283 papers
This paper resolves an open question by demonstrating the first explicit separation between oblivious and adaptive differential privacy in the continual observation model, showing that while an oblivious algorithm can remain accurate for exponentially many time steps, any adaptive algorithm fails after only a constant number of steps.
This paper presents a laboratory study analyzing the performance impact of traditional, hybrid, and pure post-quantum TLS 1.3 key exchange algorithms across multiple layers of stateful HTTP transactions, utilizing a load-balanced architecture to statistically evaluate latency and throughput variations under different response sizes.
The paper introduces MAD, a novel memory allocation diversity system that combines spatial diversification techniques with software diversity principles to effectively deter RowHammer attacks with negligible performance overhead and hardware agnosticism.
This paper investigates backdoor attacks in Vision Transformers by identifying a causal "trigger direction" in model activations, revealing distinct processing mechanisms for different trigger types, and proposing a data-free detection scheme based on mechanistic interpretability.
This paper challenges the optimistic narrative of fully automated AI auditing by demonstrating that EVMbench's results are compromised by data contamination and narrow evaluation, revealing that current AI agents lack the stability and end-to-end exploitation capabilities to replace human auditors in smart contract security.
This study proposes and evaluates incremental federated learning strategies, specifically utilizing LSTM models on the CICIoMT2024 dataset, to enhance the long-term resilience and resource efficiency of intrusion detection systems in IoT networks against evolving threats and concept drift.
The paper proposes AttriGuard, a novel runtime defense that mitigates Indirect Prompt Injection in LLM agents by employing parallel counterfactual tests to causally attribute tool invocations to user intent rather than untrusted external observations, thereby achieving near-perfect attack success rate reduction with minimal utility loss.
This paper presents a novel copy-protection method for industrial control software that binds programs to specific hardware using Physically Unclonable Functions (PUFs) and employs symbolic execution to guarantee safety property preservation and security against reverse engineering.
This paper identifies and quantifies "Defensive Refusal Bias," a safety alignment failure in large language models where legitimate cybersecurity defenders are disproportionately denied assistance for critical tasks due to the presence of security-sensitive keywords, a problem exacerbated by explicit authorization attempts and current reliance on semantic similarity rather than intent reasoning.
This paper introduces Hubscan, an open-source security scanner that utilizes a multi-detector architecture to identify and mitigate hubness poisoning attacks in Retrieval-Augmented Generation (RAG) systems, achieving high recall rates in detecting adversarial hubs across various vector databases and real-world benchmarks.
This paper introduces a stealthy, multi-turn denial-of-service attack on LLM agents via the Model Context Protocol (MCP) that exploits tool-calling chains to amplify computational costs and resource consumption by up to 658 times while evading standard detection mechanisms.
This paper proposes a Secure Multi-Tenant Architecture (SMTA) combined with a novel Burn-After-Use (BAU) mechanism to effectively prevent data leakage in enterprise LLMs by enforcing strict instance isolation and ephemeral context destruction, achieving high defense success rates against both semantic leakage attacks and post-session persistence threats in experimental evaluations.
This paper demonstrates a novel supply-chain attack vector where a compromised vendor component within a satellite's modular architecture successfully spoofs internal telemetry to deceive ground operators, highlighting the critical need for authenticated telemetry and component attestation to secure resource-constrained space systems.
This paper analyzes the severe security vulnerabilities of the OpenClaw code agent framework, demonstrating its low native defense rate against adversarial attacks and proposing a Human-in-the-Loop (HITL) layer that significantly improves system resilience by intercepting critical threats.
This survey provides a comprehensive overview of differential privacy in machine learning, tracing its theoretical evolution from symbolic AI to large language models, examining integration methods for privacy-preserving training, and outlining practical evaluation techniques.
This paper proposes a hierarchical dual-strategy framework that achieves precise selective unlearning of privacy-sensitive medical knowledge in large language models while preserving fundamental competencies, demonstrated by high forgetting and preservation rates on clinical datasets with minimal parameter modification.
This study empirically demonstrates that current single-domain generative AI watermarks (spatial and latent) possess mutually exclusive, orthogonal vulnerabilities to modern editing tools, proving their insufficiency for robust digital provenance and establishing the critical need for future multi-domain cryptographic architectures.
The paper introduces PRoADS, a provably secure and robust audio steganography framework that embeds secret messages into diffusion model noise via orthogonal projection and employs Latent Optimization with Backward Euler Inversion to minimize reconstruction errors, achieving a remarkably low bit error rate of 0.15% under 64 kbps MP3 compression.
This paper presents a Quantum Entropy as a Service (QEaaS) system that delivers post-quantum-secured entropy to embedded ESP32 devices, demonstrating that ML-KEM-512 and ML-DSA-44 protocols achieve DTLS 1.3 handshakes significantly faster than classical ECDHE P-256 counterparts while maintaining robust security.
This paper proposes a method to protect intellectual property in neural network models by binding their weights to unique hardware properties using Physically Unclonable Functions (PUFs), thereby preventing accurate execution on cloned hardware.