The paper analyzes persistent TLS misconfigurations and introduces TLSGatekeeper, a high-performance, network-based tool that enforces security policies by monitoring TLS handshakes without requiring…

This paper experimentally compares ML-DSA and SLH-DSA in TLS 1.3, finding that placing SLH-DSA at the server leaf significantly increases computational cost and latency, suggesting upper-layer placeme…

The study found that providing developers with a layer-based security training package significantly reduces the number and severity of security vulnerabilities in LLM-assisted web application develop…

This study provides the first measurement of authentication security in real-world remote Model Context Protocol (MCP) servers, finding pervasive and critical authentication weaknesses, particularly i…

This paper analyzes RPKI specifications, demonstrating that vague or conflicting requirements in dozens of RFCs cause systemic vulnerabilities in real-world implementations, leading to 61 undocumented…

This paper addresses the operational challenge of adopting Post-Quantum Cryptography (PQC) in complex financial TLS environments by presenting a methodology to automatically profile and normalize cryp…

The paper introduces a multi-surface evidence framework to provide comprehensive observability for post-quantum TLS migration, enabling robust measurement of session behavior and endpoint capabilities…

The paper introduces SIGIL, a novel framework that cryptographically seals the entire lifecycle of LLM skills, ensuring verifiable integrity from publication through runtime execution to prevent suppl…

This study empirically measures the consistency and success rate of autonomous LLM penetration testing across multiple services, finding statistically significant differences in exploitation capabilit…

This study empirically measures the consistency and effectiveness of autonomous LLM penetration testing across multiple services, finding statistically significant differences in exploitation rates am…

The paper proposes HSTS-Enforced, a new web security model that flips the default connection from HTTP to HTTPS, eliminating TLS stripping attacks while allowing sites to opt out if they genuinely req…

This paper introduces UPAttack, a novel threat model demonstrating that focusing on explicit usability requirements can cause LLMs to generate insecure code by neglecting implicit security constraints…

This study comparatively assessed the usability of passkeys versus passwords for Wi-Fi captive portal authentication, finding that while passkeys were perceived as more usable, captive portal limitati…

The paper argues that over-engineered university cybersecurity protocols, while necessary, create significant accessibility barriers that disproportionately harm remote international students, particu…

This paper replicates and extends a study on Java security API misuse in LLMs, finding that while newer models improve performance, the misuse risk persists and is significantly mitigated by external…

The paper proposes using Merkle Tree Certificates (MTC) to create a post-quantum Public Key Infrastructure (PKI) for Kubernetes and 5G/6G core networks, significantly reducing the overhead associated…

A longitudinal study of five identity-based signing ecosystems found that while these tools reduce some key management burdens, they consistently shift complexity to verification workflows, policy con…

This paper systematically analyzes the threat posed by malicious third-party API routers in the LLM supply chain, finding that a significant number of routers actively perform payload injection, crede…

The study analyzed TLS certificate and domain features in the Danish .dk namespace to distinguish phishing sites, concluding that while combined features are useful, no single attribute reliably ident…

This paper provides the first comprehensive security analysis of the Agent Skills framework, identifying severe structural vulnerabilities that require fundamental architectural changes rather than si…