English
Related papers

Related papers: Rethinking Broken Object Level Authorization Attac…

200 papers

Recent attacks on critical infrastructure, including the 2021 Oldsmar water treatment breach and 2023 Danish energy sector compromises, highlight urgent security gaps in Industrial IoT (IIoT) deployments. While Federated Learning (FL)…

Machine Learning · Computer Science 2026-01-01 Samaresh Kumar Singh , Joyjit Roy , Martin So

The rapid evolution of Large Language Models (LLMs) into autonomous, tool-calling agents has fundamentally altered the cybersecurity landscape. Frameworks like OpenClaw grant AI systems operating-system-level permissions and the autonomy to…

Cryptography and Security · Computer Science 2026-03-16 Zonghao Ying , Xiao Yang , Siyang Wu , Yumeng Song , Yang Qu , Hainan Li , Tianlin Li , Jiakai Wang , Aishan Liu , Xianglong Liu

Data has become a crucial resource in the digital economy, fostering initiatives for secure and sovereign data sharing frameworks such as Data Spaces. However, these distributed environments require fine-grained access control mechanisms…

Cryptography and Security · Computer Science 2025-06-02 Irene Plaza-Ortiz , Andres Munoz-Arcentales , Joaquín Salvachúa , Carlos Aparicio , Gabriel Huecas , Enrique Barra

Distributed data analytics platforms (i.e., Apache Spark, Hadoop) provide high-level APIs to programmatically write analytics tasks that are run distributedly in multiple computing nodes. The design of these frameworks was primarily…

Cryptography and Security · Computer Science 2023-12-05 Fahad Shaon , Sazzadur Rahaman , Murat Kantarcioglu

Low-Rank Adaptation (LoRA) has emerged as an efficient method for fine-tuning large language models (LLMs) and is widely adopted within the open-source community. However, the decentralized dissemination of LoRA adapters through platforms…

Cryptography and Security · Computer Science 2025-12-23 Linzhi Chen , Yang Sun , Hongru Wei , Yuqi Chen

Since the beginning of this decade, several incidents report that false data injection attacks targeting intelligent connected vehicles cause huge industrial damage and loss of lives. Data Theft, Flooding, Fuzzing, Hijacking, Malware…

Cryptography and Security · Computer Science 2023-08-21 Ziaur Rahman , Xun Yi , Ibrahim Khalil , Adnan Anwar , Shantanu Pal

With the purpose of defending against lateral movement in today's borderless networks, Zero Trust Architecture (ZTA) adoption is gaining momentum. With a full scale ZTA implementation, it is unlikely that adversaries will be able to spread…

Cryptography and Security · Computer Science 2021-11-17 Lampis Alevizos , Vinh Thong Ta , Max Hashem Eiza

This work presents ATLAS, an LLM-driven framework that bridges standardized threat modeling and property-based formal verification for System-on-Chip (SoC) security. Starting from vulnerability knowledge bases such as Common Weakness…

Cryptography and Security · Computer Science 2026-04-24 Ishraq Tashdid , Kimia Tasnia , Alexander Garcia , Jonathan Valamehr , Sazadur Rahman

The rise of Machine Learning as a Service (MLaaS) has led to the widespread deployment of machine learning models trained on diverse datasets. These models are employed for predictive services through APIs, raising concerns about the…

Cryptography and Security · Computer Science 2024-03-28 Mahendra Gurve , Sankar Behera , Satyadev Ahlawat , Yamuna Prasad

Unmanned aerial vehicles (UAVs) are vulnerable to interception and attacks when operated remotely without a unified and efficient identity authentication. Meanwhile, the openness of wireless communication environments potentially leads to…

Cryptography and Security · Computer Science 2024-07-02 Mingyue Xie , Zheng Chang , Osama Alfarraj , Keping Yu , Tao Chen , Hongwei Li

As 6G architectures transition toward decentralized Multi-Agent Systems (MAS), ensuring secure access to shared Knowledge Bases (KB) is critical. Traditional authorization models like RBAC fail to provide the granularity required for…

Cryptography and Security · Computer Science 2026-05-08 Loay Abdelrazek , Leyli Karacay , Marin Orlic

Misconfiguration, excessive privilege, and fragmented controls remain major causes of cloud-infrastructure incidents. This paper proposes an open-source framework that contributes a cross-platform identity-resource graph for Kubernetes and…

Cryptography and Security · Computer Science 2026-04-29 Wanru Shao

Jump-Oriented Programming (JOP) attacks exploit indirect control transfers to bypass backward-edge defenses, yet existing forward-edge CFI mechanisms lack precise source-domain authorization: type-based CFI admits all same-signature…

Cryptography and Security · Computer Science 2026-04-28 You Wu , Peter Beerel

With the widespread deployment of Control-Flow Integrity (CFI), control-flow hijacking attacks, and consequently code reuse attacks, are significantly more difficult. CFI limits control flow to well-known locations, severely restricting…

Cryptography and Security · Computer Science 2019-11-26 Kyriakos Ispoglou , Bader AlBassam , Trent Jaeger , Mathias Payer

With the increasing number of connected devices and complex networks involved, current domain-specific security techniques become inadequate for diverse large-scale Internet of Things (IoT) systems applications. While cross-domain…

Networking and Internet Architecture · Computer Science 2025-01-08 Xiaoyu Ma , Fang Fang , Xianbin Wang

APIs (Application Programming Interfaces) or Web Services are the foundational building blocks that enable interconnected systems. However this proliferation of APIs has also introduced security challenges that require systematic and…

Cryptography and Security · Computer Science 2025-07-24 Senthilkumar Gopal

Modern software supply chain attacks consist of introducing new, malicious capabilities into trusted third-party software components, in order to propagate to a victim through a package dependency chain. These attacks are especially…

Cryptography and Security · Computer Science 2025-05-21 Carmine Cesarano , Martin Monperrus , Roberto Natella

Web Application Firewalls (WAFs) have been introduced as essential and popular security gates that inspect incoming HTTP traffic to filter out malicious requests and provide defenses against a diverse array of web-based threats. Evading…

Cryptography and Security · Computer Science 2026-03-17 Seyed Ali Akhavani , Bahruz Jabiyev , Ben Kallus , Cem Topcuoglu , Sergey Bratus , Engin Kirda

Current LLM-based frameworks for text anonymization usually rely on remote API services from powerful LLMs, which creates an inherent privacy paradox: users must disclose the raw data to untrusted third parties for guaranteed privacy…

Cryptography and Security · Computer Science 2026-04-14 Donghang Duan , Xu Zheng , Yuefeng He , Chong Mu , Leyi Cai , Lizong Zhang

The IPv6 Routing Protocol for Low-Power and Lossy Networks (RPL) was recently introduced as the new routing standard for the Internet of Things. Although RPL defines basic security modes, it remains vulnerable to topological attacks which…

Networking and Internet Architecture · Computer Science 2016-08-08 Heiner Perrey , Martin Landsmann , Osman Ugus , Thomas C. Schmidt , Matthias Wählisch