This comprehensive systematic review synthesizes decades of research on web tracker detection, proposing a new taxonomy and identifying key open research gaps to guide future work.

The paper proposes SATA, a semantics-aware traffic augmentation framework, to significantly improve the generalization of website fingerprinting models by addressing variability in resource compositio…

The paper proposes HSTS-Enforced, a new web security model that flips the default connection from HTTP to HTTPS, eliminating TLS stripping attacks while allowing sites to opt out if they genuinely req…

This paper introduces seven novel, cross-domain techniques for detecting prompt injection attacks, moving beyond the limitations of traditional regex and transformer classifiers.

The paper evaluates web tracking across ten countries, finding that opt-in jurisdictions (like the EU) generally enforce stronger privacy protections, significantly reducing tracker connections compar…

The paper proposes WARD, a robust and efficient defense model that secures web agents against prompt injection attacks embedded in web content, achieving high recall and low false positives even again…

This paper systematically measured web tracking across 20 popular AI chatbots, finding that a majority share both conversational content and user identity information with third parties.

This paper empirically demonstrates that current Static Application Security Testing (SAST) tools are fundamentally unreliable against common JavaScript obfuscation techniques, showing that obfuscatio…

WebTrap introduces a stealthy, mid-task hijacking attack that successfully compromises browser agents during long-horizon tasks by seamlessly fusing malicious instructions with the original user goal.

This study provides the first measurement of authentication security in real-world remote Model Context Protocol (MCP) servers, finding pervasive and critical authentication weaknesses, particularly i…

The paper introduces a novel stateful online monitoring system that detects distributed multi-agent cyberattacks by aggregating weak suspiciousness signals across many user accounts, overcoming the bl…

The paper introduces a novel stateful online monitoring system that detects distributed multi-agent cyberattacks by aggregating weak suspiciousness signals across many user accounts, overcoming the bl…

The paper introduces CoT-Guard, a small, cost-effective 4B-parameter model that significantly outperforms large, expensive monitors like GPT-5 in detecting hidden objectives in code generation tasks.

AEGIS introduces a novel physics-based system that analyzes encrypted network traffic flow dynamics, achieving state-of-the-art zero-day evasion detection with high accuracy and low latency.

CLOUDBURST introduces a novel framework and taxonomy for passive cloud-native beacons, demonstrating that IAM Canary Roles are the most effective vector for real-time threat attribution in modern clou…

The paper proposes a lightweight, passive bot detection system using user-agent and favicon analysis on web server logs, achieving 67.7% bot detection with a low 3% false-positive rate.

The paper introduces IPI-proxy, an open-source intercepting proxy toolkit designed to red-team web-browsing AI agents by injecting adversarial payloads into live HTTP responses from whitelisted domain…

The paper identifies a critical vulnerability, the Camouflage Detection Gap (CDG), where standard LLM injection detectors fail dramatically when malicious payloads mimic the target domain's language a…

The paper introduces presidio-hardened-x402, an open-source middleware that intercepts x402 payment requests to detect and redact PII and enforce spending policies before on-chain settlement.

The study analyzed TLS certificate and domain features in the Danish .dk namespace to distinguish phishing sites, concluding that while combined features are useful, no single attribute reliably ident…