6850 matches found
Prompt Optimization and Evaluation for LLM Automated Red Teaming
Applications that use Large Language Models LLMs are becoming widespread, making the identification of system vulnerabilities increasingly important. Automated Red Teaming accelerates this effort by using an LLM to generate and execute attacks against target systems. Attack generators are evaluat...
Programmable Data Planes for Network Security
The emergence of programmable data planes, and particularly switches supporting the P4 language, has transformed network security by enabling customized, line-rate packet processing. These switches, originally intended for flexible forwarding, now play a broader role: detecting and mitigating...
Lynis Auditing Tool 3.1.5
Lynis is an auditing tool for Unix specialists. It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated...
Program Analysis for High-Value Smart Contract Vulnerabilities: Techniques
A widespread belief in the blockchain security community is that automated techniques are only good for detecting shallow bugs, typically of small value. In this paper, we present the techniques and insights that have led us to repeatable success in automatically discovering high-value smart...
Privacy-Preserving Anonymization of System and Network Event Logs Using Salt-Based Hashing and Temporal Noise
System and network event logs are essential for security analytics, threat detection, and operational monitoring. However, these logs often contain Personally Identifiable Information PII, raising significant privacy concerns when shared or analyzed. A key challenge in log anonymization is...
Invisible Injections: Exploiting Vision-Language Models through Steganographic Prompt Embedding
Vision-language models VLMs have revolutionized multimodal AI applications but introduce novel security vulnerabilities that remain largely unexplored. We present the first comprehensive study of steganographic prompt injection attacks against VLMs, where malicious instructions are invisibly...
Understanding Concept Drift with Deprecated Permissions in Android Malware Detection
Permission analysis is a widely used method for Android malware detection. It involves examining the permissions requested by an application to access sensitive data or perform potentially malicious actions. In recent years, various machine learning ML algorithms have been applied to Android...
SleepWalk: Exploiting Context Switching and Residual Power for Physical Side-Channel Attacks
Context switching is utilized by operating systems to change the execution context between application programs. It involves saving and restoring the states of multiple registers and performing a pipeline flush to remove any pre-fetched instructions, leading to a higher instantaneous power...
GUARD-CAN: Graph-Understanding and Recurrent Architecture for CAN Anomaly Detection
Modern in-vehicle networks face various cyber threats due to the lack of encryption and authentication in the Controller Area Network CAN. To address this security issue, this paper presents GUARD-CAN, an anomaly detection framework that combines graph-based representation learning with time-seri...
Out of Distribution, out of Luck: How Well Can LLMs Trained on Vulnerability Datasets Detect Top 25 CWE Weaknesses?
Automated vulnerability detection research has made substantial progress, yet its real-world impact remains limited. Current vulnerability datasets suffer from issues including label inaccuracy rates of 20-71%, extensive duplication, and poor coverage of critical CWE types. These issues create a...
Can We End the Cat-And-Mouse Game? Simulating Self-Evolving Phishing Attacks with LLMs and Genetic Algorithms
Anticipating emerging attack methodologies is crucial for proactive cybersecurity. Recent advances in Large Language Models LLMs have enabled the automated generation of phishing messages and accelerated research into potential attack techniques. However, predicting future threats remains...
Optimal Planning for Enhancing the Resilience of Modern Distribution Systems against Cyberattacks
The increasing integration of IoT-connected devices in smart grids has introduced new vulnerabilities at the distribution level. Of particular concern is the potential for cyberattacks that exploit high-wattage IoT devices, such as EV chargers, to manipulate local demand and destabilize the grid...
Large Language Model-Based Framework for Explainable Cyberattack Detection in Automatic Generation Control Systems
The increasing digitization of smart grids has improved operational efficiency but also introduced new cybersecurity vulnerabilities, such as False Data Injection Attacks FDIAs targeting Automatic Generation Control AGC systems. While machine learning ML and deep learning DL models have shown...
Hierarchical Graph Neural Network for Compressed Speech Steganalysis
Steganalysis methods based on deep learning DL often struggle with computational complexity and challenges in generalizing across different datasets. Incorporating a graph neural network GNN into steganalysis schemes enables the leveraging of relational data for improved detection accuracy and...
Benchmarking Fraud Detectors on Private Graph Data
We introduce the novel problem of benchmarking fraud detectors on private graph-structured data. Currently, many types of fraud are managed in part by automated detection algorithms that operate over graphs. We consider the scenario where a data holder wishes to outsource development of fraud...
ZIUM: Zero-Shot Intent-Aware Adversarial Attack on Unlearned Models
Machine unlearning MU removes specific data points or concepts from deep learning models to enhance privacy and prevent sensitive content generation. Adversarial prompts can exploit unlearned models to generate content containing removed concepts, posing a significant security risk. However,...
PRISM: Programmatic Reasoning with Image Sequence Manipulation for LVLM Jailbreaking
The increasing sophistication of large vision-language models LVLMs has been accompanied by advances in safety alignment mechanisms designed to prevent harmful content generation. However, these defenses remain vulnerable to sophisticated adversarial attacks. Existing jailbreak methods typically...
Secure Coding for Web Applications: Frameworks, Challenges, and the Role of LLMs
Secure coding is a critical yet often overlooked practice in software development. Despite extensive awareness efforts, real-world adoption remains inconsistent due to organizational, educational, and technical barriers. This paper provides a comprehensive review of secure coding practices across...
Secure Tug-Of-War (SecTOW): Iterative Defense-Attack Training with Reinforcement Learning for Multimodal Model Security
The rapid advancement of multimodal large language models MLLMs has led to breakthroughs in various applications, yet their security remains a critical challenge. One pressing issue involves unsafe image-query pairs--jailbreak inputs specifically designed to bypass security constraints and elicit...
Strategic Deflection: Defending LLMs from Logit Manipulation
With the growing adoption of Large Language Models LLMs in critical areas, ensuring their security against jailbreaking attacks is paramount. While traditional defenses primarily rely on refusing malicious prompts, recent logit-level attacks have demonstrated the ability to bypass these safeguard...
Whisper Smarter, Not Harder: Adversarial Attack on Partial Suppression
Currently, Automatic Speech Recognition ASR models are deployed in an extensive range of applications. However, recent studies have demonstrated the possibility of adversarial attack on these models which could potentially suppress or disrupt model output. We investigate and verify the robustness...
Collusion Resistant DNS with Private Information Retrieval
There has been a growing interest in Internet user privacy, demonstrated by the popularity of privacy-preserving products such as Telegram and Brave, and the widespread adoption of HTTPS. The Domain Name System DNS is a key component of Internet-based communication and its privacy has been...
Security Challenges in AI Agent Deployment: Insights from a Large Scale Public Competition
Recent advances have enabled LLM-powered AI agents to autonomously execute complex tasks by combining language model reasoning with tools, memory, and web access. But can these systems be trusted to follow deployment policies in realistic environments, especially under attack? To investigate, we...
Security Loophole in Error Verification in Quantum Key Distribution
The security of quantum key distribution QKD is evaluated based on the secrecy of Alice's key and the correctness of the keys held by Alice and Bob. A practical method for ensuring correctness is known as error verification, in which Alice and Bob reveal a portion of their reconciled keys and che...
Next-Generation Quantum Neural Networks: Enhancing Efficiency, Security, and Privacy
This paper provides an integrated perspective on addressing key challenges in developing reliable and secure Quantum Neural Networks QNNs in the Noisy Intermediate-Scale Quantum NISQ era. In this paper, we present an integrated framework that leverages and combines existing approaches to enhance...
Testbed and Software Architecture for Enhancing Security in Industrial Private 5G Networks
In the era of Industry 4.0, the growing need for secure and efficient communication systems has driven the development of fifth-generation 5G networks characterized by extremely low latency, massive device connectivity and high data transfer speeds. However, the deployment of 5G networks presents...
An Open-Source Implementation and Security Analysis of Triad'S TEE Trusted Time Protocol
The logic of many protocols relies on time measurements. However, in Trusted Execution Environments TEEs like Intel SGX, the time source is outside the Trusted Computing Base: a malicious system hosting the TEE can manipulate that TEE's notion of time, e.g., jumping in time or affecting the...
CVEMAP 1.0.0
CVEMAP is a command-line interface CLI tool designed to provide a structured and easily navigable interface to various vulnerability databases...
NCCR: to Evaluate the Robustness of Neural Networks and Adversarial Examples
Neural networks have received a lot of attention recently, and related security issues have come with it. Many studies have shown that neural networks are vulnerable to adversarial examples that have been artificially perturbed with modification, which is too small to be distinguishable by human...
Enhancing Jailbreak Attacks on LLMs Via Persona Prompts
Jailbreak attacks aim to exploit large language models LLMs by inducing them to generate harmful content, thereby revealing their vulnerabilities. Understanding and addressing these attacks is crucial for advancing the field of LLM safety. Previous jailbreak approaches have mainly focused on dire...
Hot-Swap MarkBoard: an Efficient Black-Box Watermarking Approach for Large-Scale Model Distribution
Recently, Deep Learning DL models have been increasingly deployed on end-user devices as On-Device AI, offering improved efficiency and privacy. However, this deployment trend poses more serious Intellectual Property IP risks, as models are distributed on numerous local devices, making them...
Radio Adversarial Attacks on EMG-Based Gesture Recognition Networks
Surface electromyography EMG enables non-invasive human-computer interaction in rehabilitation, prosthetics, and virtual reality. While deep learning models achieve over 97% classification accuracy, their vulnerability to adversarial attacks remains largely unexplored in the physical domain. We...
Program Analysis for High-Value Smart Contract Vulnerabilities: Techniques and Insights
A widespread belief in the blockchain security community is that automated techniques are only good for detecting shallow bugs, typically of small value. In this paper, we present the techniques and insights that have led us to repeatable success in automatically discovering high-value smart...
Development and Analysis of a Secured VoIP System for Surveillance Activities
Since the 1990s, the telephone has been the primary mode of communication. However, Voice over Internet Protocol VoIP, which is a highly straightforward and affordable form of data transfer, is now becoming an important part of daily communication. VoIP is the technology that makes it possible to...
Active Attack Resilience in 5G: a New Take on Authentication and Key Agreement
As 5G networks expand into critical infrastructure, secure and efficient user authentication is more important than ever. The 5G-AKA protocol, standardized by 3GPP in TS 33.501, is central to authentication in current 5G deployments. It provides mutual authentication, user privacy, and key secrec...
MikroTik RouterOS 6.44 / 6.49.10 Denial of Service
MikroTik RouterOS versions 6.40.5 through 6.44 and 6.48.1 through 6.49.10 SMB denial of service exploit...
Repairing Vulnerabilities without Invisible Hands. a Differentiated Replication Study on LLMs
Background: Automated Vulnerability Repair AVR is a fast-growing branch of program repair. Recent studies show that large language models LLMs outperform traditional techniques, extending their success beyond code generation and fault detection. Hypothesis: These gains may be driven by hidden...
Enhanced Deep Learning DeepFake Detection Integrating Handcrafted Features
The rapid advancement of deepfake and face swap technologies has raised significant concerns in digital security, particularly in identity verification and onboarding processes. Conventional detection methods often struggle to generalize against sophisticated facial manipulations. This study...
A Novel Post-Quantum Secure Digital Signature Scheme Based on Neural Network
Digital signatures are fundamental cryptographic primitives that ensure the authenticity and integrity of digital documents. In the post-quantum era, classical public key-based signature schemes become vulnerable to brute-force and key-recovery attacks due to the computational power of quantum...
Cascading and Proxy Membership Inference Attacks
A Membership Inference Attack MIA assesses how much a trained machine learning model reveals about its training data by determining whether specific query instances were included in the dataset. We classify existing MIAs into adaptive or non-adaptive, depending on whether the adversary is allowed...
On Post-Quantum Cryptography Authentication for Quantum Key Distribution
The traditional way for a Quantum Key Distribution QKD user to join a quantum network is by authenticating themselves using pre-shared key material. While this approach is sufficient for small-scale networks, it becomes impractical as the network grows, due to the total quadratic increase in the...
Characterizing the Sensitivity to Individual Bit Flips in Client-Side Operations of the CKKS Scheme
Homomorphic Encryption HE enables computation on encrypted data without decryption, making it a cornerstone of privacy-preserving computation in untrusted environments. As HE sees growing adoption in sensitive applications such as secure machine learning and confidential data analysis ensuring it...
URLCrazy Domain Name Typo Tool 0.8.2
URLCrazy is a tool that can generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage. It generates 15 types of domain variants, knows over 8000 common misspellings, supports multiple keyboard layouts, can check if a typo ...
Two Views, One Truth: Spectral and Self-Supervised Features Fusion for Robust Speech Deepfake Detection
Recent advances in synthetic speech have made audio deepfakes increasingly realistic, posing significant security risks. Existing detection methods that rely on a single modality, either raw waveform embeddings or spectral based features, are vulnerable to non spoof disturbances and often overfit...
Is Crunching Public Data the Right Approach to Detect BGP Hijacks?
The Border Gateway Protocol BGP remains a fragile pillar of Internet routing. BGP hijacks still occurr daily. While full deployment of Route Origin Validation ROV is ongoing, attackers have already adapted, launching post-ROV attacks such as forged-origin hijacks. To detect these, recent approach...
EdgeAgentX-DT: Integrating Digital Twins and Generative AI for Resilient Edge Intelligence in Tactical Networks
We introduce EdgeAgentX-DT, an advanced extension of the EdgeAgentX framework that integrates digital twin simulations and generative AI-driven scenario training to significantly enhance edge intelligence in military networks. EdgeAgentX-DT utilizes network digital twins, virtual replicas...
Sparse Regression Codes for Secret Key Agreement: Achieving Strong Secrecy and Near-Optimal Rates for Gaussian Sources
Secret key agreement from correlated physical layer observations is a cornerstone of information-theoretic security. This paper proposes and rigorously analyzes a complete, constructive protocol for secret key agreement from Gaussian sources using Sparse Regression Codes SPARCs. Our protocol...
Measuring and Explaining the Effects of Android App Transformations in Online Malware Detection
It is well known that antivirus engines are vulnerable to evasion techniques e.g., obfuscation that transform malware into its variants. However, it cannot be necessarily attributed to the effectiveness of these evasions, and the limits of engines may also make this unsatisfactory result. In this...
Interpretable Anomaly-Based DDoS Detection in AI-RAN with XAI and LLMs
Next generation Radio Access Networks RANs introduce programmability, intelligence, and near real-time control through intelligent controllers, enabling enhanced security within the RAN and across broader 5G/6G infrastructures. This paper presents a comprehensive survey highlighting opportunities...
WBHT: a Generative Attention Architecture for Detecting Black Hole Anomalies in Backbone Networks
We propose the Wasserstein Black Hole Transformer WBHT framework for detecting black hole BH anomalies in communication networks. These anomalies cause packet loss without failure notifications, disrupting connectivity and leading to financial losses. WBHT combines generative modeling, sequential...