Browse All

This academic paper discusses SNARKs (succinct non-interactive arguments of knowledge, a type of cryptographic proof that lets someone prove they know something without revealing it), specifically for handling stateful computations on authenticated data. The research appears to focus on theoretical cryptographic methods for proving facts about data that changes over time while maintaining security properties.

This survey paper reviews deep learning techniques for video inpainting (filling in missing or removed parts of videos) and methods to detect when videos have been inpainted. The research covers both how AI systems can reconstruct videos and how to identify when such reconstruction has occurred, addressing concerns about manipulated video content.

Researchers have developed a new method for encrypting color images (converting them into unreadable form to protect privacy) using 3D hyperchaos (a mathematical system with complex, unpredictable behavior). The method works by dividing images into blocks and applying this chaotic encryption technique to scramble the color data in a way that is difficult for unauthorized users to reverse or break.

Researchers have developed a new image encryption method that combines quantum computing concepts with a memristive Hopfield neural network (a type of artificial neural network that uses memristors, which are electronic components that change resistance based on previous electrical signals). This approach aims to create a more secure way to protect images by encrypting them, potentially offering stronger protection than traditional encryption methods.

This research paper proposes a lightweight system for sharing data across distributed networks (networks spread across multiple computers) in vehicle networks while protecting user privacy through dual anonymity (hiding identity in two ways). The system is designed to balance the need to trace accidents for accountability with the need to keep drivers' identities confidential.

This research paper describes a defensive framework for cloud-native network slicing (dividing a network into isolated virtual segments) that uses multi-agent deep reinforcement learning (a type of AI where multiple learning agents work together to make decisions) to protect against security threats. The framework takes a proactive approach by continuously changing the network configuration to make it harder for attackers to find vulnerabilities, similar to a moving target that's difficult to hit.

RootAsRole is a security module designed for Linux systems that manages administrative privileges (the special access needed to control a system) more carefully than traditional methods. Rather than explaining a vulnerability or problem, this research paper presents a tool that improves how Linux handles who gets permission to perform sensitive administrative tasks.

This academic case study examines how a large financial organization actually practices cyber-threat intelligence (CTI, which is the process of gathering and analyzing information about potential security threats). The research takes a socio-technical approach, meaning it looks at both the technical security tools and the human and organizational factors that affect how well those tools work. The study provides insights into real-world security practices at a mature organization rather than theoretical recommendations.

This study examines how different messaging strategies can encourage university users to change their passwords more frequently in information systems. The research uses a large-scale field experiment to test whether persuasive messaging (communication designed to influence behavior) is effective at improving password-change behavior, which is important for security because regularly changing passwords reduces the risk of account compromise.

This research paper examines why employees follow information systems security policies at work, focusing on how their motivational profiles (what drives them to act) and personality traits affect their willingness to comply. The study suggests that understanding these psychological factors is important for organizations trying to improve security behavior among their staff.

This research paper examines how internet censorship works at the network level in Iraq by studying DNS filtering (blocking websites by intercepting the system that translates website names into IP addresses) and IP-based filtering (blocking specific server addresses) across residential internet service providers. The study measures and analyzes the technical methods that ISPs use to restrict access to certain online content.

This is a systematic literature review, which is a research method that carefully examines and summarizes all existing studies on a topic, that looks at frameworks for managing information security risk, which is the process of identifying and reducing potential harm to computer systems and data. The authors used mixed-methods, meaning they combined both numerical data analysis and detailed case studies, to understand how organizations can better protect their information by planning for security problems.

This academic paper describes a case study using threat modeling (identifying potential attacks on a system) combined with penetration testing (simulating attacks to find weaknesses) to improve the design and testing of industrial control systems, specifically focusing on a microgrid (a small-scale electrical grid that can operate independently). The research bridges the gap between how these critical infrastructure systems are designed and how they are tested for security vulnerabilities.

FABRICS is a framework that uses Bayesian methods (statistical techniques for updating beliefs based on new evidence) to help organizations calculate financial costs of cyber risks in a more systematic way. The framework appears designed to quantify how much money a company might lose from security incidents, though the abstract provided does not detail specific implementation steps or findings.

This research paper presents methods for detecting and identifying hardware Trojans (malicious circuits intentionally hidden in FPGA designs, which are reconfigurable computer chips) in network descriptions of chip layouts. The work focuses on making these detection methods explainable, meaning users can understand why the system flagged a particular area as suspicious rather than just getting a yes/no answer.

Researchers examined the security risks in Android Automotive OS by using firmware reverse engineering (a technique to analyze compiled software by converting it back into human-readable form) to study the software supply chain (all the components and vendors involved in building the final software). The study, published in August 2026, assessed vulnerabilities in how Android Automotive OS software is developed and distributed, particularly focusing on potential weaknesses introduced through third-party components and dependencies.

This academic paper examines how inadequate monitoring systems can create conditions where the fit between tasks and technology (how well a tool matches what users need to do) becomes exploited for illegal purposes like dark-web money laundering. The research suggests that when oversight mechanisms fail, organizations may unknowingly enable their systems to be used for criminal activities.

This is a survey paper that reviews existing datasets used to study software vulnerabilities (security weaknesses in code), examines the challenges researchers face when using these datasets, and discusses future research directions in the field. The paper was published in August 2026 in the journal Computers & Security and provides an overview of available resources for software security research rather than addressing a specific security issue.

This academic paper proposes STAC-IoT, a security framework designed to control who can access what in IoT-edge computing systems (networks of small internet-connected devices that process data locally rather than sending everything to a central server). The framework uses task-based access control, meaning it grants permissions based on specific jobs or functions rather than just user roles, to protect data and operations in these distributed systems.