Cryptography & Security
Research on AI security, adversarial attacks, privacy, and cryptographic methods.
cs.CR ยท 505 papersHeimdallr: Characterizing and Detecting LLM-Induced Security Risks in GitHub CI Workflows
Heimdallr characterizes and detects LLM-induced security risks in GitHub CI workflows, revealing a new attack surface and disclosing hundreds of vulnerabilities.
Toward Space-Based Public Key Systems: Enabling Secure Space Communications through In-Orbit Trust Services
This paper proposes space-based Public Key Infrastructure architectures to enable secure, low-latency communication and trust services for the New Space era.
Securing the Agent: Vendor-Neutral, Multitenant Enterprise Retrieval and Tool Use
This paper introduces a layered isolation architecture to secure multitenant enterprise RAG and agentic AI systems, preventing data leakage.
Toward a Risk Assessment Framework for Institutional DeFi: A Nine-Dimension Approach
This paper introduces a nine-dimension risk assessment framework for institutional DeFi, addressing gaps in existing methodologies with novel risk dimensions.
SoK: Robustness in Large Language Models against Jailbreak Attacks
This paper systematizes jailbreak attacks and defenses in LLMs, introducing Security Cube for multi-dimensional security evaluation.
Agentic Vulnerability Reasoning on Windows COM Binaries
SLYP is an agentic pipeline that finds race condition vulnerabilities in Windows COM binaries and generates verified proof-of-concept exploits.
You Snooze, You Lose: Automatic Safety Alignment Restoration through Neural Weight Translation
NeWTral restores safety alignment in specialized LLM adapters without losing domain knowledge, using neural weight translation in the parameter space.
Probabilistic Atomic Swaps for Bitcoin and Friends
Introduces probabilistic atomic swaps, enabling trustless, verifiable randomized exchanges like lotteries on blockchains without intermediaries.
On the (In-)Security of the Shuffling Defense in the Transformer Secure Inference
This paper demonstrates a novel attack that bypasses the shuffling defense in Transformer secure inference, enabling model weight extraction.
A Pragmatic Comparison of Cryptographic Computation Technologies for Machine Learning
This paper compares secure multi-party computation (SMPC) and fully homomorphic encryption (FHE) for machine learning, benchmarking their performance.
Data anonymization in the presence of outliers via invariant coordinate selection
This paper introduces ICSA, a robust data anonymization method using invariant coordinate selection to protect data with outliers, outperforming spectral anonymization.
Long-Term Risks of IoT Devices: The Case of the Smart Fridge
Smart fridges face long-term operational risks due to IT component lifecycles, even for basic functions like cooling, which can be generalized to other IoT devices.
AgentTrust: Runtime Safety Evaluation and Interception for AI Agent Tool Use
AgentTrust provides a runtime safety layer for AI agents, intercepting tool calls to prevent unsafe actions like data exfiltration and accidental deletion.
AFL-ICP: Enhancing Industrial Control Protocol Reliability via Specification-Guided Fuzzing
AFL-ICP is a novel specification-guided fuzzer that uses LLMs to enhance the reliability of Industrial Control Protocols by detecting deep semantic vulnerabilities.
From Beats to Breaches:How Offensive AI Infers Sensitive User Information from Playlists
This paper introduces musicPIIrate, an Offensive AI tool that infers sensitive user PII from music playlists, and JamShield, a defense against it.
Vol-Mark: A Watermark for 3D Medical Volume Data Via Cubic Difference Expansion and Contrastive Learning
Vol-Mark is a new watermarking method for 3D medical data, using contrastive learning and cubic difference expansion to ensure ownership and integrity.
Sparse Tokens Suffice: Jailbreaking Audio Language Models via Token-Aware Gradient Optimization
This paper shows that sparse, token-aware gradient optimization can effectively jailbreak Audio Language Models, proving dense updates are redundant.
PINSIGHT: A Comprehensive Threat Exploration of Domain-Adaptive Wi-Fi based PIN Code Inference
PINSIGHT rigorously assesses Wi-Fi PIN inference attacks, revealing that current state-of-the-art methods fail in realistic, unseen environments.
Pen-Strategist: A Reasoning Framework for Penetration Testing Strategy Formation and Analysis
Pen-Strategist is a new framework that uses logical reasoning and a classifier to improve automated penetration testing strategy formation and action selection.
An Evaluation of Chat Safety Moderations in Roblox
This paper evaluates Roblox's chat moderation, finding significant failures in detecting unsafe messages like grooming and harassment, and user evasion tactics.
๐ฌ Weekly AI Paper Digest
Get the top 10 AI/ML arXiv papers from the week โ summarized, scored, and delivered to your inbox every Monday.