The paper introduces a stealthy, scenario-realistic data fabrication attack that subtly manipulates object poses in shared perception data to induce unsafe driving behaviors in connected and autonomou…

The paper introduces a novel adversarial attack that uses static, view-dependent camouflage on a vehicle to induce consistent feature drift, causing autonomous systems to predict false, yet plausible,…

FedTrident proposes a comprehensive framework to defend Federated Learning-based Road Condition Classification against Targeted Label-Flipping Attacks, achieving robust performance comparable to non-a…

The paper introduces 'adversarial restlessness,' an activation-level signature in LLM residual streams, to detect multi-turn prompt injection attacks with high accuracy.

This paper introduces the Token by Token Backdoor Attack (ToBAC), demonstrating that unified autoregressive models (UAMs) are vulnerable to backdoor attacks where a single trigger can compromise multi…

RouteScan introduces a non-intrusive framework that audits the safety of Mixture-of-Experts (MoE) LLMs by analyzing low-level GPU expert routing telemetry, achieving high accuracy even on unseen harmf…

The paper proposes extbackslash codeName, a behavioral firewall that uses a parameterized deterministic finite automaton (pDFA) to enforce verified benign tool-call sequences and parameter bounds for…

The paper introduces TrustFlip, a novel physical adversarial attack that exploits consistency-based trust defenses in vehicular collaborative perception by using genuine objects to induce inconsistenc…

The paper introduces a novel pipeline integrating formal verification and process mining to systematically identify and analyze root causes of security property invalidations in complex automotive net…

The paper introduces a novel stateful online monitoring system that detects distributed multi-agent cyberattacks by aggregating weak suspiciousness signals across many user accounts, overcoming the bl…

The paper introduces a novel stateful online monitoring system that detects distributed multi-agent cyberattacks by aggregating weak suspiciousness signals across many user accounts, overcoming the bl…

The SAFE approach enhances fault-tolerant trust management in VANETs by ensuring vehicles send updated feedback reports before leaving a witness area, significantly reducing erroneous penalization of…

The paper proposes IPEK, a context-aware trust mechanism for VANETs, which significantly improves detection of intelligent attackers by incorporating event and location severity into trust calculation…

The paper proposes a proactive, resilient architecture for autonomous vehicles by integrating redundancy, diversity, and adaptive reconfiguration to defend against various cyber and physical attacks.

The paper introduces the Street-legal Physical Adversarial Rim (SPAR), a physically realizable and street-legal white-box attack that significantly degrades the accuracy of modern Automatic License Pl…

The paper proposes DA-GC, a certified causal attribution framework that accurately identifies cross-slice attack origins in 6G networks under strict real-time latency constraints by systematically mod…

This paper demonstrates that reasoning-enabled Vision-Language-Action (VLA) models for autonomous driving are highly vulnerable to realistic input perturbations, significantly compromising both reason…

The paper introduces the Safety Asymmetry Score (SAS) to measure how a model's vulnerability to adversarial content changes based on whether the malicious input arrives via the user message, tool meta…

The paper introduces the Safety Asymmetry Score (SAS) to measure how a model's susceptibility to adversarial attacks changes based on whether the malicious content arrives via the user message, tool m…

The paper proposes DAIRE, a lightweight AI model, for highly efficient, real-time detection and classification of various cyberattacks targeting the vulnerable Controller Area Network (CAN) in the Int…