English
Related papers

Related papers: Hijacking .NET to Defend PowerShell

200 papers

Webshell is a type of backdoor, and web applications are widely exposed to webshell injection attacks. Therefore, it is important to study webshell detection techniques. In this study, we propose a webshell detection method. We first…

Cryptography and Security · Computer Science 2025-02-28 Zhiqiang Wang , Haoyu Wang , Lu Hao

We demonstrate how AI-powered cybersecurity tools can be turned against themselves through prompt injection attacks. Prompt injection is reminiscent of cross-site scripting (XSS): malicious text is hidden within seemingly trusted content,…

Cryptography and Security · Computer Science 2025-11-18 Víctor Mayoral-Vilches , Per Mannermaa Rynning

Phishing webpages are continuously polluting the Web. Plenty of countermeasures have been proposed and the most advanced techniques leverage machine-learning methods that infer whether a webpage is benign or not by inspecting its visual…

Cryptography and Security · Computer Science 2026-05-04 Ying Yuan , Cristiano Alex Rado , Giovanni Apruzzese , Mauro Conti , Luigi Vincenzo Mancini

Existing literature on adversarial Machine Learning (ML) focuses either on showing attacks that break every ML model, or defenses that withstand most attacks. Unfortunately, little consideration is given to the actual feasibility of the…

Cryptography and Security · Computer Science 2023-10-13 Ying Yuan , Giovanni Apruzzese , Mauro Conti

Deep Neural Networks (DNNs) are employed in an increasing number of applications, some of which are safety critical. Unfortunately, DNNs are known to be vulnerable to so-called adversarial attacks that manipulate inputs to cause incorrect…

Cryptography and Security · Computer Science 2021-09-29 Mohammad Hossein Samavatian , Saikat Majumdar , Kristin Barber , Radu Teodorescu

Browser agents are increasingly deployed in long-horizon tasks, which require executing extended action chains to accomplish user goals. However, this prolonged execution process provides attackers with more opportunities to inject…

Cryptography and Security · Computer Science 2026-05-12 Zhichao Liu , Wenbo Pan , Haining Yu , Ge Gao , Tianqing Zhu , Xiaohua Jia

We have witnessed the continuing arms race between backdoor attacks and the corresponding defense strategies on Deep Neural Networks (DNNs). Most state-of-the-art defenses rely on the statistical sanitization of the "inputs" or "latent DNN…

Machine Learning · Computer Science 2020-12-15 Hassan Ali , Surya Nepal , Salil S. Kanhere , Sanjay Jha

The implementations of most hardened cryptographic libraries use defensive programming techniques for side-channel resistance. These techniques are usually specified as guidelines to developers on specific code patterns to use or avoid.…

Cryptography and Security · Computer Science 2025-09-03 Moritz Schneider , Daniele Lain , Ivan Puddu , Nicolas Dutly , Srdjan Capkun

The purpose of this study is to evaluate the possibility of implementing an attack on ALPC connection in the Windows operating system through the kernel without closing the connection covertly from programs and the operating system and to…

Cryptography and Security · Computer Science 2024-01-04 Anastasiia Kropova , Igor Korkin

Prompt injection attacks represent a major vulnerability in Large Language Model (LLM) deployments, where malicious instructions embedded in user inputs can override system prompts and induce unintended behaviors. This paper presents a…

Cryptography and Security · Computer Science 2025-12-18 S M Asif Hossain , Ruksat Khan Shayoni , Mohd Ruhul Ameen , Akif Islam , M. F. Mridha , Jungpil Shin

The aggressive performance optimizations in modern microprocessors can result in security vulnerabilities. For example, timing-based attacks in processor caches can steal secret keys or break randomization. So far, finding cache-timing…

Cryptography and Security · Computer Science 2023-02-07 Mulong Luo , Wenjie Xiong , Geunbae Lee , Yueying Li , Xiaomeng Yang , Amy Zhang , Yuandong Tian , Hsien-Hsin S. Lee , G. Edward Suh

This paper provides a comprehensive review of the future of cybersecurity through Generative AI and Large Language Models (LLMs). We explore LLM applications across various domains, including hardware design security, intrusion detection,…

New hardware primitives such as Intel SGX secure a user-level process in presence of an untrusted or compromised OS. Such "enclaved execution" systems are vulnerable to several side-channels, one of which is the page fault channel. In this…

Cryptography and Security · Computer Science 2016-01-13 Shweta Shinde , Zheng Leong Chua , Viswesh Narayanan , Prateek Saxena

Phishing attacks are one of the most common social engineering attacks targeting users emails to fraudulently steal confidential and sensitive information. They can be used as a part of more massive attacks launched to gain a foothold in…

Cryptography and Security · Computer Science 2022-01-27 Fatima Salahdine , Zakaria El Mrabet , Naima Kaabouch

Power side-channel attacks are a very effective cryptanalysis technique that can infer secret keys of security ICs by monitoring the power consumption. Since the emergence of practical attacks in the late 90s, they have been a major threat…

Cryptography and Security · Computer Science 2016-05-04 Lu Zhang , Luis Vega , Michael Taylor

Cyber attacks and malware are now more prevalent than ever and the trend is ever upward. There have been several approaches to attack detection including resident software applications at the root or user level, e.g., virus detection, and…

Cryptography and Security · Computer Science 2018-07-31 James Christopher Foreman

BGP prefix hijacking is a threat to Internet operators and users. Several mechanisms or modifications to BGP that protect the Internet against it have been proposed. However, the reality is that most operators have not deployed them and are…

Networking and Internet Architecture · Computer Science 2018-01-10 Pavlos Sermpezis , Vasileios Kotronis , Alberto Dainotti , Xenofontas Dimitropoulos

Advanced Persistent Threat (APT) attack usually refers to the form of long-term, covert and sustained attack on specific targets, with an adversary using advanced attack techniques to destroy the key facilities of an organization. APT…

Cryptography and Security · Computer Science 2021-12-20 Tiantian Zhu , Jinkai Yu , Tieming Chen , Jiayu Wang , Jie Ying , Ye Tian , Mingqi Lv , Yan Chen , Yuan Fan , Ting Wang

Large Language Models (LLMs) remain susceptible to jailbreak exploits that bypass safety filters and induce harmful or unethical behavior. This work presents a systematic taxonomy of existing jailbreak defenses across prompt-level,…

Cryptography and Security · Computer Science 2025-11-25 Ryan Wong , Hosea David Yu Fei Ng , Dhananjai Sharma , Glenn Jun Jie Ng , Kavishvaran Srinivasan

In this paper we present three attacks on private internal networks behind a NAT and a corresponding new protection mechanism, Internal Network Policy, to mitigate a wide range of attacks that penetrate internal networks behind a NAT. In…

Cryptography and Security · Computer Science 2019-10-04 Yehuda Afek , Anat Bremler-Barr , Alon Noy