Defensa y seguridad

Software Security in Software-Defined Networking: A Systematic Literature Review
- Software-defined networking (SDN) separates the control plane from the data plane and exposes the network through software applications and open APIs. The same programmability that drove its adoption...
Demystifying LLM Supply Chain Vulnerabilities in the Wild: Distribution, Root Cause, and Real-World Impact
- LLMs are rapidly transitioning from research prototypes to core components in production systems across industries such as finance and healthcare. These deployments rely on a growing ecosystem of...
Adaptive and Robust Watermark for Generative Tabular Data
- In recent years, watermarking generative tabular data has become a prominent framework to protect against the misuse of synthetic data. However, while most prior work in watermarking methods for...
Equivariant Quantum Clustering with Differential Privacy: Parameter-Efficient Privacy-Preserving Analysis Across Heterogeneous Sensitive Datasets
- Privacy-preserving clustering is critical for analyzing sensitive data in healthcare, cybersecurity, and enterprise applications, where maintaining data confidentiality must be balanced with...
Formal Mechanisms for Market Stability in Self-Interested Agent Societies: A Marketplace Simulation Study
- Self-interested agents, left unconstrained, tend toward defection in repeated social dilemmas, causing cooperative gains from trade to collapse. This paper investigates what formal mechanisms,...
EdgeRefine: Privacy-Utility Balance for Graphs via Jaccard Sampling under Edge Differential Privacy
- Graph Neural Networks (GNNs) have shown considerable success in learning from graph-structured data, but their use in privacy-sensitive areas remains difficult because graph structure can leak...
Token-Flow Firewall: Semantic Runtime Auditing for Persistent AI Agents
- Persistent AI agents extend large language models (LLMs) beyond single-turn interaction into long-lived software systems. Unlike traditional chat assistants, unsafe content in these agents can...
Secure QR Codes: Authenticity Verification via EdDSA Signatures and CBOR Certificates
- QR codes are a ubiquitous part of daily life, widely trusted by millions. However, their lack of inherent security features has given rise to critical attack vectors, such as spoofing (quishing) on...
Reverse Engineering Compliance: A Dual-Graph Verification Framework for Auditing Legacy IT Security Concepts
- The NIS-2 Directive increases the need for continuous, auditable compliance evidence and motivates a shift from document-based compliance toward machine-readable compliance artifacts. The Open...
From Legacy Documentation to OSCAL: An MCP-Based Agent Pipeline for Threat-Informed Continuous Compliance in Critical Infrastructure
- In critical infrastructure, operational technology environments often cannot be actively scanned, and yet active system feedback is needed for risk assessment and compliance. This paper presents a...
Multi-Agent Firewall Architecture for Privacy Protection of Sensitive Data in Interactions with Language Models
- While Large Language Models (LLMs) have become essential productivity tools, their integration into workflows without adequate safeguards creates significant risks. This paper proposes an...
AutoPersonas: A Multi-Timescale Loop Engine for Open-Ended Persona Evolution
- Long-term persona agents must remain identifiable while adapting to new events, relationships, evidence, and social conditions. We identify self-locking as a runtime failure mode in continuing...
Mini-Programs, Mega-Problems: Unveiling OAuth-based Authentication Misuses in Mini-Programs via Dynamic Analysis
- Mini-programs have become a dominant paradigm for lightweight application deployment within super apps such as WeChat. To support seamless integration, super apps provide OAuth mechanisms for user...
Threshold Authorization Without Threshold Signatures: Signature-Agnostic MPC Custody
- Digital-asset custody has been built on threshold multi-party approval: no operation proceeds unless $t$ of $n$ parties approve, and fewer than t compromised parties can neither authorize nor learn...
Benchmark Evaluation of Feredated Learning on Multi-organ Images
- The privacy requirements of medical data and its substantial variations across organs and modalities hinder the clinical implementation of medical AI. Federated learning (FL) is a feasible approach...
Out of Sight: Compression-Aware Content Protection against Agentic Crawlers
- The rise of LLM-based agents with reasoning, summarization, and memory capabilities has created a new threat surface for online content that conventional defenses fail to address. Existing defenses...
Unified Face Attack Detection via Fine-Grained Semantic Guidance
- The growing applications of facial recognition systems are accompanied by increasingly diverse security threats. Existing datasets lack detailed textual descriptions of forgery cues, leading most...
Prismata: Confining Cross-Site Prompt Injection in Web Agents
- Autonomous web agents promise to automate everyday browsing tasks, but inherit one of the web's oldest attack surfaces. Cross-Site Scripting proved that mixing trusted and untrusted content is...
Securing Autonomous Vehicle Systems via Twin-Aware Federated Reinforcement Learning
- Federated reinforcement learning (FRL) is crucial for enabling collaborative learning across multiple agents without sharing raw data, thereby enhancing privacy and scalability in the decision-making...
Geometry-Informed Maritime Anomaly Detection Using Probabilistic Roadmaps
- Maritime anomaly detection is essential for navigational safety and for the protection of critical underwater infrastructure. This paper proposes a geometry-informed supervised framework for...
Modular Pretraining Enables Access Control
- AI developers face a dual-use dilemma. An AI capability that helps one user cure a disease can help another synthesize one. This dilemma could be resolved with access control, limiting dual-use AI...