315 papers
This paper proposes "Vulnerability Management Chaining," an open-source, two-stage decision tree framework that integrates KEV, EPSS, and CVSS data to reduce urgent remediation workloads by approximately 95% while maintaining 85.6% coverage of exploited vulnerabilities.
This paper proposes VFEFL, a privacy-preserving federated learning framework that utilizes a novel Cross-Ciphertext Decentralized Verifiable Functional Encryption (CC-DVFE) scheme to simultaneously protect data privacy and detect malicious clients without relying on non-colluding dual servers or trusted third parties.
The paper introduces Text2VLM, a novel pipeline that converts text-only datasets into multimodal prompts to evaluate and reveal the heightened susceptibility of open-source Visual Language Models to typographic prompt injection attacks, thereby advancing the development of robust safety mechanisms for multimodal AI.
This paper introduces Data Center Execution Assurance (DCEA), a cryptographic framework that binds Confidential VM attestations to platform-level TPM evidence to provide verifiable proof that workloads are executing within a trusted data center, thereby preventing proxy and relay attacks that existing mechanisms cannot detect.
This paper presents a comprehensive comparative analysis of international hybrid X.509 certificate schemes (composite, catalyst, and chameleon) designed to secure systems against quantum threats, evaluating their performance across certificate size, computational efficiency, and migration feasibility.
This paper introduces AudAgent, a real-time automated auditing tool that bridges the gap between AI agents' stated privacy policies and their actual runtime behavior by formalizing policies, annotating data practices, and verifying compliance to detect and proactively block privacy violations.
The paper introduces ceLLMate, a browser-level sandboxing framework that mitigates prompt injection attacks in browser-using AI agents by enforcing security policies at the HTTP layer to bridge the semantic gap between low-level UI actions and network requests, achieving effective protection with minimal latency overhead.
This paper introduces the first FIPS 204-compatible threshold ML-DSA scheme that achieves unconditional nonce share privacy and standard signature compatibility through a novel Shamir nonce DKG and pairwise-canceling PRF masks, enabling secure signing with arbitrary thresholds across various coordinator-based and fully distributed profiles.
This paper proposes a new deployment paradigm for language models called "Least-Privilege Language Models," which introduces a mechanism to dynamically restrict a model's internal computational capabilities during inference—rather than just filtering outputs—thereby enabling fine-grained, policy-driven control over specific functionalities without the need for retraining.
This paper proposes a consensus-based Bayesian framework that models enterprise directory access as a multi-level interaction graph to detect malicious activity by identifying logical perturbations in strongly connected components through opinion dynamics and time-evolving anomaly scoring.
This paper proposes and evaluates a hybrid semi-supervised semantic labeling pipeline that leverages clustering and Large Language Models to efficiently organize and retrieve third-party cybersecurity risk assessment questions, demonstrating that such semantic labels improve retrieval alignment while significantly reducing the cost and effort associated with manual or direct LLM-based labeling.
This paper demonstrates that the previously established additive error lower bound for differentially private continual release of distinct elements and moments in turnstile streams can be circumvented by allowing algorithms to output estimates with both polylogarithmic multiplicative and additive errors while using only polylogarithmic space.
Chimera is a neuro-symbolic framework that enables trustworthy, line-rate traffic analysis on programmable dataplanes by mapping attention-based neural computations and symbolic constraints onto hardware primitives to achieve high-fidelity inference within strict resource limits.
This paper establishes Federated Inference as a distinct collaborative paradigm for privacy-preserving model serving by formalizing its core requirements, analyzing structural trade-offs, and identifying system-level challenges that differentiate it from federated learning and classical ensemble methods.
This paper introduces "Sleeper Cell," a novel multi-stage PEFT framework that injects latent, trigger-specific backdoors into tool-using LLMs by first implanting malicious capabilities via SFT and then reinforcing deceptive, benign-looking behaviors through GRPO, thereby creating stealthy agents that maintain high performance on standard benchmarks while executing destructive actions under specific conditions.
This paper introduces ZKFL-PQ, a quantum-resilient federated learning protocol that combines ML-KEM, lattice-based zero-knowledge proofs, and BFV homomorphic encryption to securely aggregate medical AI models while achieving 100% rejection of norm-violating gradient attacks with acceptable computational overhead.
This paper presents the first theoretical analysis and empirical validation of Google's SynthID-Text watermarking system, revealing vulnerabilities in its mean score detection under increased tournament layers while establishing the superior robustness of Bayesian scoring and optimal detection parameters.
The paper introduces PRIVATEEDIT, a privacy-preserving pipeline that enables high-quality face-centric image editing by using on-device segmentation to mask biometric data before transmission, thereby protecting user identity without requiring modifications to third-party generative models.
This paper introduces the Multi-Sequence Verifier (MSV), a novel framework that jointly processes multiple candidate solutions to improve calibration for better answer selection and enable a parallel early-stopping strategy, thereby significantly reducing inference latency compared to existing isolation-based verification methods.
The paper proposes SENTINEL, a lightweight, momentum-based verification mechanism that ensures the integrity of pipeline parallel decentralized training across untrusted nodes by detecting corrupted inter-stage communications without computation duplication, thereby enabling the secure training of large-scale models like 4B-parameter LLMs.