This survey comprehensively analyzes the IoT threat landscape by detailing 28 common attacks and mapping them to foundational vulnerability classes, providing a structured roadmap for building secure…

This paper proposes an explainable threat attribution system for IoT networks that uses SHAP and flow behavior modeling to accurately classify and explain over 30 distinct attack variants into 8 meani…

The paper introduces the Canonical Security Telemetry Substrate (CSTS), a standardized, AI-ready foundation designed to harmonize fragmented and heterogeneous cybersecurity data into a unified model f…

The paper proposes the Cyber-Physical Data Flow Diagram (CPDFD), a novel modeling technique designed to improve threat identification and risk assessment for complex Internet of Things (IoT) devices.

The paper proposes a semi-automated framework that integrates network topology and vulnerability data to generate and analyze multi-step attack graphs in Industrial Control Systems, demonstrated using…

The paper proposes a standardized, zonal architecture and an open-source prototype for a dedicated Cyber Range (CR) specifically designed for comprehensive and repeatable Wi-Fi security training and e…

The paper introduces STRIDE-AI, a novel threat modeling framework that adapts classical STRIDE for generative AI, successfully reducing the attack success rate of a tested LLM chatbot from 80% to 15%.

This paper evaluates the security of industrial control systems (ICS) transitioning to 5G communication, finding that while optimal conditions allow for resilience, degraded channel conditions signifi…

The paper introduces APIOT, the first LLM framework capable of autonomously performing the full discovery, exploitation, patching, and verification cycle against bare-metal industrial OT devices.

This paper investigates the vulnerability of machine learning-based fault detection and localization systems in Cyber-Physical Systems (CPS) to backdoor attacks, demonstrating that such attacks are su…

The paper introduces a novel six-agent AI architecture for cybersecurity risk assessment, demonstrating high accuracy and speed compared to human experts, though its performance is ultimately limited…

This paper provides the first systematic threat analysis of State-Space Models (SSMs) in safety-critical applications, introducing novel attack classes and formal metrics to quantify their security an…

This paper analyzes darknet traffic to characterize advanced, AI-assisted bot reconnaissance, finding that modern evasion techniques allow most bot traffic to bypass standard IDS thresholds.

The paper introduces OS-BLIND, a benchmark demonstrating that current safety evaluations fail to detect critical vulnerabilities in computer-use agents when user instructions are benign, showing high…

This paper provides the first comprehensive security analysis of the Agent Skills framework, identifying severe structural vulnerabilities that require fundamental architectural changes rather than si…

This paper systematically evaluates modern security logging standards (CIM, OCSF, ECS) using a novel framework to quantify their detection efficacy across diverse exploit scenarios, revealing critical…

The paper introduces LinuxArena, a large-scale, diverse control setting for testing AI agents in live production environments, demonstrating its utility for evaluating both attack and defense mechanis…

This paper evaluates a novel black-box adversarial attack to demonstrate the vulnerability of ML-based IoT Intrusion Detection Systems (IDS) and proposes a robust defense mechanism to mitigate these e…

The Device Context Protocol (DCP) introduces a compact, safety-first communication standard designed to allow LLMs to reliably control resource-constrained physical microcontrollers, significantly imp…

The paper introduces a queueing-theoretic framework to model dynamic cyber-attack surfaces, developing an adaptive reinforcement learning defense policy that significantly reduces active vulnerabiliti…