The paper proposes a general, compiler-integrated framework for secure content composition that minimizes the syntactic difference between secure and insecure coding practices.

The paper introduces PLM-NIDS, a novel intrusion detection system that models network flows as a language based solely on L3/L4 metadata, successfully detecting attacks by identifying deviations from…

The paper introduces PLM-NIDS, a novel intrusion detection system that models network flows as a language based solely on L3/L4 metadata, successfully detecting attacks by identifying deviations from…

The paper introduces a comprehensive security framework, AgentRFC, to systematically analyze and test the security conformance of various AI agent protocols, identifying critical design gaps, especial…

The paper introduces a systematic, executable taxonomy of security properties to bridge the gap between theoretical security definitions and their practical implementation in formal verification tools…

The paper proposes a declarative, autonomous, self-protecting framework for securing complex 5G/6G networks by leveraging a standardized security ontology and automated graph reasoning to neutralize l…

VIPER-MCP is a novel, end-to-end automated framework that detects and dynamically confirms the exploitability of taint-style vulnerabilities in Model Context Protocol (MCP) servers, achieving high-fid…

The paper introduces Heimdall, an automated pipeline that uses LLMs and formal verification to safely and automatically migrate legacy, potentially buggy eBPF programs written in C to memory-safe Rust…

This paper investigates Description-Code Inconsistency (DCI) in Model Context Protocol (MCP) servers, finding that 9.93% of real-world tools exhibit inconsistencies that create security blind spots.

The paper introduces mcp-attested, a security extension to the Model Context Protocol (MCP) that allows hosts to safely admit and restrict the tools used by external, third-party tool servers.

AFL-ICP is a novel specification-driven fuzzing framework that significantly enhances the security testing of industrial control protocols by detecting subtle semantic and logic bugs missed by traditi…

This paper proposes using large language models (LLMs) to generate and compositionally verify software implementations directly from natural language specifications, showing promising preliminary resu…

This paper introduces a component-centric framework and a novel detector, Connor, to understand and detect sophisticated, multi-component attacks targeting the Model Context Protocol (MCP) servers.

The paper introduces IOCRegex-gen, an automated LLM-based system that converts Indicators of Compromise (IOCs) into syntactically and semantically correct regular expressions, achieving high accuracy…

This paper analyzes various source-to-bytecode obfuscation techniques for Erlang, demonstrating that effective protection relies on exploiting the representational gaps between high-level semantics an…

The paper introduces Platum, a novel framework that synthesizes verified, low-latency runtime monitors for MAVLink protocols, enabling robust enforcement of contextual message validity on resource-con…

The paper introduces a deterministic method to automatically synthesize initial SIEM detection rules (Sigma rules) from attack simulation findings, ensuring full traceability back to the specific orig…

The paper introduces Tofu, a generalizable tool that automatically performs rigorous channel fault analysis on distributed protocols, synthesizing attack traces or proving their absence for given LTL…

This paper analyzes 470 security advisories in the OpenClaw AI agent framework, demonstrating that the system's structural weakness lies in per-layer trust enforcement, enabling cross-layer remote cod…

The paper proposes extbackslash codeName, a behavioral firewall that uses a parameterized deterministic finite automaton (pDFA) to enforce verified benign tool-call sequences and parameter bounds for…