6825 matches found
Quantum Public Key Encryption for NISQ Devices
Quantum public-key encryption PKE, where public-keys and/or ciphertexts can be quantum states, is an important primitive in quantum cryptography. Unlike classical PKE e.g., RSA or ECC, quantum PKE can leverage quantum-secure cryptographic assumptions or the principles of quantum mechanics for...
Rain: Transiently Leaking Data from Public Clouds Using Old Vulnerabilities
Given their vital importance for governments and enterprises around the world, we need to trust public clouds to provide strong security guarantees even in the face of advanced attacks and hardware vulnerabilities. While transient execution vulnerabilities, such as Spectre, have been in the...
A Comparative Analysis of Ensemble-Based Machine Learning Approaches with Explainable AI for Multi-Class Intrusion Detection in Drone Networks
The growing integration of drones into civilian, commercial, and defense sectors introduces significant cybersecurity concerns, particularly with the increased risk of network-based intrusions targeting drone communication protocols. Detecting and classifying these intrusions is inherently...
Coherence-Driven Inference for Cybersecurity
Large language models LLMs can compile weighted graphs on natural language data to enable automatic coherence-driven inference CDI relevant to red and blue team operations in cybersecurity. This represents an early application of automatic CDI that holds near- to medium-term promise for...
Examining I2P Resilience: Effect of Centrality-Based Attack
This study examines the robustness of I2P, a well-regarded anonymous and decentralized peer-to-peer network designed to ensure anonymity, confidentiality, and circumvention of censorship. Unlike its more widely researched counterpart, TOR, I2P's resilience has received less scholarly attention...
AEAS: Actionable Exploit Assessment System
Security practitioners face growing challenges in exploit assessment, as public vulnerability repositories are increasingly populated with inconsistent and low-quality exploit artifacts. Existing scoring systems, such as CVSS and EPSS, offer limited support for this task. They either rely on...
State-Of-The-Art in Software Security Visualization: a Systematic Review
Software security visualization is an interdisciplinary field that combines the technical complexity of cybersecurity, including threat intelligence and compliance monitoring, with visual analytics, transforming complex security data into easily digestible visual formats. As software systems get...
LLaVul: a Multimodal LLM for Interpretable Vulnerability Reasoning about Source Code
Increasing complexity in software systems places a growing demand on reasoning tools that unlock vulnerabilities manifest in source code. Many current approaches focus on vulnerability analysis as a classifying task, oversimplifying the nuanced and context-dependent real-world scenarios. Even...
Seeing Is Deceiving: Mirror-Based LiDAR Spoofing for Autonomous Vehicle Deception
Autonomous vehicles AVs rely heavily on LiDAR sensors for accurate 3D perception. We show a novel class of low-cost, passive LiDAR spoofing attacks that exploit mirror-like surfaces to inject or remove objects from an AV's perception. Using planar mirrors to redirect LiDAR beams, these attacks...
Static Security Vulnerability Scanning of Proprietary and Open-Source Software: an Adaptable Process with Variants and Results
Software vulnerabilities remain a significant risk factor in achieving security objectives within software development organizations. This is especially true where either proprietary or open-source software OSS is included in the technological environment. In this paper an end-to-end process with...
Temporal Logic-Based Multi-Vehicle Backdoor Attacks against Offline RL Agents in End-To-End Autonomous Driving
Assessing the safety of autonomous driving AD systems against security threats, particularly backdoor attacks, is a stepping stone for real-world deployment. However, existing works mainly focus on pixel-level triggers that are impractical to deploy in the real world. We address this gap by...
FakeSound2: a Benchmark for Explainable and Generalizable Deepfake Sound Detection
The rapid development of generative audio raises ethical and security concerns stemming from forged data, making deepfake sound detection an important safeguard against the malicious use of such technologies. Although prior studies have explored this task, existing methods largely focus on binary...
DecipherGuard: Understanding and Deciphering Jailbreak Prompts for a Safer Deployment of Intelligent Software Systems
Intelligent software systems powered by Large Language Models LLMs are increasingly deployed in critical sectors, raising concerns about their safety during runtime. Through an industry-academic collaboration when deploying an LLM-powered virtual customer assistant, a critical software engineerin...
MoPE: a Mixture of Password Experts for Improving Password Guessing
Textual passwords remain a predominant authentication mechanism in web security. To evaluate their strength, existing research has proposed several data-driven models across various scenarios. However, these models generally treat passwords uniformly, neglecting the structural differences among...
Incentives and Outcomes in Bug Bounties
Bug bounty programs have contributed significantly to security in technology firms in the last decade, but little is known about the role of reward incentives in producing useful outcomes. We analyze incentives and outcomes in Google's Vulnerability Rewards Program VRP, one of the world's largest...
Security Vulnerabilities in Software Supply Chain for Autonomous Vehicles
The interest in autonomous vehicles AVs for critical missions, including transportation, rescue, surveillance, reconnaissance, and mapping, is growing rapidly due to their significant safety and mobility benefits. AVs consist of complex software systems that leverage artificial intelligence AI,...
"Digital Camouflage": the LLVM Challenge in LLM-Based Malware Detection
Large Language Models LLMs have emerged as promising tools for malware detection by analyzing code semantics, identifying vulnerabilities, and adapting to evolving threats. However, their reliability under adversarial compiler-level obfuscation is yet to be discovered. In this study, we empirical...
Self-Supervised Learning of Graph Representations for Network Intrusion Detection
Detecting intrusions in network traffic is a challenging task, particularly under limited supervision and constantly evolving attack patterns. While recent works have leveraged graph neural networks for network intrusion detection, they often decouple representation learning from anomaly detectio...
Design and Development of an Intelligent LLM-Based LDAP Honeypot
Cybersecurity threats continue to increase, with a growing number of previously unknown attacks each year targeting both large corporations and smaller entities. This scenario demands the implementation of advanced security measures, not only to mitigate damage but also to anticipate emerging...
Reproducing a Security Risk Assessment Using Computer Aided Design
Security risk assessment is essential in establishing the trustworthiness and reliability of modern systems. While various security risk assessment approaches exist, prevalent applications are "pen and paper" implementations that -- even if performed digitally using computers -- remain prone to...
Evaluating LLM Generated Detection Rules in Cybersecurity
LLMs are increasingly pervasive in the security environment, with limited measures of their effectiveness, which limits trust and usefulness to security practitioners. Here, we present an open-source evaluation framework and benchmark metrics for evaluating LLM-generated cybersecurity rules. The...
Quantum Keystroke Logging
Superdense coding has long been regarded as a secure quantum communication protocol. It is natural to assume that employing logical quantum states with error-correcting capability would not compromise this security. However, in the context of GKP-based quantum communication, we propose a...
End-To-End Co-Simulation Testbed for Cybersecurity Research and Development in Intelligent Transportation Systems
Intelligent Transportation Systems ITS have been widely deployed across major metropolitan regions worldwide to improve roadway safety, optimize traffic flow, and reduce environmental impacts. These systems integrate advanced sensors, communication networks, and data analytics to enable real-time...
Wazuh 4.13.0
Wazuh is a free and open source security platform that unifies XDR and SIEM capabilities. It protects workloads across on-premises, virtualized, containerized, and cloud-based environments. This is the source code release...
How Far Are We? an Empirical Analysis of Current Vulnerability Localization Approaches
Open-source software vulnerability patch detection is a critical component for maintaining software security and ensuring software supply chain integrity. Traditional manual detection methods face significant scalability challenges when processing large volumes of commit histories, while being...
MalEval Android Malware Evaluation Framework
This repository contains the source code of MalEval, an evaluation framework for Android malware behavior auditing, focusing on explaining and substantiating malicious behaviors. The framework provides expert-verified reports, curated metadata, and model outputs to enable reproducible evaluation ...
LenslessMic: Audio Encryption and Authentication Via Lensless Computational Imaging
With society's increasing reliance on digital data sharing, the protection of sensitive information has become critical. Encryption serves as one of the privacy-preserving methods; however, its realization in the audio domain predominantly relies on signal processing or software methods embedded...
Inference Attacks on Encrypted Online Voting Via Traffic Analysis
Online voting enables individuals to participate in elections remotely, offering greater efficiency and accessibility in both governmental and organizational settings. As this method gains popularity, ensuring the security of online voting systems becomes increasingly vital, as the systems...
Shai-Hulud npm Worm
Shai-Hulud is a self-replicating worm targeting the npm ecosystem. Once it compromises a developer machine or CI/CD runner, it harvests secrets and uses them to republish itself across multiple npm packages within hours. This advisory holds IoCs and further information...
TestSSL 3.2.2
testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in pure bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets...
Automated Cyber Defense with Generalizable Graph-Based Reinforcement Learning Agents
Deep reinforcement learning RL is emerging as a viable strategy for automated cyber defense ACD. The traditional RL approach represents networks as a list of computers in various states of safety or threat. Unfortunately, these models are forced to overfit to specific network topologies, renderin...
A Systematic Survey of Empirical User Studies of Unintentional Information Disclosure in Everyday Digital Interaction
The exchange of personal information in digital environments poses significant risks, including identity theft, privacy breaches, and data misuse. Addressing these challenges requires a deep understanding of user behavior and mental models in diverse contexts. This paper presents a systematic...
ConCap: Practical Network Traffic Generation for Flow-Based Intrusion Detection Systems
Network Intrusion Detection Systems NIDS have been studied in research for almost four decades. Yet, despite thousands of papers claiming scientific advances, a non-negligible number of recent works suggest that the findings of prior literature may be questionable. At the root of such a...
Flying Drones to Locate Cyber-Attackers in LoRaWAN Metropolitan Networks
Today, many critical services and industrial systems rely on wireless networks for interaction with the IoT, hence becoming vulnerable to a broad number of cyber-threats. While detecting this kind of attacks is not difficult with common cyber-security tools, and even trivial for jamming, finding...
Future-Proofing Cloud Security against Quantum Attacks: Risk, Transition, and Mitigation Strategies
Quantum Computing QC introduces a transformative threat to digital security, with the potential to compromise widely deployed classical cryptographic systems. This survey offers a comprehensive and systematic examination of quantumsafe security for Cloud Computing CC, focusing on the...
SecureFixAgent: a Hybrid LLM Agent for Automated Python Static Vulnerability Repair
Modern software development pipelines face growing challenges in securing large codebases with extensive dependencies. Static analysis tools like Bandit are effective at vulnerability detection but suffer from high false positives and lack repair capabilities. Large Language Models LLMs, in...
Security Analysis of Web Applications Based on Gruyere
With the rapid development of Internet technologies, web systems have become essential infrastructures for modern information exchange and business operations. However, alongside their expansion, numerous security vulnerabilities have emerged, making web security a critical research focus within...
TOR Virtual Network Tunneling Tool 0.4.8.18
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow...
Orion: Fuzzing Workflow Automation
Fuzz testing is one of the most effective techniques for finding software vulnerabilities. While modern fuzzers can generate inputs and monitor executions automatically, the overall workflow, from analyzing a codebase, to configuring harnesses, to triaging results, still requires substantial manu...
Hybrid Deep Learning-Federated Learning Powered Intrusion Detection System for IoT/5G Advanced Edge Computing Network
The exponential expansion of IoT and 5G-Advanced applications has enlarged the attack surface for DDoS, malware, and zero-day intrusions. We propose an intrusion detection system that fuses a convolutional neural network CNN, a bidirectional LSTM BiLSTM, and an autoencoder AE bottleneck within a...
Beyond Surface Alignment: Rebuilding LLMs Safety Mechanism Via Probabilistically Ablating Refusal Direction
Jailbreak attacks pose persistent threats to large language models LLMs. Current safety alignment methods have attempted to address these issues, but they experience two significant limitations: insufficient safety alignment depth and unrobust internal defense mechanisms. These limitations make...
Evil Vizier: Vulnerabilities of LLM-Integrated XR Systems
Extended reality XR applications increasingly integrate Large Language Models LLMs to enhance user experience, scene understanding, and even generate executable XR content, and are often called "AI glasses". Despite these potential benefits, the integrated XR-LLM pipeline makes XR applications...
Suricata IDPE 8.0.1
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and...
Synergizing Static Analysis with Large Language Models for Vulnerability Discovery and Beyond
This report examines the synergy between Large Language Models LLMs and Static Application Security Testing SAST to improve vulnerability discovery. Traditional SAST tools, while effective for proactive security, are limited by high false-positive rates and a lack of contextual understanding...
Threat Modeling for Enhancing Security of IoT Audio Classification Devices under a Secure Protocols Framework
The rapid proliferation of IoT nodes equipped with microphones and capable of performing on-device audio classification exposes highly sensitive data while operating under tight resource constraints. To protect against this, we present a defence-in-depth architecture comprising a security protoco...
The Cybersecurity of a Humanoid Robot
The rapid advancement of humanoid robotics presents unprecedented cybersecurity challenges that existing theoretical frameworks fail to adequately address. This report presents a comprehensive security assessment of a production humanoid robot platform, bridging the gap between abstract security...
ATLANTIS: AI-Driven Threat Localization, Analysis, and Triage Intelligence System
We present ATLANTIS, the cyber reasoning system developed by Team Atlanta that won 1st place in the Final Competition of DARPA's AI Cyber Challenge AIxCC at DEF CON 33 August 2025. AIxCC 2023-2025 challenged teams to build autonomous cyber reasoning systems capable of discovering and patching...
LLM Jailbreak Detection for (Almost) Free!
Large language models LLMs enhance security through alignment when widely used, but remain susceptible to jailbreak attacks capable of producing inappropriate content. Jailbreak detection methods show promise in mitigating jailbreak attacks through the assistance of other models or multiple model...
Cybersecurity AI: Humanoid Robots As Attack Vectors
We present a systematic security assessment of the Unitree G1 humanoid showing it operates simultaneously as a covert surveillance node and can be purposed as an active cyber operations platform. Partial reverse engineering of Unitree's proprietary FMX encryption reveal a static Blowfish-ECB laye...
A Survey and Evaluation Framework for Secure DNS Resolution
Since security was not among the original design goals of the Domain Name System herein called Vanilla DNS, many secure DNS schemes have been proposed to enhance the security and privacy of the DNS resolution process. Some proposed schemes aim to replace the existing DNS infrastructure entirely,...