6850 matches found
The Passwordless Authentication with Passkey Technology from an Implementation Perspective
With the rise of sophisticated authentication bypass techniques, passwords are no longer considered a reliable method for securing authentication systems. In recent years, new authentication technologies have shifted from traditional password-based logins to passwordless security. Among these,...
Pushing the Limits of Frequency Analysis in Leakage Abuse Attacks
Searchable encryption SE is the most scalable cryptographic primitive for searching on encrypted data. Typical SE constructions often allow access-pattern leakage, revealing which encrypted records are retrieved in the server's responses. All the known generic cryptanalyses assume either that the...
Activate Me!: Designing Efficient Activation Functions for Privacy-Preserving Machine Learning with Fully Homomorphic Encryption
The growing adoption of machine learning in sensitive areas such as healthcare and defense introduces significant privacy and security challenges. These domains demand robust data protection, as models depend on large volumes of sensitive information for both training and inference. Fully...
Machine Learning-Based AES Key Recovery Via Side-Channel Analysis on the ASCAD Dataset
Cryptographic algorithms like AES and RSA are widely used and they are mathematically robust and almost unbreakable but its implementation on physical devices often leak information through side channels, such as electromagnetic EM emissions, potentially compromising said theoretically secure...
AegisBlock: a Privacy-Preserving Medical Research Framework Using Blockchain
Due to HIPAA and other privacy regulations, it is imperative to maintain patient privacy while conducting research on patient health records. In this paper, we propose AegisBlock, a patient-centric access controlled framework to share medical records with researchers such that the anonymity of th...
Securing Sideways: Thwarting Lateral Movement by Implementing Active Directory Tiering
The advancement of computing equipment and the advances in services over the Internet has allowed corporations, higher education, and many other organizations to pursue the shared computing network environment. A requirement for shared computing environments is a centralized identity system to...
CryptoScope: Utilizing Large Language Models for Automated Cryptographic Logic Vulnerability Detection
Cryptographic algorithms are fundamental to modern security, yet their implementations frequently harbor subtle logic flaws that are hard to detect. We introduce CryptoScope, a novel framework for automated cryptographic vulnerability detection powered by Large Language Models LLMs. CryptoScope...
Online Tour and Travel Management System 1.0 SQL Injection
Online Tour and Travel Management System version 1.0 suffers from a remote SQL injection vulnerability in the /admin/operations/travellers.php endpoint...
RMSL: Weakly-Supervised Insider Threat Detection with Robust Multi-Sphere Learning
Insider threat detection aims to identify malicious user behavior by analyzing logs that record user interactions. Due to the lack of fine-grained behavior-level annotations, detecting specific behavior-level anomalies within user behavior sequences is challenging. Unsupervised methods face high...
Salty Seagull: a VSAT Honeynet to Follow the Bread Crumb of Attacks in Ship Networks
Cyber threats against the maritime industry have increased notably in recent years, highlighting the need for innovative cybersecurity approaches. Ships, as critical assets, possess highly specialized and interconnected network infrastructures, where their legacy systems and operational constrain...
Defending a City from Multi-Drone Attacks: a Sequential Stackelberg Security Games Approach
To counter an imminent multi-drone attack on a city, defenders have deployed drones across the city. These drones must intercept/eliminate the threat, thus reducing potential damage from the attack. We model this as a Sequential Stackelberg Security Game, where the defender first commits to a mix...
Routing and Wavelength Assignment with Minimal Attack Radius for QKD Networks
Quantum Key Distribution QKD can distribute keys with guaranteed security but remains susceptible to key exchange interruption due to physical-layer threats, such as high-power jamming attacks. To address this challenge, we first introduce a novel metric, namely Maximum Number of Affected Request...
Advancing Autonomous Incident Response: Leveraging LLMs and Cyber Threat Intelligence
Effective incident response IR is critical for mitigating cyber threats, yet security teams are overwhelmed by alert fatigue, high false-positive rates, and the vast volume of unstructured Cyber Threat Intelligence CTI documents. While CTI holds immense potential for enriching security operations...
MirGuard: Towards a Robust Provenance-Based Intrusion Detection System against Graph Manipulation Attacks
Learning-based Provenance-based Intrusion Detection Systems PIDSes have become essential tools for anomaly detection in host systems due to their ability to capture rich contextual and structural information, as well as their potential to detect unknown attacks. However, recent studies have shown...
REFN: a Reinforcement-Learning-From-Network Framework against 1-Day/N-Day Exploitations
The exploitation of 1 day or n day vulnerabilities poses severe threats to networked devices due to massive deployment scales and delayed patching average Mean Time To Patch exceeds 60 days. Existing defenses, including host based patching and network based filtering, are inadequate due to limite...
Jailbreaking Commercial Black-Box LLMs with Explicitly Harmful Prompts
Evaluating jailbreak attacks is challenging when prompts are not overtly harmful or fail to induce harmful outputs. Unfortunately, many existing red-teaming datasets contain such unsuitable prompts. To evaluate attacks accurately, these datasets need to be assessed and cleaned for maliciousness...
A Novel Study on Intelligent Methods and Explainable AI for Dynamic Malware Analysis
Deep learning models are one of the security strategies, trained on extensive datasets, and play a critical role in detecting and responding to these threats by recognizing complex patterns in malicious code. However, the opaque nature of these models-often described as "black boxes"-makes their...
Data and Context Matter: Towards Generalizing AI-Based Software Vulnerability Detection
The performance of AI-based software vulnerability detection systems is often limited by their poor generalization to unknown codebases. In this research, we explore the impact of data quality and model architecture on the generalizability of vulnerability detection systems. By generalization we...
Can Multi-Modal (Reasoning) LLMs Detect Document Manipulation?
Document fraud poses a significant threat to industries reliant on secure and verifiable documentation, necessitating robust detection mechanisms. This study investigates the efficacy of state-of-the-art multi-modal large language models LLMs-including OpenAI O1, OpenAI 4o, Gemini Flash thinking,...
Yet Another Mirage of Breaking MIRAGE: Debunking Occupancy-Based Side-Channel Attacks on Fully Associative Randomized Caches
Recent work presented at USENIX Security 2025 claims that occupancy-based attacks can recover AES keys from the MIRAGE randomized cache. In this paper, we examine these claims and find that they arise from fundamental modeling flaws. Most critically, the authors' simulation of MIRAGE uses a...
A Hierarchical IDS for Zero-Day Attack Detection in Internet of Medical Things Networks
The Internet of Medical Things IoMT is driving a healthcare revolution but remains vulnerable to cyberattacks such as denial of service, ransomware, data hijacking, and spoofing. These networks comprise resource constrained, heterogeneous devices e.g., wearable sensors, smart pills, implantables,...
Enhancing GraphQL Security by Detecting Malicious Queries Using Large Language Models, Sentence Transformers, and Convolutional Neural Networks
GraphQL's flexibility, while beneficial for efficient data fetching, introduces unique security vulnerabilities that traditional API security mechanisms often fail to address. Malicious GraphQL queries can exploit the language's dynamic nature, leading to denial-of-service attacks, data...
HEIR: a Universal Compiler for Homomorphic Encryption
This work presents Homomorphic Encryption Intermediate Representation HEIR, a unified approach to building homomorphic encryption HE compilers. HEIR aims to support all mainstream techniques in homomorphic encryption, integrate with all major software libraries and hardware accelerators, and...
A Transformer-Based Approach for DDoS Attack Detection in IoT Networks
DDoS attacks have become a major threat to the security of IoT devices and can cause severe damage to the network infrastructure. IoT devices suffer from the inherent problem of resource constraints and are therefore susceptible to such resource-exhausting attacks. Traditional methods for detecti...
Searching for Privacy Risks in LLM Agents Via Simulation
The widespread deployment of LLM-based agents is likely to introduce a critical privacy threat: malicious agents that proactively engage others in multi-turn interactions to extract sensitive information. These dynamic dialogues enable adaptive attack strategies that can cause severe privacy...
BERTector: Intrusion Detection Based on Joint-Dataset Learning
Intrusion detection systems IDS are facing challenges in generalization and robustness due to the heterogeneity of network traffic and the diversity of attack patterns. To address this issue, we propose a new joint-dataset training paradigm for IDS and propose a scalable BERTector framework based...
Code Vulnerability Detection across Different Programming Languages with AI Models
Security vulnerabilities present in a code that has been written in diverse programming languages are among the most critical yet complicated aspects of source code to detect. Static analysis tools based on rule-based patterns usually do not work well at detecting the context-dependent bugs and...
Multichannel Hybrid Quantum Cryptography for Submarine Optical Communications
We present a multichannel hybrid quantum cryptography approach intended for submarine quantum optical communications between Alice and Bob separated a distance beyond the current QKD possibilities, each located on a coastline. It is based on the difficult of a simultaneous access to $M$ optical...
Extending the OWASP Multi-Agentic System Threat Modeling Guide: Insights from Multi-Agent Security Research
We propose an extension to the OWASP Multi-Agentic System MAS Threat Modeling Guide, translating recent anticipatory research in multi-agent security MASEC into practical guidance for addressing challenges unique to large language model LLM-driven multi-agent architectures. Although OWASP's...
Explainable Ensemble Learning for Graph-Based Malware Detection
Malware detection in modern computing environments demands models that are not only accurate but also interpretable and robust to evasive techniques. Graph neural networks GNNs have shown promise in this domain by modeling rich structural dependencies in graph-based program representations such a...
CISA: FY 2025 State and Local Cybersecurity Grant Program FAQs
Congress established the State and Local Cybersecurity Grant Program SLCGP to "award grants to eligible entities to address cybersecurity risks and cybersecurity threats to information systems owned or operated by, or on behalf of, state, local, or Tribal governments." Within the U.S. Department ...
Heracles: Chosen Plaintext Attack on AMD SEV-SNP
A whitepaper discussing an attack on AMD SEV-SNP called Heracles that was able to leak kernel memory, crypto keys, and user passwords, as well as demonstrate web session hijacking...
CISA: Foundations for OT Cybersecurity: Asset Inventory Guidance for Owners and Operators
This guidance outlines a process for OT owners and operators to create an asset inventory and OT taxonomy. This process includes defining scope and objectives for the inventory, identifying assets, collecting attributes, creating a taxonomy, managing data, and implementing asset life cycle...
MetaGuardian: Enhancing Voice Assistant Security through Advanced Acoustic Metamaterials
We present MetaGuardian, a voice assistant VA protection system based on acoustic metamaterials. MetaGuardian can be directly integrated into the enclosures of various smart devices, effectively defending against inaudible, adversarial and laser attacks without relying on additional software...
Perfect Message Authentication Codes Are Robust to Small Deviations from Uniform Key Distributions
We investigate the impact of possible deviations of the probability distribution of key values from a uniform distribution for the information-theoretic strong, or perfect, message authentication code. We found a simple expression for the decrease in security as a function of the statistical...
SECRET MESSENGERS
Whitepaper called SECRET MESSENGERS: Disseminating SIGINT in the Second World War: The Story of the British SLUs and American SSOs. This is a joint NSA and GCHQ release...
Causal Graph Profiling Via Structural Divergence for Robust Anomaly Detection in Cyber-Physical Systems
With the growing complexity of cyberattacks targeting critical infrastructures such as water treatment networks, there is a pressing need for robust anomaly detection strategies that account for both system vulnerabilities and evolving attack patterns. Traditional methods -- statistical,...
Incorporating Taxonomies of Cyber Incidents into Detection Networks for Improved Detection Performance
Many taxonomies exist to organize cybercrime incidents into ontological categories. We examine some of the taxonomies introduced in the literature; providing a framework, and analysis, of how best to leverage different taxonomy structures to optimize performance of detections targeting various...
Social-Sensor Identity Cloning Detection Using Weakly Supervised Deep Forest and Cryptographic Authentication
Recent years have witnessed a rising trend in social-sensor cloud identity cloning incidents. However, existing approaches suffer from unsatisfactory performance, a lack of solutions for detecting duplicated accounts, and a lack of large-scale evaluations on real-world datasets. We introduce a...
Amazon Nova AI Challenge -- Trusted AI: Advancing Secure, AI-Assisted Software Development
AI systems for software development are rapidly gaining prominence, yet significant challenges remain in ensuring their safety. To address this, Amazon launched the Trusted AI track of the Amazon Nova AI Challenge, a global competition among 10 university teams to drive advances in secure AI. In...
Demystifying the Role of Rule-Based Detection in AI Systems for Windows Malware Detection
Malware detection increasingly relies on AI systems that integrate signature-based detection with machine learning. However, these components are typically developed and combined in isolation, missing opportunities to reduce data complexity and strengthen defenses against adversarial EXEmples,...
Generalized Kennedy Receivers Enhanced CV-QKD in Turbulent Channels for Endogenous Security of Space-Air-Ground Integrated Network
Endogenous security in next-generation wireless communication systems attracts increasing attentions in recent years. A typical solution to endogenous security problems is the quantum key distribution QKD, where unconditional security can be achieved thanks to the inherent properties of quantum...
Shadow in the Cache: Unveiling and Mitigating Privacy Risks of KV-Cache in LLM Inference
The Key-Value KV cache, which stores intermediate attention computations Key and Value pairs to avoid redundant calculations, is a fundamental mechanism for accelerating Large Language Model LLM inference. However, this efficiency optimization introduces significant yet underexplored privacy risk...
Can AI Keep a Secret? Contextual Integrity Verification: a Provable Security Architecture for LLMs
Large language models LLMs remain acutely vulnerable to prompt injection and related jailbreak attacks; heuristic guardrails rules, filters, LLM judges are routinely bypassed. We present Contextual Integrity Verification CIV, an inference-time security architecture that attaches cryptographically...
Load-Altering Attacks against Power Grids: a Case Study Using the GB-36 Bus System Open Dataset
The growing digitalization and the rapid adoption of high-powered Internet-of-Things IoT-enabled devices e.g., EV charging stations have increased the vulnerability of power grids to cyber threats. In particular, the so-called Load Altering Attacks LAAs can trigger rapid frequency fluctuations an...
Deep Learning Models for Robust Facial Liveness Detection
In the rapidly evolving landscape of digital security, biometric authentication systems, particularly facial recognition, have emerged as integral components of various security protocols. However, the reliability of these systems is compromised by sophisticated spoofing attacks, where imposters...
Attacks and Defenses against LLM Fingerprinting
As large language models are increasingly deployed in sensitive environments, fingerprinting attacks pose significant privacy and security risks. We present a study of LLM fingerprinting from both offensive and defensive perspectives. Our attack methodology uses reinforcement learning to...
Exploring Cross-Stage Adversarial Transferability in Class-Incremental Continual Learning
Class-incremental continual learning addresses catastrophic forgetting by enabling classification models to preserve knowledge of previously learned classes while acquiring new ones. However, the vulnerability of the models against adversarial attacks during this process has not been investigated...
Developing a Transferable Federated Network Intrusion Detection System
Intrusion Detection Systems IDS are a vital part of a network-connected device. In this paper, we develop a deep learning based intrusion detection system that is deployed in a distributed setup across devices connected to a network. Our aim is to better equip deep learning models against unknown...
Evasive Ransomware Attacks Using Low-Level Behavioral Adversarial Examples
Protecting state-of-the-art AI-based cybersecurity defense systems from cyber attacks is crucial. Attackers create adversarial examples by adding small changes i.e., perturbations to the attack features to evade or fool the deep learning model. This paper introduces the concept of low-level...