This paper proposes a two-stage machine learning system that accurately detects I2P traffic and subsequently classifies it as data exfiltration or legitimate activity, achieving high accuracy in both…

This study analyzed I2P's routing topology and found no significant evidence that peer selection is influenced by geographic location, suggesting highly random global mixing.

The paper investigates using Convolutional Neural Networks (CNNs) for deanonymizing I2P traffic patterns, but concludes that the proposed methods do not compromise the network's anonymity guarantees.

This paper systematically identifies and demonstrates multiple session manipulation attacks against VPN connection tracking frameworks, revealing widespread vulnerabilities in popular VPN services.

This paper systematically analyzes the threat posed by malicious third-party API routers in the LLM supply chain, finding that a significant number of routers actively perform payload injection, crede…

This paper analyzes darknet traffic to characterize advanced, AI-assisted bot reconnaissance, finding that modern evasion techniques allow most bot traffic to bypass standard IDS thresholds.

ShieldShare is a novel, non-root Android application that enables secure, VPN-backed hotspot sharing with accurate per-user traffic accounting, addressing limitations in current mobile VPN implementat…

ProcRoute is a system that restricts internal network route access to specific, authorized applications, preventing unprivileged processes from exploiting split-tunnel VPN routes.

AetherWeave is a novel, stake-backed peer-discovery protocol that achieves Sybil resistance and privacy in P2P networks, ensuring robust connectivity even against powerful adversaries.

The paper proposes the Redpanda Agentic Data Plane (ADP), an architecture that uses out-of-band metadata channels to deterministically enforce security policies and governance for autonomous AI agents…

Pepper is a novel, high-bandwidth anonymous broadcast protocol that achieves cryptographic sender anonymity and significantly improves messaging throughput compared to existing state-of-the-art system…

The paper introduces ClawTrap, a MITM-based red-teaming framework, to evaluate the security robustness of web agents like OpenClaw against dynamic, real-world network attacks, finding that model stren…

ML Defender (aRGus NDR) is an open-source, embedded Machine Learning Network Intrusion Detection System (NIDS) that achieves superior detection rates for botnet and anomalous traffic on resource-const…

The paper proposes Shaperd, a real-time traffic shaper designed to enhance the resilience of fully encrypted protocols against censorship by allowing users to generate traffic flows with customizable…

The paper introduces Deniable Covert Asset Transfer (DCAT), a method that stages asset transfers to appear as ordinary, loss-producing DeFi activities, achieving empirical unobservability on major blo…

The paper introduces IPI-proxy, an open-source intercepting proxy toolkit designed to red-team web-browsing AI agents by injecting adversarial payloads into live HTTP responses from whitelisted domain…

This paper analyzes the security vulnerabilities of emerging pay-for-use Wi-Fi hotspots in rural areas, demonstrating practical attacks like connection hijacking and rogue hotspots.

The paper identifies and quantifies 'zombie linkages' in various DNS integrations, demonstrating that persistent, outdated mappings pose significant security risks across different naming ecosystems.

Ember is a serverless, peer-to-peer messaging system that provides end-to-end encrypted communication over a decentralized IPv6 mesh network while enforcing strict data minimization.

This paper analyzes Bitcoin's new V2 P2P transport protocol, demonstrating that while it fixes known vulnerabilities, attackers can still execute conceptual attacks like message identification via pay…