The paper introduces NeuroTaint, a novel taint tracking framework that adapts information flow analysis for LLM agents by modeling taint propagation as semantic transformation and causal influence, si…

This paper presents a novel approach for constructing information flow paths from RTL trace data for automated property generation and validation in hardware design.

This comprehensive systematic review synthesizes decades of research on web tracker detection, proposing a new taxonomy and identifying key open research gaps to guide future work.

This paper systematically measured web tracking across 20 popular AI chatbots, finding that a majority share both conversational content and user identity information with third parties.

The paper proposes a novel method to automatically enforce differential privacy in stream-based runtime monitoring specifications by analyzing temporal dependencies and injecting calibrated noise.

The paper introduces SST-Guard, a multi-modal browser-based system that detects and blocks server-side Google Analytics (sGA) by identifying the semantic patterns of collected data rather than relying…

The paper proposes a novel symbolic execution technique that combines speculative library preloading and custom software hooks to recover Control Flow Graphs (CFGs) from binaries that use dynamic code…

The paper proposes extbackslash codeName, a behavioral firewall that uses a parameterized deterministic finite automaton (pDFA) to enforce verified benign tool-call sequences and parameter bounds for…

The paper proposes a secure conformance checking method that allows a party to verify an event log against a process model while protecting the sensitive data within the log using homomorphic encrypti…

This paper introduces an attribution-driven analysis of encoder-based Large Language Models (LLMs) for network intrusion detection, demonstrating that the models make decisions based on meaningful tra…

FlowGuard introduces an identity-independent defense using flow matching to detect data-free model stealing attacks by identifying synthetic queries as out-of-distribution based on their lower-dimensi…

TraceGuard introduces a structured, multi-dimensional monitoring protocol that significantly improves the detection of subtle attacks in AI agents while maintaining collusion resistance.

Filament is a novel, compiler-agnostic static information-flow control (IFC) library for Rust that enables fine-grained, Denning-style tracking of both explicit and implicit data flows with minimal pr…

TraceScope is an interactive, sandboxed triage pipeline that analyzes complex phishing URLs by simulating human interaction and verifying suspicious behavior against a detailed checklist, achieving hi…

NetSecBed is a container-native, scenario-oriented testbed designed to generate reproducible and auditable network traffic evidence and execution artifacts for complex cybersecurity research.

The paper proposes a dynamic queueing framework that estimates an organization's cyber resources and attack surface dynamics by analyzing the timestamps of vulnerabilities and fixes, achieving high ac…

The FALCON-C framework proposes a flow-based autoencoder approach to detect cyber anomalies and label malicious flows in connected vehicular networks, achieving high accuracy in identifying attacks on…

The paper introduces BOUNDARY FLOW, an LLVM-based framework that enhances kernel fuzzing and analysis by extracting per-task, state-aware data-flow information (arguments and return values) at functio…

The paper introduces KBF, a low-cost black-box auditing protocol that fingerprints LLM APIs by analyzing stable numerical recall near the knowledge boundary, successfully detecting numerous model subs…