The study analyzed TLS certificate and domain features in the Danish .dk namespace to distinguish phishing sites, concluding that while combined features are useful, no single attribute reliably ident…

The paper identifies and quantifies 'zombie linkages' in various DNS integrations, demonstrating that persistent, outdated mappings pose significant security risks across different naming ecosystems.

This paper analyzes high-impact Web3 security incidents to show that most losses stem from off-chain organizational and operational failures, not just smart contract bugs.

This paper systematically analyzes the threat posed by malicious third-party API routers in the LLM supply chain, finding that a significant number of routers actively perform payload injection, crede…

This paper analyzes RPKI specifications, demonstrating that vague or conflicting requirements in dozens of RFCs cause systemic vulnerabilities in real-world implementations, leading to 61 undocumented…

The paper introduces an end-to-end framework that not only detects network intrusions using deep learning but also generates actionable, citation-grounded mitigation reports using a Retrieval-Augmente…

This paper systematically evaluates Provenance-based Intrusion Detection Systems (PIDSes) in real industrial scenarios, revealing that existing systems struggle with data heterogeneity, advanced attac…

The paper proposes a comprehensive cryptographic distribution provenance system to structurally defend against dependency confusion attacks in software package ecosystems.

This study provides the first measurement of authentication security in real-world remote Model Context Protocol (MCP) servers, finding pervasive and critical authentication weaknesses, particularly i…

The paper proposes HSTS-Enforced, a new web security model that flips the default connection from HTTP to HTTPS, eliminating TLS stripping attacks while allowing sites to opt out if they genuinely req…

The paper introduces STRIKE, a multi-dimensional structured taxonomy designed to provide a comprehensive and unified framework for classifying the rapidly evolving complexity of modern cybercrimes.

The paper introduces the concept of 'host-space perturbations,' arguing that real-world attackers can only manipulate network inputs by controlling specific hosts, a constraint that significantly weak…

This paper proposes the first web-focused threat model for agentic browsers, demonstrating that traditional web social engineering attacks can be amplified into dangerous, reproducible threats when ex…

By analyzing over 27,000 posts from 325 public ransomware leak sites, this paper demonstrates that ransomware groups exhibit non-random, predictable operational regularities concerning victim concentr…

This paper analyzes location-data provenance risks across multiple European sectors, proposing a risk taxonomy and architectural design for a next-generation digital trust infrastructure that treats l…

The paper proposes a declarative, autonomous, self-protecting framework for securing complex 5G/6G networks by leveraging a standardized security ontology and automated graph reasoning to neutralize l…

This paper systematically identifies and demonstrates multiple session manipulation attacks against VPN connection tracking frameworks, revealing widespread vulnerabilities in popular VPN services.

The paper benchmarks current frontier computer-using agents against hand-crafted attacks, finding that while they are highly safe in browser tasks, this safety does not generalize to other domains lik…

This paper argues that much of the existing research on Federated Learning (FL) security is based on idealized assumptions, and provides a practical evaluation framework showing that real-world attack…

The paper proposes bPk#, a distributed architecture for pseudonyms that enhances privacy and availability in national eID systems by delegating pseudonym computation rights to users and service provid…