280 papers
This study systematically characterizes the unique threat landscape of multi-agent AI systems and empirically evaluates 16 security frameworks, revealing that none achieve majority coverage of the identified risks, with Non-Determinism and Data Leakage being the most under-addressed domains.
This paper introduces Arbiter, a framework that combines formal rules with multi-model LLM analysis to detect interference patterns in coding agent system prompts, revealing that prompt architecture influences failure types and that multi-model evaluation uncovers distinct vulnerabilities missed by single-model approaches.
This paper introduces NetDiffuser, a novel framework that leverages a feature categorization algorithm and diffusion models to generate natural adversarial examples that effectively deceive deep learning-based network intrusion detection systems while preserving traffic validity.
This paper critiques the current limitations of alignment-focused safety cases for frontier AI by drawing on established methodologies from safety-critical industries to propose a more robust, defensible framework, illustrated through a case study on deceptive alignment and CBRN capabilities.
This paper establishes that distinct notions of quantum pseudorandomness are likely not equivalent by proving oracle separations, such as the existence of log-length PRFSGs without QPRGs with negligible error, thereby demonstrating that quantum pseudorandomness behaves fundamentally differently from its classical counterpart.
This paper demonstrates that verifiable delegated quantum computation protocols relying solely on the cut-and-choose technique cannot simultaneously achieve both security and efficiency, indicating that additional methods beyond this approach are necessary for practical implementation.
This paper introduces WaLi, a novel attack framework that leverages standard HVAC pressure sensors to reconstruct intelligible human speech from noisy, low-resolution data using a complex-valued conformer and Complex Global Attention Block, thereby revealing a significant, previously unaddressed privacy vulnerability in building infrastructure.
The paper proposes SFIBA, a spatial-based full-target invisible backdoor attack that ensures trigger specificity and stealthiness in black-box settings by restricting triggers to local spatial regions and employing a frequency-domain injection method, thereby achieving high attack performance while evading existing defenses.
This paper demonstrates that Generative AI tools, specifically the open-source CAI framework, have fundamentally disrupted consumer robot cybersecurity by automating the discovery of critical vulnerabilities across diverse devices like lawnmowers, exoskeletons, and window cleaners, thereby exposing a dangerous asymmetry between democratized offensive capabilities and lagging defensive measures.
This paper synthesizes drivers of human cybersecurity behavior within organizations into a coherent theoretical framework and proposes its application as a blueprint for securing agentic AI systems against manipulation attacks by drawing parallels between human and AI vulnerabilities.
The paper presents CliCooper, a multi-client cooperative Split Learning framework that safeguards data privacy through differential privacy and label obfuscation while ensuring training integrity and model provenance via dynamic chained watermarking, effectively mitigating privacy and ownership attacks without compromising model accuracy.
This paper presents a novel capability architecture and a corresponding Zephyr-based real-time operating system that achieves comprehensive security for embedded devices by fully disaggregating and isolating all software subsystems and peripherals, thereby eliminating the need for a run-time software Trusted Computing Base (TCB) without requiring hardware modifications.
This paper presents the first systematic analysis of Attack Graph and Intrusion Detection System integration, proposing a novel unifying lifecycle framework that establishes a continuous feedback loop to enhance threat detection and incident response.
This paper presents BladeChain, a blockchain-based system that integrates multi-stakeholder endorsement, automated scheduling, and AI model provenance to provide immutable, auditable traceability for aircraft engine blade inspections across the entire component life cycle.
The paper introduces XTRIDE, a highly optimized n-gram-based approach that achieves state-of-the-art accuracy in recovering real-world structure layouts and function signatures from stripped binaries while offering throughput speeds 70 to 2300 times faster than existing methods, making it suitable for automated reverse engineering pipelines.
SplitAgent introduces a novel distributed architecture that enables privacy-preserving collaboration between enterprise and cloud AI agents by utilizing context-aware dynamic sanitization, differential privacy, and zero-knowledge verification to achieve high task accuracy while significantly reducing data leakage compared to static approaches.
This paper presents a comprehensive comparative study of recent advances in Internet of Things (IoT) intrusion detection systems, analyzing their architectures, classifications, and evaluation methodologies to address critical security challenges.
This paper details the experience and techniques involved in automatically converting an 800,000-line C++ monolith into a Java EE application running on WildFly, addressing specific architectural challenges and utilizing a clang-tool-based solution to continuously regenerate Java code alongside ongoing C++ development.
This paper introduces a pipeline comprising the static analysis tool tSCAN and the searcher tSEARCH to discover and exploit Token-based Maximal Extractable Value (tMEV) by identifying non-standard supply-control functions in token contracts, demonstrating that this approach can extract ten times more profit than existing MEV strategies on Ethereum.
The paper introduces AR-ACE, a lightweight mempool propagation protocol for post-quantum blockchains that eliminates on-path validity proofs by having relay nodes forward only objects with compact attestations, thereby achieving an order-of-magnitude bandwidth reduction while shifting proof verification entirely to the builder.