313 papers
This paper introduces CyberSleuth, an autonomous multi-agent LLM system that automates web attack forensics by analyzing network traces to identify compromised services and map exploits to specific CVEs, achieving 80% accuracy and demonstrating that simple orchestration with specialized agents outperforms complex hierarchical designs in generating expert-validated forensic reports.
This paper introduces a security perspective on human oversight of AI by modeling it as an IT application to systematically identify new attack surfaces and propose mitigation strategies, thereby addressing a critical gap in current regulatory and academic discussions.
This paper presents efficient classical algorithms for the and Constrained Integer Solution problems previously solved by an efficient quantum algorithm, thereby demonstrating that no exponential quantum speedup exists for these tasks.
This paper demonstrates that existing alignment-based defenses against control-flow hijacking in multi-agent systems are vulnerable to evasion due to inherent safety-functionality conflicts and limited context visibility, and proposes ControlValve, a new defense mechanism that enforces control-flow integrity and least privilege through permitted control-flow graphs and contextual rules.
This paper introduces GhostEI-Bench, the first benchmark for evaluating the resilience of mobile Vision-Language Model agents against environmental injection attacks in dynamic on-device environments, revealing their critical vulnerability to adversarial UI elements that bypass textual safeguards and compromise device security.
The paper introduces DeiTFake, a DeiT-based deepfake detection model that utilizes a novel two-stage progressive training strategy with increasing augmentation complexity to achieve state-of-the-art accuracy and robustness on the OpenForensics dataset.
The paper presents BRIDG-ICS, an AI-driven Knowledge Graph framework that integrates heterogeneous industrial and cybersecurity data using Large Language Models to enable context-aware threat analysis, multi-stage attack path simulation, and quantitative resilience assessment for Industry 5.0 cyber-physical systems.
This paper introduces "Zombie Agents," a persistent black-box attack on self-evolving LLM agents that covertly implants payloads into long-term memory during benign sessions to survive across interactions and trigger unauthorized actions in future sessions, demonstrating that current per-session defenses are insufficient against such memory-based compromises.
This paper presents Star DKG (SDKG), a UC-secure distributed key generation protocol for non-exportable key shares in hardware-enforced environments that achieves transcript-driven affine consistency and 1+1-out-of- threshold access without relying on Verifiable Secret Sharing or share exportation.
This paper introduces Lap2, a novel framework that enables L2-norm clipping for Laplace DP-SGD in high-dimensional models by leveraging majorization theory and Schur-convexity to overcome dimensionality barriers, thereby achieving privacy-utility performance comparable to or exceeding Gaussian DP-SGD.
The paper introduces Jailbreak Foundry (JBF), a multi-agent system that automatically translates jailbreak research papers into executable modules within a unified harness, enabling rapid, reproducible, and standardized benchmarking of large language model security against rapidly evolving attack techniques.
This paper presents the first systematic audit revealing that widely used "shadow APIs," which claim to provide access to restricted frontier LLMs, frequently employ deceptive practices such as model substitution and safety manipulation, thereby compromising the reliability, reproducibility, and validity of downstream applications and academic research.
The paper introduces IoUCert, a novel formal verification framework that overcomes the challenges of non-linear coordinate transformations and IoU metrics to enable the first robustness verification of realistic, anchor-based object detection models like SSD and YOLO.
This paper reveals that the default interactive design of targeted advertisements on social media platforms like TikTok, Facebook, and Instagram creates a privacy loophole allowing advertisers to identify and view the profiles of users who engage with sensitive ads, thereby contradicting platform promises of data protection and highlighting the need for design modifications to ensure user transparency.
This paper proposes a privacy-preserving, offline Central Bank Digital Currency (CBDC) payment model for resource-constrained IoT devices that integrates Secure Elements, lightweight Zero-Knowledge Proofs, and intermittent synchronization to enable secure, cash-like transactions while preventing double-spending and ensuring AML/CFT compliance without continuous internet connectivity.
This paper evaluates the privacy risks and fidelity of synthetic Instagram posts generated by large language models, demonstrating that while synthetic data significantly reduces authorship re-identification risks compared to real data, a trade-off exists where higher fidelity correlates with greater privacy leakage.
This study evaluates six publicly accessible deepfake detection tools and finds that while forensic and AI-based classifiers exhibit complementary strengths and weaknesses, human evaluators with law enforcement experience significantly outperform all automated systems, particularly in resolving cases of disagreement.
This paper presents the first multi-dimensional evaluation of 31 LLM safety benchmarks, revealing that while they do not outperform non-benchmark papers in academic influence, there is a critical misalignment where neither author prominence nor paper impact correlates with code quality, highlighting a significant need for improved repository readiness and ethical standards.
This paper introduces \SysName, a novel framework that enhances Multi-Agent System security by shifting from static input filtering to execution-aware analysis through the reconstruction of Cross-Agent Semantic Flows, effectively detecting complex attack vectors that bypass conventional guardrails.
This paper evaluates the impact of logical vulnerabilities in 5G Standalone networks on UAV communications by utilizing a Kubernetes-based testbed to demonstrate how attacks from malicious UEs, compromised gNodeBs, or the 5G core can disrupt operations, thereby highlighting the critical need for user plane isolation and protocol integrity.