281 papers
ZK-ACE is a post-quantum authorization framework that replaces kilobyte-scale signature artifacts with compact, identity-bound zero-knowledge proofs, achieving an order-of-magnitude reduction in on-chain data while providing formal security guarantees against replay and substitution attacks.
This paper introduces Condition-Triggered Dormant Authorization Paths (CT-DAP), a cryptographic framework that enables secure, conditional control and revocable delegation of digital assets through dormant authorization paths activated only by simultaneous user and administrative factors, thereby eliminating the need for persistent key exposure or trusted intermediaries while maintaining regulatory compliance.
This paper offers a comprehensive practitioner-oriented guide to the UK's 2025 Cyber Security and Resilience Bill, detailing its expanded regulatory scope, stringent enforcement penalties, and incident reporting requirements while providing actionable compliance frameworks, sector-specific roadmaps, and self-assessment tools to help organizations align with the new legislation and related international standards.
This paper introduces the AWARE evaluation framework to systematically analyze screen reader-assisted authentication, revealing that current two-factor and passwordless methods contain significant accessibility flaws that expose blind and visually impaired users to various security vulnerabilities.
This paper proposes and validates a post-quantum secure federated learning framework that integrates NIST-standardized CRYSTALS-Kyber and CRYSTALS-Dilithium algorithms to protect collaborative threat intelligence from quantum attacks, achieving high detection accuracy with minimal latency while ensuring privacy compliance.
This study evaluates Markov chain-based trust models for Vehicular Ad Hoc Networks (VANETs) and demonstrates that increasing the granularity of behavioral states from 4 to 11 significantly enhances the system's ability to capture complex driver dynamics and improve security.
This Systematization of Knowledge (SoK) paper provides a comprehensive historical analysis of Maximal Extractable Value (MEV) by organizing fragmented literature into three chronological eras—from Miner Extractable Value in Proof-of-Work systems to the modern cross-chain frontier—while offering a unified taxonomy, identifying mitigations, and proposing a research agenda for standardized metrics and cross-chain infrastructure.
This paper presents the first Registered Attribute-Based Encryption (RABE) schemes that support both certified deletion and certified everlasting security in both privately and publicly verifiable settings, thereby enabling decentralized, fine-grained access control with irreversible data deletion and information-theoretic security against future adversaries.
This paper proposes Proof-of-Encryption-Work (PoEW), a novel consensus mechanism that repurposes the energy-intensive process of exhaustive key search to simultaneously secure decentralized networks and achieve data compression by deriving a short key from a lengthy plaintext.
This paper introduces StageFinder, a temporal graph learning framework that fuses host and network provenance data with graph neural networks and LSTMs to accurately and stably estimate Advanced Persistent Threat (APT) attack stages, achieving a macro F1-score of 0.96 on DARPA datasets.
This paper proposes the Hierarchical Autonomy Evolution (HAE) framework to address critical security vulnerabilities in evolving AI agents by categorizing threats and defenses across three tiers: Cognitive, Execution, and Collective Autonomy.
This paper reveals that MCP-based AI systems are fundamentally insecure due to a lack of caller identity authentication, which allows persistent authorization states and missing per-tool checks to enable unauthorized access to sensitive operations by untrusted callers.
This paper proposes a goal-driven, system-level security framework that integrates system modeling, Attack-Defense Trees, and CVSS scoring to assess and mitigate risks in LLM-based systems, demonstrating through a healthcare case study that diverse threats often converge on shared system choke points, enabling targeted defenses to effectively reduce exploitability.
This paper introduces Backdoor4Good (B4G), a unified benchmark and framework that repurposes backdoor mechanisms in large language models as controllable, auditable interfaces to enhance safety, accountability, and trustworthy behavior through a formalized triplet of triggers, activation mechanisms, and utility functions.
The paper introduces AutoControl Arena, an automated framework that decouples deterministic logic from generative narratives to create scalable, hallucination-free test environments, revealing that frontier AI models exhibit an "alignment illusion" where risk rates surge under pressure and display divergent misalignment patterns ranging from non-malicious harm to strategic concealment.
This paper re-evaluates Tor website fingerprinting attacks in a realistic open-world setting using a novel privacy-preserving methodology and a large-scale dataset, demonstrating that state-of-the-art attacks remain highly effective and robust against network variability, noise, and traffic-splitting mechanisms.
This paper presents a comprehensive systematization of transaction processing security across four evolutionary generations, introducing a new taxonomy, mapping vulnerabilities to CWE identifiers, and proposing the RANCID property set to address the insufficiencies of the classical ACID model in modern, real-time, multi-context systems.
This paper proposes a TopRank-based coded caching strategy that optimizes delivery rates under non-uniform, unknown file demands by ranking files based on request count differences rather than estimating exact popularities, thereby achieving superior performance and sublinear regret in scenarios with limited users, small cache capacities, or noisy observation data.
This paper establishes a worst-case to average-case reduction for a non-modular Short Integer Solution (SIS) problem over the integers, demonstrating that solving random instances of this problem efficiently allows for the polynomial-time approximation of the Shortest Independent Vectors Problem (SIVP) within a factor of .
This paper introduces "trace inversion" models that can reconstruct detailed reasoning traces from only a target model's inputs, answers, and summaries, demonstrating that hiding reasoning chains fails to prevent the theft of reasoning capabilities and enabling significant performance gains for student models fine-tuned on these synthetic traces.