6894 matches found
An Architecture for Privacy-Preserving Telemetry Scheme
Whitepaper called An Architecture For Privacy-Preserving Telemetry Scheme...
Generalized and Unified Equivalences between Hardness and Pseudoentropy
Pseudoentropy characterizations provide a quantitatively precise demonstration of the close relationship between computational hardness and computational randomness. We prove a unified pseudoentropy characterization that generalizes and strengthens previous results for both uniform and non-unifor...
CAVGAN: Unifying Jailbreak and Defense of LLMs Via Generative Adversarial Attacks on Their Internal Representations
Security alignment enables the Large Language Model LLM to gain the protection against malicious queries, but various jailbreak attack methods reveal the vulnerability of this security mechanism. Previous studies have isolated LLM jailbreak attacks and defenses. We analyze the security protection...
TELSAFE: Security Gap Quantitative Risk Assessment Framework
Gaps between established security standards and their practical implementation have the potential to introduce vulnerabilities, possibly exposing them to security risks. To effectively address and mitigate these security and compliance challenges, security risk management strategies are essential...
Enhancing LLM Watermark Resilience against Both Scrubbing and Spoofing Attacks
Watermarking is a promising defense against the misuse of large language models LLMs, yet it remains vulnerable to scrubbing and spoofing attacks. This vulnerability stems from an inherent trade-off governed by watermark window size: smaller windows resist scrubbing better but are easier to...
Post-Processing in Local Differential Privacy: an Extensive Evaluation and Benchmark Platform
Local differential privacy LDP has recently gained prominence as a powerful paradigm for collecting and analyzing sensitive data from users' devices. However, the inherent perturbation added by LDP protocols reduces the utility of the collected data. To mitigate this issue, several post-processin...
Detection of Intelligent Tampering in Wireless Electrocardiogram Signals Using Hybrid Machine Learning
With the proliferation of wireless electrocardiogram ECG systems for health monitoring and authentication, protecting signal integrity against tampering is becoming increasingly important. This paper analyzes the performance of CNN, ResNet, and hybrid Transformer-CNN models for tamper detection. ...
Image Can Bring Your Memory Back: a Novel Multi-Modal Guided Attack against Image Generation Model Unlearning
Whitepaper called Image Can Bring Your Memory Back: A Novel Multi-Modal Guided Attack Against Image Generation Model Unlearning...
CitrixBleed-2 Out-Of-Bounds Read
CVE-2025-5777 is a critical unauthenticated out-of-bounds read in Citrix NetScaler ADC/Gateway Gateway or AAA vServer mode. A single crafted request can dump memory containing session tokens, enabling full authentication bypass—earning the nickname CitrixBleed 2. This is a proof of concept exploi...
Vectorised Hashing Based on Bernstein-Rabin-Winograd Polynomials over Prime Order Fields
We introduce the new AXU hash function decBRWHash, which is parameterised by the positive integer $c$ and is based on Bernstein-Rabin-Winograd BRW polynomials. Choosing $c1$ gives a hash function which can be implemented using $c$-way single instruction multiple data SIMD instructions. We report ...
Subgraph Counting under Edge Local Differential Privacy Based on Noisy Adjacency Matrix
When analyzing connection patterns within graphs, subgraph counting serves as an effective and fundamental approach. Edge-local differential privacy edge-LDP and shuffle model have been employed to achieve subgraph counting under a privacy-preserving situation. Existing algorithms are plagued by...
The Bitter Lesson of Misuse Detection
Prior work on jailbreak detection has established the importance of adversarial robustness for LLMs but has largely focused on the model ability to resist adversarial inputs and to output safe content, rather than the effectiveness of external supervision systems. The only public and independent...
On Jailbreaking Quantized Language Models through Fault Injection Attacks
The safety alignment of Language Models LMs is a critical concern, yet their integrity can be challenged by direct parameter manipulation attacks, such as those potentially induced by fault injection. As LMs are increasingly deployed using low-precision quantization for efficiency, this paper...
QNAP Remote Code Execution
QNAP proof of concept stack overflow remote code execution exploit. This has been addressed in versions QTS 5.1.7.2770 build 20240520, hero h5.1.7.2770 build 20240520 and above...
Hunting in the Dark: Metrics for Early Stage Traffic Discovery
Threat hunting is an operational security process where an expert analyzes traffic, applying knowledge and lightweight tools on unlabeled data in order to identify and classify previously unknown phenomena. In this paper, we examine threat hunting metrics and practice by studying the detection of...
Bullshark on Narwhal: Implementation-Level Workflow Analysis of Round-Based DAG Consensus in Theory and Practice
Round-based DAGs enable high-performance Byzantine fault-tolerant consensus, yet their technical advantages remain underutilized due to their short history. While research on consensus protocols is active in both academia and industry, many studies overlook implementation-level algorithms, leavin...
Cascade: Token-Sharded Private LLM Inference
As LLMs continue to increase in parameter size, the computational resources required to run them are available to fewer parties. Therefore, third-party inference services -- where LLMs are hosted by third parties with significant computational resources -- are becoming increasingly popular...
FIDESlib: a Fully-Fledged Open-Source FHE Library for Efficient CKKS on GPUs
Word-wise Fully Homomorphic Encryption FHE schemes, such as CKKS, are gaining significant traction due to their ability to provide post-quantum-resistant, privacy-preserving approximate computing; an especially desirable feature in Machine-Learning-as-a-Service MLaaS cloud-computing paradigms...
Q-Detection: a Quantum-Classical Hybrid Poisoning Attack Detection Method
Data poisoning attacks pose significant threats to machine learning models by introducing malicious data into the training process, thereby degrading model performance or manipulating predictions. Detecting and sifting out poisoned data is an important method to prevent data poisoning attacks...
LIFT: Automating Symbolic Execution Optimization with Large Language Models for AI Networks
Dynamic Symbolic Execution DSE is a key technique in program analysis, widely used in software testing, vulnerability discovery, and formal verification. In distributed AI systems, DSE plays a crucial role in identifying hard-to-detect bugs, especially those arising from complex network...
Attacker'S Noise Can Manipulate Your Audio-Based LLM in the Real World
This paper investigates the real-world vulnerabilities of audio-based large language models ALLMs, such as Qwen2-Audio. We first demonstrate that an adversary can craft stealthy audio perturbations to manipulate ALLMs into exhibiting specific targeted behaviors, such as eliciting responses to...
The Landscape of Memorization in LLMs: Mechanisms, Measurement, and Mitigation
Large Language Models LLMs have demonstrated remarkable capabilities across a wide range of tasks, yet they also exhibit memorization of their training data. This phenomenon raises critical questions about model behavior, privacy risks, and the boundary between learning and memorization. Addressi...
DATABench: Evaluating Dataset Auditing in Deep Learning from an Adversarial Perspective
The widespread application of Deep Learning across diverse domains hinges critically on the quality and composition of training datasets. However, the common lack of disclosure regarding their usage raises significant privacy and copyright concerns. Dataset auditing techniques, which aim to...
Cyclic Equalizability of Words and Its Application to Card-Based Cryptography
Card-based cryptography is a research area to implement cryptographic procedures using a deck of physical cards. In recent years, it has been found to be related to finite group theory and algebraic combinatorics, and is becoming more and more closely connected to the field of mathematics. In thi...
PROTEAN: Federated Intrusion Detection in Non-IID Environments through Prototype-Based Knowledge Sharing
In distributed networks, participants often face diverse and fast-evolving cyberattacks. This makes techniques based on Federated Learning FL a promising mitigation strategy. By only exchanging model updates, FL participants can collaboratively build detection models without revealing sensitive...
Red Teaming AI Red Teaming
Red teaming has evolved from its origins in military applications to become a widely adopted methodology in cybersecurity and AI. In this paper, we take a critical look at the practice of AI red teaming. We argue that despite its current popularity in AI governance, there exists a significant gap...
How Not to Detect Prompt Injections with an LLM
Whitepaper called How Not To Detect Prompt Injections With An LLM...
Large Language Models for Network Intrusion Detection Systems: Foundations, Implementations, and Future Directions
Large Language Models LLMs have revolutionized various fields with their exceptional capabilities in understanding, processing, and generating human-like text. This paper investigates the potential of LLMs in advancing Network Intrusion Detection Systems NIDS, analyzing current challenges,...
FrameShift: Learning to Resize Fuzzer Inputs without Breaking Them
Coverage-guided fuzzers are powerful automated bug-finding tools. They mutate program inputs, observe coverage, and save any input that hits an unexplored path for future mutation. Unfortunately, without knowledge of input formats--for example, the relationship between formats' data fields and...
Phantom Subgroup Poisoning: Stealth Attacks on Federated Recommender Systems
Federated recommender systems FedRec have emerged as a promising solution for delivering personalized recommendations while safeguarding user privacy. However, recent studies have demonstrated their vulnerability to poisoning attacks. Existing attacks typically target the entire user group, which...
Efficient Unlearning with Privacy Guarantees
Privacy protection laws, such as the GDPR, grant individuals the right to request the forgetting of their personal data not only from databases but also from machine learning ML models trained on them. Machine unlearning has emerged as a practical means to facilitate model forgetting of data...
BackFed: an Efficient and Standardized Benchmark Suite for Backdoor Attacks in Federated Learning
Federated Learning FL systems are vulnerable to backdoor attacks, where adversaries train their local models on poisoned data and submit poisoned model updates to compromise the global model. Despite numerous proposed attacks and defenses, divergent experimental settings, implementation errors, a...
Layered, Overlapping, and Inconsistent: a Large-Scale Analysis of the Multiple Privacy Policies and Controls of U.S. Banks
Whitepaper called Layered, Overlapping, And Inconsistent: A Large-Scale Analysis Of The Multiple Privacy Policies And Controls Of U.S. Banks...
Evaluating the Critical Risks of Amazon'S Nova Premier under the Frontier Model Safety Framework
Nova Premier is Amazon's most capable multimodal foundation model and teacher for model distillation. It processes text, images, and video with a one-million-token context window, enabling analysis of large codebases, 400-page documents, and 90-minute videos in a single prompt. We present the fir...
The Hidden Threat in Plain Text: Attacking RAG Data Loaders
Large Language Models LLMs have transformed human-machine interaction since ChatGPT's 2022 debut, with Retrieval-Augmented Generation RAG emerging as a key framework that enhances LLM outputs by integrating external knowledge. However, RAG's reliance on ingesting external documents introduces new...
Extreme Learning Machine Based System for DDoS Attacks Detections on IoMT Devices
The Internet of Medical Things IoMT represents a paradigm shift in the healthcare sector, enabling the interconnection of medical devices, sensors, and systems to enhance patient monitoring, diagnosis, and management. The rapid evolution of IoMT presents significant benefits to the healthcare...
Adaptive Variation-Resilient Random Number Generator for Embedded Encryption
With a growing interest in securing user data within the internet-of-things IoT, embedded encryption has become of paramount importance, requiring light-weight high-quality Random Number Generators RNGs. Emerging stochastic device technologies produce random numbers from stochastic physical...
CLIP-Guided Backdoor Defense through Entropy-Based Poisoned Dataset Separation
Deep Neural Networks DNNs are susceptible to backdoor attacks, where adversaries poison training data to implant backdoor into the victim model. Current backdoor defenses on poisoned data often suffer from high computational costs or low effectiveness against advanced attacks like clean-label and...
Disappearing Ink: Obfuscation Breaks N-Gram Code Watermarks in Theory and Practice
Distinguishing AI-generated code from human-written code is becoming crucial for tasks such as authorship attribution, content tracking, and misuse detection. Based on this, N-gram-based watermarking schemes have emerged as prominent, which inject secret watermarks to be detected during the...
Enabling Security on the Edge: a CHERI Compartmentalized Network Stack
The widespread deployment of embedded systems in critical infrastructures, interconnected edge devices like autonomous drones, and smart industrial systems requires robust security measures. Compromised systems increase the risks of operational failures, data breaches, and -- in safety-critical...
Hybrid Approach to Directed Fuzzing
Program analysis and automated testing have recently become an essential part of SSDLC. Directed greybox fuzzing is one of the most popular automated testing methods that focuses on error detection in predefined code regions. However, it still lacks ability to overcome difficult program...
A Systematization of Security Vulnerabilities in Computer Use Agents
Computer Use Agents CUAs, autonomous systems that interact with software interfaces via browsers or virtual machines, are rapidly being deployed in consumer and enterprise environments. These agents introduce novel attack surfaces and trust boundaries that are not captured by traditional threat...
Beyond Training-Time Poisoning: Component-Level and Post-Training Backdoors in Deep Reinforcement Learning
Deep Reinforcement Learning DRL systems are increasingly used in safety-critical applications, yet their security remains severely underexplored. This work investigates backdoor attacks, which implant hidden triggers that cause malicious actions only when specific inputs appear in the observation...
IThermTroj: Exploiting Intermittent Thermal Trojans in Multi-Processor System-On-Chips
Thermal Trojan attacks present a pressing concern for the security and reliability of System-on-Chips SoCs, especially in mobile applications. The situation becomes more complicated when such attacks are more evasive and operate sporadically to stay hidden from detection mechanisms. In this paper...
AIDE 0.19.1
AIDE Advanced Intrusion Detection Environment is a free replacement for Tripwiretm. It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms ...
README: Robust Error-Aware Digital Signature Framework Via Deep Watermarking Model
Deep learning-based watermarking has emerged as a promising solution for robust image authentication and protection. However, existing models are limited by low embedding capacity and vulnerability to bit-level errors, making them unsuitable for cryptographic applications such as digital...
Nuclei 3.4.7
Nuclei is a modern, high-performance vulnerability scanner that leverages simple YAML-based templates. It empowers you to design custom vulnerability detection scenarios that mimic real-world conditions, leading to zero false positives...
Model Inversion Attacks on Llama 3: Extracting PII from Large Language Models
Large language models LLMs have transformed natural language processing, but their ability to memorize training data poses significant privacy risks. This paper investigates model inversion attacks on the Llama 3.2 model, a multilingual LLM developed by Meta. By querying the model with carefully...
Emergent Misalignment As Prompt Sensitivity: a Research Note
Betley et al. 2025 find that language models finetuned on insecure code become emergently misaligned EM, giving misaligned responses in broad settings very different from those seen in training. However, it remains unclear as to why emergent misalignment occurs. We evaluate insecure models across...
Attention Slipping: a Mechanistic Understanding of Jailbreak Attacks and Defenses in LLMs
As large language models LLMs become more integral to society and technology, ensuring their safety becomes essential. Jailbreak attacks exploit vulnerabilities to bypass safety guardrails, posing a significant threat. However, the mechanisms enabling these attacks are not well understood. In thi...