The paper proposes CAAP, a capture-aware adversarial patch framework, demonstrating that deep palmprint recognition systems remain vulnerable to physically realizable attacks despite existing defenses…

The paper demonstrates a coordinated, cross-modal spoofing attack that successfully deceives state-of-the-art multi-sensor fusion systems in autonomous vehicles by making multiple sensors agree on a f…

This paper systematically analyzes 48 studies on perception attacks against autonomous vehicles, revealing that the increasing reliance on multi-sensor fusion creates new, complex vulnerabilities that…

The paper introduces Dummy-Aware Weighted Attack (DAWA), a novel evaluation method that significantly reduces the reported robustness of Dummy Classes-based defenses by simultaneously targeting both t…

This study longitudinally evaluates the adversarial robustness of Android malware detection systems over a decade, finding that temporal separation significantly degrades robustness due to concept dri…

The paper proposes LARAR, a novel layer-wise adaptive regularization approach that enhances the adversarial robustness of neural network-based Network Intrusion Detection Systems by analyzing and miti…

The paper proposes CEAR, an ensemble-based method that combines empirical and certified defenses to achieve superior provable robustness against adversarial attacks in Deep Neural Networks.

The paper proposes PRAETORIAN, a novel defense mechanism for Graph Neural Networks (GNNs) that targets the intrinsic structural requirements of backdoor attacks, significantly reducing the attack succ…

This paper demonstrates that adversarial perturbations possess a low-rank structure, and proposes a two-step method to leverage this property to significantly improve the efficiency and effectiveness…

The paper demonstrates that simpler, shallower Deep Neural Network architectures with reduced features and ReLU activations can inherently improve the robustness of ML-NIDS against gradient-based adve…

The paper introduces the Street-legal Physical Adversarial Rim (SPAR), a physically realizable and street-legal white-box attack that significantly degrades the accuracy of modern Automatic License Pl…

The paper introduces GMA-SAWGAN-GP, a novel generative framework that significantly enhances Intrusion Detection System (IDS) performance by augmenting mixed-type network traffic data, especially impr…

This paper investigates how Generative AI enables scalable, hyper-realistic fraud in Chinese e-commerce by fabricating product defect evidence, proposing new defense mechanisms like verifiable materia…

The paper introduces ARCANE, a Bayesian network framework for cross-campaign cyber attribution, finding that while aggregating telemetry improves identification, structural feature limitations prevent…

The paper evaluates the adversarial robustness of two open-source Vision-Language Models (LLaVA and Qwen2.5-VL) in a simulated e-commerce environment, finding that while LLaVA is vulnerable to gradien…

The paper demonstrates that using advanced AI agents in an autoresearch loop can discover novel and highly effective adversarial attack algorithms, significantly advancing the state-of-the-art for jai…

This paper evaluates the physical transfer of adversarial patches against aerial vehicle detectors, finding that while digitally optimized patches can be highly effective, their real-world robustness…

The paper proposes an enhanced Wasserstein GAN with Gradient Penalty (SA-JS-WGAN-GP) incorporating Self-Attention and Jensen-Shannon Divergence to synthesize diverse network traffic data, significantl…

The study demonstrates that LLM safety alignment is non-monotonic across model generations, showing that Gemma 3 exhibits unexpectedly high vulnerability to adversarial attacks compared to both its pr…

The study demonstrates that safety alignment in LLMs is non-monotonic across model generations, showing that Gemma 3 exhibits a significantly higher attack success rate than both its predecessor and s…