Cryptography & Security
Research on AI security, adversarial attacks, privacy, and cryptographic methods.
cs.CR · 500 papersVectorSmuggle: Steganographic Exfiltration in Embedding Stores and a Cryptographic Provenance Defense
VectorSmuggle reveals steganographic data exfiltration in RAG embedding stores and proposes VectorPin, a cryptographic defense for embedding integrity.
DisAgg: Distributed Aggregators for Efficient Secure Aggregation in Federated Learning
DisAgg uses distributed client aggregators to securely and efficiently aggregate updates in federated learning, achieving a 4.6x speedup over OPA.
Identifying AI Web Scrapers Using Canary Tokens
This paper introduces a novel method using canary tokens to reliably identify which web scrapers are feeding data to specific large language models.
Limits of Personalizing Differential Privacy Budgets
This paper reveals that personalized differential privacy budgets have significant limitations, showing a simple thresholding method is often superior.
Phantom Force: Injecting Adversarial Tactile Perceptions into Embodied Intelligence via EMI
This paper reveals how electromagnetic interference can inject "phantom forces" into robot tactile sensors, severely compromising embodied intelligence.
Sleeper Channels and Provenance Gates: Persistent Prompt Injection in Always-on Autonomous AI Agents
Persistent prompt injection in always-on AI agents via 'sleeper channels' is identified, and a tiered defense with provenance gates is proposed.
Model-Agnostic Lifelong LLM Safety via Externalized Attack-Defense Co-Evolution
EvoSafety introduces a novel framework for lifelong, model-agnostic LLM safety via externalized attack-defense co-evolution to counter adversarial prompts.
Inducing Overthink: Hierarchical Genetic Algorithm-based DoS Attack on Black-Box Large Language Reasoning Models
A hierarchical genetic algorithm can induce "overthink" in black-box LLMs, creating DoS attacks by significantly increasing response length and resource consumption.
Context-Aware Web Attack Detection in Open-Source SIEM Systems via MITRE ATT&CK-Enriched Behavioral Profiling
Smart-SIEM enhances open-source SIEMs with an AI module for context-aware web attack detection using behavioral profiling and MITRE ATT&CK.
Automatic Detection of Reference Counting Bugs in Linux Kernel Drivers
DrvHorn automatically detects reference counting bugs in Linux kernel drivers, finding 545 bugs (424 new) with a low false positive rate.
Backdoor Channels Hidden in Latent Space: Cryptographic Undetectability in Modern Neural Networks
This paper shows how to create cryptographically undetectable backdoors in modern neural networks by exploiting latent space geometry, resisting current defenses.
PoisonCap: Efficient Hierarchical Temporal Safety for CHERI
PoisonCap enhances CHERI systems with strict use-after-free and initialization safety using a novel 'poison' capability format, without performance overhead.
LoREnc: Low-Rank Encryption for Securing Foundation Models and LoRA Adapters
LoREnc is a training-free framework that secures foundation models and LoRA adapters against IP leakage and model recovery attacks with minimal overhead.
Code-Centric Detection of Vulnerability-Fixing Commits: A Unified Benchmark and Empirical Study
This study finds code language models struggle to detect vulnerability-fixing commits without commit messages, lacking transferable security understanding from code changes alone.
Extending Blockchain Untraceability with Plausible Deniability
This paper introduces Deniable Covert Asset Transfer (DCAT) to make blockchain transactions untraceable by blending them into common DeFi MEV activities.
Security Incentivization: An Empirical Study of how Micropayments Impact Code Security
This study shows that team-level incentives tied to automated security metrics significantly improve code security in development teams.
TextSeal: A Localized LLM Watermark for Provenance & Distillation Protection
TextSeal is a new LLM watermark using dual-key generation and multi-region localization for robust, distortion-free detection and distillation protection.
Attacks and Mitigations for Distributed Governance of Agentic AI under Byzantine Adversaries
This paper analyzes attacks on agentic AI governance from compromised centralized providers and proposes Byzantine-resilient, monitoring, and auditing solutions.
Reconstruction of Personally Identifiable Information from Supervised Finetuned Models
This paper reveals that PII can be reconstructed from supervised finetuned LLMs, proposing COVA to enhance reconstruction under prefix attacks.
No More, No Less: Task Alignment in Terminal Agents
A new benchmark, TAB, reveals terminal agents struggle with selectively following relevant instructions while ignoring distractors, highlighting a gap in task alignment.
📬 Weekly AI Paper Digest
Get the top 10 AI/ML arXiv papers from the week — summarized, scored, and delivered to your inbox every Monday.