Research

This academic paper describes a case study using threat modeling (identifying potential attacks on a system) combined with penetration testing (simulating attacks to find weaknesses) to improve the design and testing of industrial control systems, specifically focusing on a microgrid (a small-scale electrical grid that can operate independently). The research bridges the gap between how these critical infrastructure systems are designed and how they are tested for security vulnerabilities.

FABRICS is a framework that uses Bayesian methods (statistical techniques for updating beliefs based on new evidence) to help organizations calculate financial costs of cyber risks in a more systematic way. The framework appears designed to quantify how much money a company might lose from security incidents, though the abstract provided does not detail specific implementation steps or findings.

This research paper presents methods for detecting and identifying hardware Trojans (malicious circuits intentionally hidden in FPGA designs, which are reconfigurable computer chips) in network descriptions of chip layouts. The work focuses on making these detection methods explainable, meaning users can understand why the system flagged a particular area as suspicious rather than just getting a yes/no answer.

Researchers examined the security risks in Android Automotive OS by using firmware reverse engineering (a technique to analyze compiled software by converting it back into human-readable form) to study the software supply chain (all the components and vendors involved in building the final software). The study, published in August 2026, assessed vulnerabilities in how Android Automotive OS software is developed and distributed, particularly focusing on potential weaknesses introduced through third-party components and dependencies.

This academic paper examines how inadequate monitoring systems can create conditions where the fit between tasks and technology (how well a tool matches what users need to do) becomes exploited for illegal purposes like dark-web money laundering. The research suggests that when oversight mechanisms fail, organizations may unknowingly enable their systems to be used for criminal activities.

This is a survey paper that reviews existing datasets used to study software vulnerabilities (security weaknesses in code), examines the challenges researchers face when using these datasets, and discusses future research directions in the field. The paper was published in August 2026 in the journal Computers & Security and provides an overview of available resources for software security research rather than addressing a specific security issue.

This academic paper proposes STAC-IoT, a security framework designed to control who can access what in IoT-edge computing systems (networks of small internet-connected devices that process data locally rather than sending everything to a central server). The framework uses task-based access control, meaning it grants permissions based on specific jobs or functions rather than just user roles, to protect data and operations in these distributed systems.

This academic paper, published in September 2026, presents a collaborative audit scheme designed to verify that IoT (internet of things, or connected devices like sensors and smart home devices) data remains accurate and unaltered as it moves through fog computing (processing that happens on devices or local servers rather than in distant data centers). The scheme appears to address security concerns around data integrity in distributed computing environments where multiple parties need to verify information together.

This academic paper from September 2026 examines how valuable leaked data from online social networks can be to attackers and malicious actors. The research, published in Computers & Security, analyzes the characteristics and potential uses of personal information that gets exposed when social media platforms experience breaches or data leaks.

This academic paper describes a system that combines fog computing (processing data closer to where it's generated rather than in distant cloud servers) with data integrity auditing (checking that stored files haven't been corrupted or tampered with) and deduplication (removing duplicate copies of the same data to save storage space) for cloud storage. The research proposes a scheme that performs these three functions together to improve security and efficiency when storing data in the cloud.

This is an academic survey article that catalogs 120 domain-specific languages (DSLs, which are specialized programming languages designed for particular problem areas) related to security. The article appears to be a comprehensive review published in a major computer science journal, covering the landscape of security-focused languages rather than describing a specific vulnerability or problem.

This research paper presents a method for detecting living-off-the-land reverse shells (attacks where hackers use built-in system tools already present on a computer to create a backdoor connection back to their own machine) at a large scale by using data synthesis (artificially creating training examples rather than collecting real attack data). The approach aims to improve security detection systems' ability to identify these sneaky attacks that are hard to catch because they blend in with normal system activity.

LLM-based agents now use MCP tools (model context protocol tools, standardized connectors that let AI agents interact with external programs and services) to access external resources, but this creates a security vulnerability called tool poisoning attacks, where malicious MCP tools can trick these agents into behaving in harmful ways. Researchers developed AutoMalTool, an automated red teaming framework (a security testing approach where researchers simulate attacks to find weaknesses) that generates malicious MCP tools to expose these vulnerabilities in mainstream LLM-based agents.

This academic paper examines privacy risks in vertical federated learning (a machine learning approach where different organizations each hold different features of the same data and train a model together) when facing agnostic inference attacks (attacks where the attacker doesn't know the model's structure in advance). The paper analyzes how attackers could potentially infer private information from the shared computations in this system.

Model Inversion Attacks (MIAs, where attackers recover private training data by accessing a model's weights or outputs) pose serious privacy risks, and existing defenses don't protect well against attackers with different levels of knowledge. The paper proposes DAAS (Defense via Auto-Augmentation Search), which automatically finds the best combinations of data augmentation (transformations like cropping applied to images) that balance privacy protection and model usefulness better than current methods.

N/A -- This content is a navigation menu and product listing from GitHub's website (v5.6.1), not a security issue, vulnerability report, or technical problem. It describes GitHub's features like Copilot (an AI coding assistant), Actions (workflow automation), and security tools, but contains no substantive technical content to analyze.

This research examines why mobile payment apps (MPAs, digital tools for financial transactions) are used differently across countries by analyzing over 34,000 user reviews. Using neural networks (computer systems inspired by how brains work) and natural language processing (NLP, techniques that help computers understand human language), the study found that cultural values significantly affect how features like security, ease of use, and low fees influence whether people adopt these apps. In traditional value-oriented cultures, security features matter less for adoption, while in survival-value-oriented cultures, both security and design quality become more important for encouraging use.

This research addresses a security problem where images shared on social networks undergo JPEG recompression (a lossy process that reduces file size by discarding some image data), which can destroy hidden messages sent using steganography (hiding secret information inside images). The researchers propose a new method called Robustness-Minimizing Modification (RMM) that identifies which images will survive JPEG recompression with hidden messages intact, allowing non-robust steganographic methods to work reliably on social networks.

Federated learning (a method where multiple computers train an AI model together without sharing their raw data) is vulnerable to poisoning attacks, where malicious participants sabotage the shared model. This paper proposes SpecShield, a defense that proactively tests each participant's model using carefully crafted perturbations (small, intentional changes) and analyzes their responses using frequency-domain analysis (a mathematical technique that examines patterns at different scales) to distinguish malicious clients from honest ones.