Research

This research examines how ISO/IEC 25059 (an international standard for evaluating AI system quality) can be applied in practice, using an AI system that analyzes images of oil platform decks as a test case. The study highlights that when checking if AI systems work correctly, teams need to carefully define what counts as acceptable performance, especially for safety-critical applications (systems where failures could cause serious harm), and they should choose test cases (examples used to verify the system works) that realistically represent how the system will be used in the real world.

This article discusses how AI (artificial intelligence) can improve the process of finding natural resources like minerals and energy sources that haven't been discovered yet. AI uses techniques such as machine learning (systems that improve through experience), computer vision (technology that helps machines understand images), and generative models (AI that can create new content) combined with remote sensing tools to make resource exploration faster, safer, and less damaging to the environment.

Modern companies increasingly depend on AI and emerging technologies, making nearly every business a technology company in some way. Business leaders need to understand how these technologies work at a basic level to successfully guide their companies through digital transformation (the shift to using digital tools and processes). Without this knowledge, executives cannot predict how AI and other technologies will affect their organizations.

Modern cloud applications use many small services (microservices) that are complex to manage, so service meshes help control and coordinate them. Event meshes improve on this by allowing services to communicate asynchronously (services don't wait for immediate responses) using events (messages triggered when something happens), which makes distributed systems (applications spread across multiple locations) more reliable and easier to observe and secure.

SDkA is a new privacy protection method that combines synthetic data (artificially generated data that mimics real data patterns) with k-anonymity (a technique that makes individuals unidentifiable by ensuring each person's data looks like at least k other people's data). The method uses a conditional generative adversarial network (a type of AI that learns to create realistic synthetic data) to improve data quality and quantity while keeping data useful, and adds selective generalization to k-anonymity to avoid over-hiding information.

This paper describes a new method for detecting AI-generated images (images created by GANs, which are machine learning models that generate synthetic images, or diffusion models, which gradually refine noise into images) by analyzing images in multiple frequency domains (different ways of breaking down an image into mathematical components) using attention mechanisms (techniques that help AI focus on important parts of data). The approach achieved better detection accuracy than previous methods when tested on images from 65 different generative models.

Website fingerprinting (WF) attacks are methods that monitor user traffic patterns to identify which websites they visit, threatening privacy even on protected networks. Existing defenses slow down these attacks but can be defeated when attackers retrain their models, and they also add significant slowness to network traffic. TrapFlow, a new defense technique, uses backdoor learning (injecting hidden trigger patterns into website traffic) to trick attackers' AI models into making wrong predictions, either by memorizing false patterns during training or by being confused at inference time (when making predictions on new data).

Website fingerprinting (WF) attacks are methods used to identify which websites a person visits even when they use Tor encryption (a privacy tool that hides browsing activity). Existing attacks work well when someone visits one website at a time, but struggle when multiple website tabs are open simultaneously. This research presents STMWF, a new attack that combines spatial-temporal sequence analysis (examining the order and timing of data packets sent between a user's computer and websites) with machine learning techniques to better identify websites even when multiple tabs are open, showing significant improvements over previous methods.

This research studies how small and medium-sized companies decide whether to build their own digital platform or join an existing one, using Resource Dependence Theory (a framework explaining how organizations manage their needed resources). The study found that companies worry more about becoming dependent on platforms than about lacking resources, and that data dependence (reliance on information controlled by platforms) is a new and important factor that traditional theories didn't account for.

This research examines why individuals do not widely adopt personal cyber insurance, which covers remaining risks that preventive security measures cannot stop. Using survey data from 301 U.S. residents and analyzing cognitive factors through fsQCA (fuzzy-set qualitative comparative analysis, a method that identifies different combinations of conditions leading to the same outcome), the study finds that different psychological and behavioral factors lead people to either adopt or reject cyber insurance in ways that differ from previous research.

AdvScan is a method for detecting adversarial examples (inputs slightly modified to trick AI models into making wrong predictions) on tiny machine learning models running on edge devices (small hardware like microcontrollers) without needing access to the model's internal details. The approach monitors power consumption patterns during the model's operation, since adversarial examples create unusual power signatures that differ from normal inputs, and uses statistical analysis to flag suspicious inputs in real-time with minimal performance overhead.

This research introduces PP-DR, a privacy-preserving dimensionality reduction (a technique that reduces the number of features in a dataset to make it easier to analyze) scheme that uses homomorphic encryption (a type of encryption that allows computations on encrypted data without decrypting it first) to let multiple organizations securely share and analyze data together without revealing sensitive information. The new method is much faster and more accurate than previous approaches, achieving 30 to 200 times better computational efficiency and 70% less communication overhead.

Researchers have developed a new backdoor attack method called shell code injection (SCI) that can implant malicious logic into deep learning models (neural networks trained on large datasets) without needing to poison the training data. The attack uses techniques inspired by nature, like camouflage, along with trigger verification and code packaging strategies to trick models into making wrong predictions, and it can adapt its attack targets dynamically using large language models (LLMs) to make it more flexible and harder to detect.

PROTheft is a model extraction attack (a method where attackers steal an AI model's functionality by observing its responses to many input queries) that works on real-world vision systems like autonomous vehicles by projecting digital attack samples onto a device's camera. The attack bridges the gap between digital attacks and physical-world scenarios by using a projector to convert digital inputs into physical images, and includes a simulation tool to predict how well attack samples will work when converted from digital to physical to digital formats.

Differentially private databases (DP-DBs, systems that add mathematical noise to data to protect individual privacy while allowing useful analysis) need auditing services to verify they actually protect privacy as promised, but current approaches don't handle database-specific challenges like varying query sensitivities well. This paper introduces DPAudit, a framework that audits DP-DBs by generating realistic test scenarios, estimating privacy loss parameters, and detecting improper noise injection through statistical testing, even when the database's inner workings are hidden.

Version 5.4.0 (released February 5, 2026) is an update to a security framework that documents new attack techniques targeting AI agents, including publishing poisoned AI agent tools (malicious versions of legitimate tools), escaping from AI systems to access the host computer, and exploiting vulnerabilities to steal credentials or evade security. The update also includes new real-world case studies showing how attackers have compromised AI agent control systems and used prompt injection (tricking an AI by hiding commands in its input) to establish control.

HiveTEE is a security architecture that divides applications running inside a TEE (Trusted Execution Environment, a secure zone on a processor that protects sensitive operations from the main operating system) into smaller isolated domains, so that if one part is compromised, the damage doesn't spread to the rest. It uses RME (Realm Management Extension, a hardware feature that creates isolated execution spaces) and MTE (Memory Tagging Extension, a feature that prevents certain memory attacks), and testing shows it adds minimal slowdown (less than 3%) to applications.

This research proposes AHEDB (Accelerated Homomorphically Encrypted DataBase), a system designed to speed up database queries on encrypted data using Fully Homomorphic Encryption, or FHE (a method that lets computers perform calculations on encrypted information without decrypting it first). The system uses Encrypted Multiple Maps to reduce computational strain and a Single Range Cover algorithm for indexing, achieving better performance than existing FHE-based approaches while maintaining security.

N/A -- This content is a navigation menu and feature listing for GitHub's v5.3.0 platform, not a description of an AI/LLM security issue, vulnerability, or problem requiring analysis.