archive
Every paper Pith has read. Search by title, abstract, or pith.
1326 papers in cs.CR · page 1
-
Length alone triggers LLM backdoors to leak secrets
MetaBackdoor: Exploiting Positional Encoding as a Backdoor Attack Surface in LLMs
-
The paper builds a 507-leaf taxonomy of LLM inference attacks from 932 recent security…
Talk is (Not) Cheap: A Taxonomy and Benchmark Coverage Audit for LLM Attacks
-
Privacy audits need no retraining runs
Privacy Auditing with Zero (0) Training Run
-
SAM worsens DRL backdoors while other fixes reduce them
Angel or Demon: Investigating the Plasticity Interventions' Impact on Backdoor Threats in Deep Reinforcement Learning
-
Nearly 39% of LLM defense sequences worsen original risks
Defenses at Odds: Measuring and Explaining Defense Conflicts in Large Language Models
-
Disguised compliance rules let attackers hijack LLM agents
Exploiting LLM Agent Supply Chains via Payload-less Skills
-
Guardrails adapt from sparse noisy failures via conservative induction
LiSA: Lifelong Safety Adaptation via Conservative Policy Induction
-
I2P mixes peers randomly across countries
Geographic Patterns in I2P Peer Selection: An Empirical Network Topology Analysis
-
Multi-agent system automates full library fuzzing lifecycle
FuzzAgent: Multi-Agent System for Evolutionary Library Fuzzing
-
Lineage tracking blocks poisoned memory from justifying agent actions
MemLineage: Lineage-Guided Enforcement for LLM Agent Memory
-
Jailbreak ASR drops up to 30 points on repeat attempts
The Great Pretender: A Stochasticity Problem in LLM Jailbreak
-
Diffusion models uncover semantic attacks on vehicle maps
Systematic Discovery of Semantic Attacks in Online Map Construction through Conditional Diffusion
-
Model forensics verifies AI integrity in wireless networks
Model Forensics in AI-Native Wireless Networks: Taxonomy, Applications, and Case Study
-
Hidden noise stops vision-language models learning real content
To See is Not to Learn: Protecting Multimodal Data from Unauthorized Fine-Tuning of Large Vision-Language Model
-
Web agents should plan before seeing page content
Web Agents Should Adopt the Plan-Then-Execute Paradigm
-
MetaMoE combines independently trained expert models into one Mixture-of-Experts system…
MetaMoE: Diversity-Aware Proxy Selection for Privacy-Preserving Mixture-of-Experts Unification
-
Watermarks can be added to game strategies with bounded utility loss
Watermarking Game-Playing Agents in Perfect-Information Extensive-Form Games
-
Encrypted controllers still allow covert attacks
On the (non-)resilience of encrypted controllers to covert attacks
-
Bots micro-pace to evade 97% of ICS detectors
Characterizing AI-Assisted Bot Traffic in Darknet Data: Implications for ICS and IIoT Security
-
Endogenous trust cuts misinformation impact by 91% above threshold
Day-to-Day Traffic Network Modeling under Route-Guidance Misinformation: Endogenous Trust and Resilience in CAV Environments
-
Fingerprinting blocks RRC storms in 5G O-RAN before exhaustion
StormShield: Fingerprint-Based Detection and Mitigation of RRC Signaling Storms in O-RAN 5G RANs
-
Survey maps three types of backdoor threats in variational quantum circuits
Backdoor Threats in Variational Quantum Circuits: Taxonomy, Attacks, and Defenses
-
Small rotations hide data in embeddings undetected
VectorSmuggle: Steganographic Exfiltration in Embedding Stores and a Cryptographic Provenance Defense
-
Client committee speeds secure aggregation 4.6x
DisAgg: Distributed Aggregators for Efficient Secure Aggregation in Federated Learning
-
Canary tokens link scrapers to the LLMs they feed
Identifying AI Web Scrapers Using Canary Tokens
-
FALCON signatures secure MQTT on Raspberry Pi 5 with performance costs
MQTT Across a Raspberry Pi 5 IoT Network Utilizing Quantum-resistant Signature Algorithms
-
EBCC unifies TEE enclaves with standard OCI container lifecycle
EBCC: Enclave-Backed Confidential Containers via OCI-Compatible Runtime Integration
-
Thresholding captures most gains of personalized DP budgets
Limits of Personalizing Differential Privacy Budgets
-
Refinement cuts UAV localization error in cold starts and against faults
Uncertainty-Aware 3D Position Refinement for Multi-UAV Systems
-
EMI creates phantom forces in robot tactile sensors
Phantom Force: Injecting Adversarial Tactile Perceptions into Embodied Intelligence via EMI
-
Sleeper channels let inputs attack AI agents later
Sleeper Channels and Provenance Gates: Persistent Prompt Injection in Always-on Autonomous AI Agents
-
External skill library keeps LLM attacks evolving after saturation
Model-Agnostic Lifelong LLM Safety via Externalized Attack-Defense Co-Evolution
-
GA attack makes reasoning models output 26x more text
Inducing Overthink: Hierarchical Genetic Algorithm-based DoS Attack on Black-Box Large Language Reasoning Models
-
Context vectors raise SIEM attack detection F1 to 0.967
Context-Aware Web Attack Detection in Open-Source SIEM Systems via MITRE ATT&CK-Enriched Behavioral Profiling
-
Tool finds 545 reference counting bugs in Linux kernel drivers
Automatic Detection of Reference Counting Bugs in Linux Kernel Drivers
-
Backdoors hide as ordinary latent directions in neural nets
Backdoor Channels Hidden in Latent Space: Cryptographic Undetectability in Modern Neural Networks
-
PoisonCap gives CHERI strict use-after-free at zero overhead
PoisonCap: Efficient Hierarchical Temporal Safety for CHERI
-
Spectral truncation secures models and adapters without retraining
LoREnc: Low-Rank Encryption for Securing Foundation Models and LoRA Adapters
-
Lightweight ML detects IoT intrusions at 99% on microcontrollers
Empowering IoT Security: On-Device Intrusion Detection in Resource Constrained Devices
-
Code models miss over 93% of fixes from changes alone
Code-Centric Detection of Vulnerability-Fixing Commits: A Unified Benchmark and Empirical Study
-
Transfers disguised as ordinary DeFi losses evade tracing
Extending Blockchain Untraceability with Plausible Deniability
-
Compromised PRNG forces exact images from diffusion models
DiffusionHijack: Supply-Chain PRNG Backdoor Attack on Diffusion Models and Quantum Random Number Defense
-
Contract checks catch sneaky quantum overrides in hybrid pipelines
QCIVET: A Quantum--Classical Pipeline Integrity Framework with Contract-Based Subtype Verification and Hash-Chained Audit Traces
-
Bonuses for security scans cut issue density in team code
Security Incentivization: An Empirical Study of how Micropayments Impact Code Security
-
Watermarking turns into entity monitoring via output aggregation
Watermarking Should Be Treated as a Monitoring Primitive
-
Fuzzing finds 30% of agent skills break their own safety rules
No Attack Required: Semantic Fuzzing for Specification Violations in Agent Skills
-
Attack extracts AMD EPYC root seed to forge any attestation
Insecure Despite Proven Updated: Extracting the Root VCEK Seed on EPYC Milan via a Software-Only Attack
-
IAM Canary Roles top cloud beacon attribution scores
CLOUDBURST: Cloud-Layer Observations Using Beacons for Unified Real-time Surveillance and Threat Attribution
-
Subpopulation bias marks distilled datasets for black-box tracing
From Compression to Accountability: Harmless Copyright Protection for Dataset Distillation
-
Thermal cameras fingerprint VR apps remotely
ThermalTap: Passive Application Fingerprinting in VR Headsets via Thermal Side Channels