Architectural Mimicry: Innovative Instructions to Efficiently Address Control-Flow Leakage in Data-Oblivious Programs

representative citing papers

citing papers explorer

Showing 43 of 43 citing papers.

• Who Owns This Agent? Tracing AI Agents Back to Their Owners cs.CR · 2026-05-15 · unverdicted · none · ref 6

  A canary injection protocol for linking observed AI agent behavior to the responsible account at the hosting vendor, with robust variants for adversarial filtering.

• Analysis of Commit Signing on Github cs.SE · 2026-04-15 · unverdicted · none · ref 32 · 2 links

  Ecosystem-scale measurement shows commit signing on GitHub is rarely deliberate or sustained by developers, with rising lapse rates and unrevoked expired keys, so supply-chain security frameworks relying on it do not hold in practice.

• MIRAGE: Protecting against Malicious Image Editing via False Moderation cs.CR · 2026-06-24 · unverdicted · none · ref 64 · 2 links

  MIRAGE immunizes images by crafting perturbations that align them with policy-violating concepts in open-source moderation models, triggering refusals in closed-source commercial image editors at over 88% success rate.

• Bifrost: Hybrid TEE-FHE Inference for Privacy-Preserving Transformer and LLM Serving cs.CR · 2026-06-16 · unverdicted · none · ref 24

  Bifrost achieves significant latency reductions in privacy-preserving transformer inference through a hybrid CPU TEE and accelerator FHE design, with Bifrost+ further optimizing via prefill/decode split.

• VIPIR: A Versatile GPU Framework for Integrating Private Information Retrieval Protocols cs.CR · 2026-06-10 · unverdicted · none · ref 62

  VIPIR introduces two new PIR protocols, ExpPack compression, and GPU optimizations for NTT and GEMM that deliver orders-of-magnitude higher throughput than prior systems.

• Neuroforger: certified violation witnesses for smart contracts verification via LLMs cs.PL · 2026-05-29 · unverdicted · none · ref 37

  Neuroforger generates certified violation witnesses for smart contracts by representing specs as Solidity tests with abstract-type variables, using LLMs to instantiate them, and validating via type checking plus execution.

• Longitudinal Analyses of SAST Tools: A CodeQL Case Study cs.CR · 2026-05-08 · unverdicted · none · ref 1

  CodeQL detected 171 CVEs total, with 83 caught by a prior version before the fix; detections were often actionable within the vulnerable file but not stable across tool versions.

• Differentially Private Runtime Monitoring cs.CR · 2026-05-04 · unverdicted · none · ref 27

  A technique for enforcing differential privacy in temporal runtime monitoring by analyzing dependencies and injecting noise into specifications while using tree mechanisms to limit accuracy loss.

• Your Loss is My Gain: Low Stake Attacks on Liquid Staking Pools cs.GT · 2026-05-01 · unverdicted · none · ref 41

  A low-stake adversary can degrade a liquid staking pool's performance via consensus manipulation and profit from the resulting drop in its LST value through application-layer financial positions.

• PuzzleMark: Implicit Jigsaw Learning for Robust Code Dataset Watermarking in Neural Code Completion Models cs.SE · 2026-04-30 · unverdicted · none · ref 39

  PuzzleMark provides a robust and imperceptible watermarking method for code datasets using adaptive variable name concatenation and statistical verification, achieving perfect detection rates with minimal performance impact.

• When Specifications Meet Reality: Uncovering API Inconsistencies in Ethereum Infrastructure cs.SE · 2026-03-06 · conditional · none · ref 73

  APIDiffer automatically detects 72 API inconsistencies across 11 Ethereum clients using specification-guided test generation and LLM-based false-positive filtering, with 90% of bugs confirmed by developers.

• "Tab, Tab, Bug": Security Pitfalls of Next Edit Suggestions in AI-Integrated IDEs cs.CR · 2026-02-06 · conditional · none · ref 34

  NES systems in AI IDEs expand attack surfaces via context poisoning from imperceptible actions and global codebase retrieval, with professional developers largely unaware of the risks.

• Characterizing and Modeling the GitHub Security Advisories Review Pipeline cs.CR · 2026-02-05 · unverdicted · none · ref 42

  GitHub Security Advisories follow two review-latency regimes—a fast path for repository advisories and a slow path for NVD-first advisories—explained by a queueing model of the processing pipeline.

• Zebrafix: Mitigating Memory-Centric Side-Channel Leakage via Interleaving cs.CR · 2025-02-13 · unverdicted · none · ref 40

  Zebrafix shows interleaving data with counters can outperform prior mitigations for ciphertext side-channels while also blocking silent stores, at the cost of high complexity.

• Jaguar: Fast Private CNN Inference with Power-of-Two Homomorphic Arithmetic cs.CR · 2026-06-10 · unverdicted · none · ref 29

  Jaguar replaces prime-modulus HE with power-of-two arithmetic to enable coefficient-domain convolution and local-shift truncation, reporting 2-3.7x lower latency than Cheetah and Rhombus on ResNet-18/50 and MobileNetV2.

• Dummy Backdoor as a Defense: Removing Unknown Backdoors via Shared Internal Mechanisms for Generative LLMs cs.CR · 2026-06-10 · unverdicted · none · ref 38

  Embedding and removing a dummy backdoor reduces unknown backdoor success in generative LLMs by targeting shared trigger-activated internal mechanisms.

• SPIDER: Two Server Functionality for the Cost of Zero cs.CR · 2026-05-21 · unverdicted · none · ref 23

  SPIDER transforms a stateful single-server PIR protocol into one that delivers two-server-like private retrieval functionality using only a standard single server at no extra deployment cost.

• GRASP -- Graph-Based Anomaly Detection Through Self-Supervised Classification cs.CR · 2026-05-08 · unverdicted · none · ref 21 · 3 links

  GRASP detects anomalies in system provenance graphs via self-supervised executable prediction from two-hop neighborhoods, outperforming prior PIDS on DARPA datasets by identifying all documented attacks where behaviors are learnable plus additional unlabeled suspicious activity.

• KindHML: formal verification of smart contracts based on Hennessy-Milner logic cs.CR · 2026-04-15 · unverdicted · none · ref 44

  An encoding of Solidity contracts and first-order Hennessy-Milner logic into Lustre enables Kind 2 model checking of complex temporal properties in smart contracts.

• ARuleCon: Agentic Security Rule Conversion cs.CR · 2026-04-08 · unverdicted · none · ref 37

  ARuleCon uses AI agents plus execution-based checks to convert SIEM rules across vendors with 15% higher fidelity than standard LLM translation.

• Variational Feature Compression for Model-Specific Representations cs.CV · 2026-04-08 · unverdicted · none · ref 34

  A variational latent bottleneck with KL regularization and a dynamic binary mask based on saliency produces model-specific features that keep high accuracy for one classifier but drop others below 2% on CIFAR-100 with over 45x suppression.

• GPIR: Enabling Practical Private Information Retrieval with GPUs cs.CR · 2026-04-06 · unverdicted · none · ref 54

  GPIR achieves up to 297 times higher throughput than prior GPU PIR systems by fusing operations in stages and using pipelined transposed layouts to cut DRAM traffic during batched lattice-based queries.

• "Someone Hid It": Query-Agnostic Black-Box Attacks on LLM-Based Retrieval cs.CR · 2026-01-30 · unverdicted · none · ref 7

  A query-agnostic black-box attack uses zero-shot surrogate LLMs and adversarial learning on learnable queries to create transferable injection tokens that alter LLM retriever rankings.

• The Procedural Semantics Gap in Structured CTI: A Measurement-Driven STIX Analysis for APT Emulation cs.CR · 2025-12-12 · conditional · none · ref 8 · 3 links

  Structured CTI standards like ATT&CK describe adversary actions but lack the ordering, preconditions, and environmental details needed for direct multi-stage emulation, and a translation method can bridge this gap when assumptions are recorded.

• COGNITION: From Evaluation to Defense against Multimodal LLM CAPTCHA Solvers cs.CR · 2025-12-02 · conditional · none · ref 16

  Multimodal LLMs reliably solve many CAPTCHA tasks but can be defended by adding fine-grained localization and implicit counting that drops state-of-the-art success from over 95% to 0%.

• Automated Side-Channel Analysis of Cryptographic Protocol Implementations cs.CR · 2025-11-14 · unverdicted · none · ref 91

  The authors built an automated toolchain that extracts symbolic models from real binaries of cryptographic protocols and analyzes them for constant-time and speculative side-channel leaks, demonstrated on WhatsApp and e-passport implementations.

• PRPO: Paragraph-level Policy Optimization for Vision-Language Deepfake Detection cs.CV · 2025-09-30 · unverdicted · none · ref 2

  PRPO is a paragraph-level policy optimization technique that grounds vision-language model reasoning in image content to raise deepfake detection accuracy and reasoning quality.

• NanoTag: Systems Support for Efficient Byte-Granular Overflow Detection on ARM MTE cs.CR · 2025-09-26 · unverdicted · none · ref 66

  NanoTag enables byte-granular overflow detection on unmodified MTE binaries by combining hardware tagging with selective software tripwire checks on the Scudo allocator.

• A Typestate Approach to Purpose-aware Programming cs.PL · 2026-06-24 · unverdicted · none · ref 8

  PurPL is an OO language whose typestate system models data purpose sets that grow or shrink to enforce usage compliance.

• CloakLM: Obfuscating GPU Memory Layout to Mitigate Model Ex-filtration for Serving cs.OS · 2026-06-16 · unverdicted · none · ref 10

  CloakLM mitigates model exfiltration by obfuscating GPU memory layouts with PCIe shaping, weight shuffling, and HBM remapping while keeping near-native performance.

• To Wait or To Probe: Arbitrage Competition on High-Throughput Blockchains cs.CE · 2026-05-30 · unverdicted · none · ref 79

  On Base, probabilistic search is 23% of arbitrage activity but causes 95% of spam and 20% of gas use; protocol changes shift revenue toward successful trades and reduce spam share.

• Can You Trust What You See? Human and AI Detection of Synthetic Legal Evidence cs.CV · 2026-05-29 · unverdicted · none · ref 17

  Humans reach 64.8% accuracy detecting synthetic legal evidence images overall but drop to chance levels on top generators, while MLLMs achieve 100% specificity yet only 5.9% detection on the hardest synthetics, with uncorrelated error patterns.

• When Emotion Becomes Trigger: Emotion-style dynamic Backdoor Attack Parasitising Large Language Models cs.CL · 2026-05-12 · unverdicted · none · ref 41

  Paraesthesia is an emotion-style dynamic backdoor attack achieving ~99% success rate on instruction and classification tasks across four LLMs while preserving clean performance.

• Position Paper: Denial-of-Service against Multi-Round Transaction Simulation cs.CR · 2026-04-23 · unverdicted · none · ref 109

  The paper examines denial-of-service risks to multi-round transaction simulation arising from inter-transaction dependencies in smart-contract state.

• How Generative AI Empowers Attackers and Defenders Across the Trust & Safety Landscape cs.HC · 2025-11-10 · unverdicted · none · ref 10 · 2 links

  Generative AI boosts attackers' ability to create harmful content at scale while also enabling defenders to detect threats, support users, and improve moderation processes.

• Evasion Under Blockchain Sanctions cs.CR · 2025-07-15 · unverdicted · none · ref 3

  Empirical analysis of 1.07 billion Ethereum transactions shows sanctions cut Tornado Cash deposits by 71% yet the mixer remained central to most security incidents, exposing three structural enforcement weaknesses.

• OpDiffer: LLM-Assisted Opcode-Level Differential Testing of Ethereum Virtual Machine cs.SE · 2025-04-16 · unverdicted · none · ref 51 · 2 links

  OpDiffer applies LLMs and static analysis to opcode-level differential testing of EVMs, reporting 26 previously unknown bugs across nine implementations along with coverage gains and an estimate that 7.21% of real contracts could trigger the bugs.

• Read This Paper to Get $50 Million:* An Analysis of Mobile Messaging Scams Using Reddit Data cs.CR · 2026-05-15 · unverdicted · none · ref 79

  Reddit data analysis shows reply-based mobile scams growing nearly twice as fast as click-based ones while evading commercial and open-source detectors.

• CHAIRO: Contextual Hierarchical Analogical Induction and Reasoning Optimization for LLMs cs.AI · 2026-04-12 · unverdicted · none · ref 1

  CHAIRO integrates analogical retrieval, rule induction, and classification into an end-to-end optimized system that claims higher accuracy and better rule quality than fine-tuning or static RAG baselines for content moderation.

• AI-Driven Security Alert Screening and Alert Fatigue Mitigation in Security Operations Centers: A Comprehensive Survey cs.CR · 2026-05-08 · unverdicted · none · ref 28 · 4 links

  A literature survey synthesizes 119 studies on AI-driven alert screening into a four-stage taxonomy of filtering, triage, correlation, and generative augmentation while identifying gaps in deployment realism and robustness.

• Machine Unlearning: A Comprehensive Survey cs.CR · 2024-05-13 · unverdicted · none · ref 92

  A survey classifying machine unlearning into centralized (exact and approximate), distributed/irregular data, verification, and privacy/security categories with technique overviews.

• Lightweight, Practical Encrypted Face Recognition with GPU Support cs.CR · 2026-04-01 · unreviewed · ref 36
• SoK: Practical Aspects of Releasing Differentially Private Graphs cs.CR · 2026-03-19 · unreviewed · ref 54