authentication, thus marking a milestone in the passwordless authentication era 1. Passwordless...
Actionable Cybersecurity Notifications for Smart Homes: A User Study on the Role of Length and Complexity
The proliferation of smart home devices has increased convenience but also introduced cybersecurity risks for everyday users, as many devices lack robust security features. Intrusion Detection Systems are a prominent approach to detecting cybersecurity threats. However, their alerts often use...
Securing AI Agent Execution
Large Language Models LLMs have evolved into AI agents that interact with external tools and environments to perform complex tasks. The Model Context Protocol MCP has become the de facto standard for connecting agents with such resources, but security has lagged behind: thousands of MCP servers...
The Trojan Example: Jailbreaking LLMs through Template Filling and Unsafety Reasoning
Large Language Models LLMs have advanced rapidly and now encode extensive world knowledge. Despite safety fine-tuning, however, they remain susceptible to adversarial prompts that elicit harmful content. Existing jailbreak techniques fall into two categories: white-box methods e.g., gradient-base...
Jailbreak Mimicry: Automated Discovery of Narrative-Based Jailbreaks for Large Language Models
Large language models LLMs remain vulnerable to sophisticated prompt engineering attacks that exploit contextual framing to bypass safety mechanisms, posing significant risks in cybersecurity applications. We introduce Jailbreak Mimicry, a systematic methodology for training compact attacker mode...
On the Cybersecurity of LoRaWAN-Based System: A Smart-Lighting Case Study
Cyber-physical systems and the Internet of Things IoT are key technologies in the Industry 4.0 vision. They incorporate sensors and actuators to interact with the physical environment. However, when creating and interconnecting components to form a heterogeneous smart systems architecture, these...
Impacket 0.13.0
Impacket is a collection of Python classes for working with network protocols. Impacket is focused on providing low-level programmatic access to the packets and, for some protocols e.g. SMB1-3 and MSRPC, the protocol implementation itself. Packets can be constructed from scratch, as well as parse...
Risk Psychology and Cyber-Attack Tactics
We examine whether measured cognitive processes predict cyber-attack behavior. We analyzed data that included psychometric scale responses and labeled attack behaviors from cybersecurity professionals who conducted red-team operations against a simulated enterprise network. We employed multilevel...
REx86: A Local Large Language Model for Assisting in X86 Assembly Reverse Engineering
Reverse engineering RE of x86 binaries is indispensable for malware and firmware analysis, but remains slow due to stripped metadata and adversarial obfuscation. Large Language Models LLMs offer potential for improving RE efficiency through automated comprehension and commenting, but cloud-hosted...
Enhancing Security in Deep Reinforcement Learning: A Comprehensive Survey on Adversarial Attacks and Defenses
With the wide application of deep reinforcement learning DRL techniques in complex fields such as autonomous driving, intelligent manufacturing, and smart healthcare, how to improve its security and robustness in dynamic and changeable environments has become a core issue in current research...
Lynis Auditing Tool 3.1.6
Lynis is an auditing tool for Unix specialists. It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated...
Beyond Text: Multimodal Jailbreaking of Vision-Language and Audio Models through Perceptually Simple Transformations
Multimodal large language models MLLMs have achieved remarkable progress, yet remain critically vulnerable to adversarial attacks that exploit weaknesses in cross-modal processing. We present a systematic study of multimodal jailbreaks targeting both vision-language and audio-language models,...
An Experimental Study of Trojan Vulnerabilities in UAV Autonomous Landing
This study investigates the vulnerabilities of autonomous navigation and landing systems in Urban Air Mobility UAM vehicles. Specifically, it focuses on Trojan attacks that target deep learning models, such as Convolutional Neural Networks CNNs. Trojan attacks work by embedding covert triggers...
Bytecode-Centric Detection of Known-To-Be-Vulnerable Dependencies in Java Projects
On average, 71% of the code in typical Java projects comes from open-source software OSS dependencies, making OSS dependencies the dominant component of modern software code bases. This high degree of OSS reliance comes with a considerable security risk of adding known security vulnerabilities to...
LAPRAD: LLM-Assisted PRotocol Attack Discovery
With the goal of improving the security of Internet protocols, we seek faster, semi-automatic methods to discover new vulnerabilities in protocols such as DNS, BGP, and others. To this end, we introduce the LLM-Assisted Protocol Attack Discovery LAPRAD methodology, enabling security researchers...
FreeBSD Security Advisory - FreeBSD-SA-25:09.netinet
FreeBSD Security Advisory - Connected sockets are not intended to belong to load-balancing groups. However, the kernel failed to check the connection state of sockets when adding them to load-balancing groups. Furthermore, when looking up the destination socket for an incoming packet, the kernel...
Can You Trust What You See? Alpha Channel No-Box Attacks on Video Object Detection
As object detection models are increasingly deployed in cyber-physical systems such as autonomous vehicles AVs and surveillance platforms, ensuring their security against adversarial threats is essential. While prior work has explored adversarial attacks in the image domain, those attacks in the...
Everyone Needs AIR: An Agnostic Incident Reporting Framework for Cybersecurity in Operational Technology
Operational technology OT networks are increasingly coupled with information technology IT, expanding the attack surface and complicating incident response. Although OT standards emphasise incident reporting and evidence preservation, they do not specify what data to capture during an incident,...
Ask What Your Country Can Do for You: Towards a Public Red Teaming Model
AI systems have the potential to produce both benefits and harms, but without rigorous and ongoing adversarial evaluation, AI actors will struggle to assess the breadth and magnitude of the AI risk surface. Researchers from the field of systems design have developed several effective sociotechnic...