In today’s digital landscape, our interactions, from professional collaborations to personal data sharing involving photos, movies, and documents, have largely moved online. While transitioning these activities to digital platforms provides considerable convenience, it poses significant challenges in efficiently managing and securely erasing shared data in compliance with privacy regulations. Digital forgetting, particularly in co-owned data, transcends being merely desirable and becomes a mandate. Conventional data management paradigms, including cryptographic erasure techniques, typically apply uniform deletion across all stakeholders, neglecting audience-specific expiration and co-owner participation in deletion, which limits their applicability in contemporary cloud storage ecosystems. This paper introduces a Policy-Based Conjunctive Scheme (PBCS) that enables conjunctive decision-making for data access and collaborative data forgetting, aligning with the General Data Protection Regulation (GDPR)’s Right to be Forgotten (RTBF). PBCS allows owners to upload their data to the cloud securely and offers policy-based access control to co-owners, granting them the ability to influence decisions about data deletion via democratic voting mechanisms significantly. The scheme leverages conjunctive access thresholds and mechanisms that gradually make data irretrievable. By integrating cryptographic primitives and Lagrange interpolation-based decay, PBCS supports a flexible, conjunctive governance model that upholds privacy and enhances the data lifecycle. We provide a formal analysis and an experimental evaluation of our scheme.

A novel form of inference attack in vertical federated learning (VFL) is proposed, where two parties collaborate in training a machine learning (ML) model. Logistic regression is considered for the VFL model. One party, referred to as the active party, possesses the ground truth labels of the samples in the training phase, while the other, referred to as the passive party, only shares a separate set of features corresponding to these samples. It is shown that the active party can carry out inference attacks on both training and prediction phase samples by acquiring an ML model independently trained on the training samples available to them. This type of inference attack does not require the active party to be aware of the score of a specific sample, hence it is referred to as an agnostic inference attack. It is shown that utilizing the observed confidence scores during the prediction phase, before the time of the attack, can improve the performance of the active party’s autonomous ML model, and thus improve the quality of the agnostic inference attack. As a countermeasure, privacy-preserving schemes (PPSs) are proposed. While the proposed schemes preserve the utility of the VFL model, they systematically distort the VFL parameters corresponding to the passive party’s features. The level of the distortion imposed on the passive party’s parameters is adjustable, giving rise to a trade-off between privacy of the passive party and interpretability of the VFL outcomes by the active party. The distortion level of the passive party’s parameters could be chosen carefully according to the privacy and interpretability concerns of the passive and active parties, respectively, with the hope of keeping both parties (partially) satisfied. Finally, experimental results demonstrate the effectiveness of the proposed attack and the PPSs.

The random number generation capabilities of the GNU/Linux operating system are subject to certain limitations. As of Linux version 5.6, /dev/random operates in a non-blocking manner and, as such, no longer satisfies the criteria for a True Random Number Generator (TRNG). While dedicated quantum random number generator (QRNG) hardware is the preferred source of unpredictable entropy, it is often expensive and difficult to deploy in virtualized/cloud environments and IoT (Internet of Things) devices. Furthermore, hardware RNG integration typically requires cryptographic applications to adhere to vendor-specific APIs. This paper proposes a user-space integration approach for a shared , potentially remote QRNG device. We develop a QRNG service on top of D-Bus, a ubiquitous interprocess communication framework. It serves as an interface for applications to retrieve true random numbers. Communication with the remote QRNG device occurs over mutually authenticated TLS 1.3 channels, protected by post-quantum cryptography (PQC) algorithms. We show, as a proof-of-concept, how the proposed D-Bus service can be integrated into the OpenSSL 3 cryptographic library, demonstrating the use of TRNG in a wide range of Linux applications. Our approach is resistant to entropy starvation attacks, supports sharing a QRNG across host and virtualized environments, requires no kernel-level or system-wide modifications, supports mixing multiple sources of entropy, and configuration of post-processing. It provides applications with a TRNG interface suitable for information-theoretically secure (ITS) use cases.

Vehicular misbehavior detection faces multiple technical challenges, including machine learning-adaptive attacks and trust management issues. A critical concern is the problem of malicious vehicle with high-reputation, in which malicious vehicles exploit trust-based security by maintaining legitimate behavioral profiles while strategically injecting malicious content. This behavior creates systemic vulnerabilities that compromise network trust infrastructures. Attacks affecting high-reputation malicious behavior detection include both external and internal types, requiring holistic defense mechanisms. However, current vehicular security research lacks unified defense against both internal and external attacks. Typically, studies that effectively resist internal attackers demonstrate the weaker defense against external attacks, and vice versa. To mitigate these concerns, we have designed a Training Verdict Autonomous Vehicle Networks architecture (TV-AVN) that develops a novel Verdict Misbehavior Detection System (V-MDS) by combining machine learning with reputation mechanism. The proposed scheme incorporates a public key cryptosystem to enhance security during basic safety message transmission. A local authority regularly consolidates detection outcomes to update vehicle reputation scores. In comprehensive experimental comparisons, our approach demonstrates robust-level security performance, with formal verification tools validating the security robustness of our proposed mechanism. For position falsification attacks, our method achieves average detection performance of 0.99 Precision , 0.98 Recall , and 0.98 F 1- score . Moreover, the proposed approach demonstrates superior resilience against intelligent attacks involving high-reputation attackers. Although the detection performance experiences degradation, our method remains more stable than existing approaches, which suffer rapid deterioration. In summary, TV-AVN establishes reliable communication for vehicle users, maintaining long-term network quality and preserving user confidence in the system.

While anonymity networks such as Tor provide invaluable privacy guarantees to society, they also enable all kinds of criminal activities. Consequently, many blameless citizens shy away from protecting their privacy using such technology for fear of being associated with criminals. To grasp the potential for alternative privacy protection for those users, we design Seldom , an anonymity network with integrated selective deanonymization that disincentivizes criminal activity. Seldom enables law enforcement agencies to selectively access otherwise anonymized identities of misbehaving users while providing technical guarantees preventing these access rights from being misused. Seldom further ensures translucency , as each access request is approved by a trustworthy consortium of impartial entities and eventually disclosed to the public (without interfering with ongoing investigations). To demonstrate Seldom ’s feasibility and applicability, we base our implementation on Tor, the most widely used anonymity network. Our evaluation indicates minimal latency, processing, and bandwidth overheads compared to Tor; Seldom ’s main costs stem from storing flow records and encrypted identities. With at most \(636 \,{\rm TB}\) of storage required in total to retain the encrypted identifiers of a Tor-sized network for two years, Seldom provides a practical and deployable technical solution to the inherent problem of criminal activities in anonymity networks. As such, Seldom sheds new light on the potentials and limitations when integrating selective deanonymization into anonymity networks.

Recent attacks on federated learning (FL) can introduce malicious model updates that can circumvent widely adopted Euclidean distance-based detection methods. This paper proposes a novel defense strategy, referred to as LayerCAM-AE, designed to counteract model poisoning in federated learning. The LayerCAM-AE puts forth a new Layer Class Activation Mapping (LayerCAM) integrated with an autoencoder (AE), significantly enhancing detection capabilities. Specifically, LayerCAM-AE generates a heat map for each local model update, which is then transformed into a more compact visual explanation. The autoencoder processes the LayerCAM heat maps from the local model updates, improving their distinctiveness and increasing the accuracy in spotting anomalous maps and malicious local models. To mitigate the risk of misclassifications in LayerCAM-AE, a voting algorithm is developed, where a local model update is flagged as malicious if its heat maps are consistently suspicious over several communication rounds. Extensive tests on the SVHN and CIFAR-100 datasets are performed under both Independent and Identically Distributed (IID) and non-IID settings in comparison with the state-of-the-art ResNet-50 and REGNETY-800MF defense models. The experimental results show that LayerCAM-AE increases detection rates (Recall: 1.0, Precision: 1.0, FPR: 0.0, Accuracy: 1.0, F1 score: 1.0, AUC: 1.0) and the test accuracy of FL, surpassing both the ResNet-50 and REGNETY-800MF. Our code is available at: https://github.com/jjzgeeks/LayerCAM-AE

In this paper, we focus on the robustness of behavior-based malware analysis models, justified by the need to address the high mutation rates of malware executables that debilitate conventional signature-based approaches and even behavior-based AI solutions. In response to these challenges, we propose MAMBA + , an obfuscation-resistant dynamic analysis approach tailored for uncovering malware behavior. We have assembled a comprehensive collection of behavioral obfuscation attacks designed to undermine behavior-based models. The central concept behind MAMBA + involves treating obfuscated calls as perturbed data and introducing a novel loss function to effectively balance ground-truth predictions and the handling of these perturbations. To facilitate this approach, MAMBA + designs adapted embedding mechanisms to transform traces of API calls into high-dimensional vectors for attention calculations. Through a comprehensive empirical study with seven obfuscations and three unseen attacks, we reveal important qualitative properties of MAMBA + , and quantitatively demonstrate its superiority in performance and robustness to all compared methods.

The correct use of cryptography is central to ensuring data security in modern software systems. Hence, several academic and commercial static analysis tools have been developed for detecting and mitigating crypto-API misuse. While developers are optimistically adopting these crypto-API misuse detectors (or crypto-detectors) in their software development cycles, this momentum must be accompanied by a rigorous understanding of their effectiveness at finding crypto-API misuse in practice . This paper describes the MASC framework, which enables a systematic and data-driven evaluation of crypto-detectors using mutation testing. We ground MASC in a comprehensive view of the problem space by developing a data-driven taxonomy of existing crypto-API misuse, containing 107 misuse cases organized among nine semantic clusters. We develop 19 generalizable usage-based mutation operators and three mutation scopes that can expressively instantiate thousands of compilable variants of the misuse cases for thoroughly evaluating crypto-detectors. Using MASC, in a previous study, we evaluated nine major crypto-detectors and discovered 19 unique, undocumented flaws that severely impact the ability of crypto-detectors to discover misuses in practice. This paper substantially extends our MASC framework and offers updated evaluation of the crypto-detectors in our 2022 study, in addition to 5 more, major crypto-detectors. Through this work, we find 6 new, undocumented flaws, and demonstrate that these flaws affect the crypto-detectors regardless of their origin; open-source community, industry, and/or research. We conclude with a discussion on the diverse perspectives that influence the design of crypto-detectors and future directions towards building security-focused crypto-detectors by design.

With the continuous evolution of deep learning, forgery techniques have undergone constant innovation, providing convenience to individuals and resulting in significant negative consequences. Notably, these forged videos have become remarkably realistic, nearly indistinguishable to the human eye, posing a formidable challenge in forgery detection. However, many current Deepfake detection models focus on improving evaluation metrics and model architecture design, often lacking the necessary generality and practicality. We propose a Deepfake detection method based on a hybrid network in response to these challenges. Our approach utilizes an improved EfficientNetV2S as the backbone, replacing the original Fused-Conv module with a Tok-MLP module and integrating an attention mechanism at the end of the backbone. Subsequently, the backbone's output is fed into a Vision Transformer (VIT) for classification. Extensive work in data preprocessing includes training our model on three datasets: DFDC, Celeb-DF v2, and FaceForensics++. The achieved results are exceptionally competitive. Additionally, visual analysis of DFDC dataset videos validates the practicality of our approach, yielding outstanding results. In conclusion, the relentless evolution of Deepfake technology poses challenges and opportunities. Our novel Deepfake detection method, grounded in a hybrid network, enhances the capabilities of existing models, ensuring practicality and effectiveness in real-world scenarios.

As networks expand and evolve, their increasing complexity introduces significant security challenges, necessitating robust Intrusion Detection Systems (IDS). Traditional IDS often struggle to detect sophisticated cyberattacks due to their reliance on raw network data and primitive feature extraction techniques. To address these limitations, we propose an Image-enhanced Encoder-based Deep Learning scheme for Intrusion Detection Systems (IEDL-IDS), which combines image-based transformation and encoder-based feature extraction to detect complex intrusion patterns in network traffic. Technically, IEDL-IDS consists of three sequential modules. The preprocessing module transforms raw network traffic into RGB images to reveal temporal and spatial patterns. Thereafter, the encoder module processes the RGB images to extract latent features. Finally, the classifier module utilizes the latent features for high-accuracy intrusion detection. Notably, IEDL-IDS is highly flexible, as its built-in classifier can be easily replaced with any neural network-based model. This feature highlights the adaptability of IEDL-IDS in balancing detection performance with resource constraints, thereby meeting the diverse needs of network security applications. Our experimental results demonstrate that IEDL-IDS outperforms the state-of-the-art IDS schemes. On the CICIoT dataset, IEDL-IDS achieves a classification accuracy of 99.91% for binary classification and 95.66% for multi-class classification. Similarly, it attains 99.61% and 98.25% accuracy on the NSL-KDD dataset, and 99.27% and 96.42% on the ToN_IoT dataset, for binary and multi-class tasks, respectively. Notably, despite its high detection performance, IEDL-IDS maintains a competitive computational footprint, making it a practical and scalable solution for real-world intrusion detection deployments.