The paper proposes a secure, privacy-preserving method for conformance checking using homomorphic encryption and string processing algorithms, allowing the check to be performed without exposing the p…

The paper introduces a novel pipeline integrating formal verification and process mining to systematically identify and analyze root causes of security property invalidations in complex automotive net…

The paper introduces a deterministic method to automatically synthesize initial SIEM detection rules (Sigma rules) from attack simulation findings, ensuring full traceability back to the specific orig…

The paper introduces a certified purity architecture that strengthens governance in cognitive workflow systems by replacing insufficient runtime checks with cryptographically attested structural guara…

This paper presents a novel approach for constructing information flow paths from RTL trace data for automated property generation and validation in hardware design.

The paper proposes a lightweight, Merkle-tree-based pipeline for verifying the integrity of IoT audit logs, achieving high throughput and low latency without the overhead of blockchain technology.

The paper introduces KindHML, an automated formal verification approach that uses Hennessy-Milner Logic and the Kind 2 model checker to verify complex temporal properties of smart contracts, detecting…

NLLog introduces a lightweight system that converts structured security logs into natural language sentences for improved anomaly detection, achieving high performance with low false-positive rates su…

NLLog is a lightweight pipeline that rewrites system-generated logs into natural language for improved analysis and comprehension.

The paper characterizes logging code security issues and benchmarks LLMs, finding that while LLMs can moderately detect these issues, they struggle significantly with reliably generating correct code…

The paper proposes extbackslash codeName, a behavioral firewall that uses a parameterized deterministic finite automaton (pDFA) to enforce verified benign tool-call sequences and parameter bounds for…

SECUREVENT proposes a hybrid AI/ML security monitoring architecture that combines traditional controls with advanced behavioral analysis to secure dynamic, distributed event-based systems.

SECUREVENT proposes a hybrid AI/ML security monitoring architecture that combines traditional controls with advanced behavioral analysis to secure highly dynamic, distributed event-based systems.

The paper introduces Heimdall, an automated pipeline that uses LLMs and formal verification to safely and automatically migrate legacy, potentially buggy eBPF programs written in C to memory-safe Rust…

This experience report details the process and developer perceptions of integrating log-based fraud detection into an Agile workflow, providing practical best practices for embedding security analytic…

QCIVET introduces a novel contract-based framework to ensure the integrity of hybrid quantum-classical pipelines by verifying both the structure (syntactic) and the behavior (semantic) of quantum stag…

The paper introduces Sieve, a system that uses a large language model (LLM) to generate executable query code from natural language security questions, significantly improving the ability to perform c…

The paper presents a novel technology that uses zero-knowledge proofs to formally verify a software system's correctness against a public specification without revealing the system's internal details.

The paper introduces EBCC, an OCI-compatible runtime architecture that manages composite confidential-computing workloads by integrating TEE-backed execution into the standard container lifecycle.

The paper provides a mechanized proof in Isabelle/HOL guaranteeing both the safety (state preservation) and liveness (progress) of regulatory state transitions across multiple, heterogeneous blockchai…