Search Results (477)

Autonomous driving perception systems are vulnerable to physical adversarial attacks. Existing defenses largely adopt loosely coupled architectures where visual and kinematic cues are processed in isolation, thus failing to exploit physical spatiotemporal consistency as a structural prior and often struggling to balance adversarial robustness, transferability, accuracy, and efficiency under realistic attacks. We propose a physics-aware trajectory–appearance consistency defense that detects and corrects spatiotemporal inconsistencies by tightly coupling visual semantics with physical dynamics. The module combines a dual-stream spatiotemporal encoder with endogenous feature orchestration and a frequency-domain kinematic embedding, turning tracking artifacts that are usually discarded as noise into discriminative cues. These inconsistencies are quantified by a Trajectory–Appearance Mutual Exclusion (TAME) energy, which supports a physics-aware switching rule to override flawed visual predictions. Operating on detector backbone features, outputs, and tracking states, the defense can be attached as a plug-in module behind diverse object detectors. Experiments on nuScenes, KITTI, and BDD100K show that the proposed defense substantially improves robustness against diverse categories of attacks: on nuScenes, it improves Correction Accuracy (CA) from 86.5% to 92.1% while reducing the computational overhead from 42 ms to 19 ms. Furthermore, the proposed defense maintains over 71.0% CA when transferred to unseen detectors and sustaining 72.4% CA under adaptive attackers. Full article

This paper presents an experimental investigation of unsteady phenomena in shock wave/boundary-layer interaction on natural laminar flow airfoils at transonic speeds. Two airfoils of different relative thickness were studied over a Mach number range of M = 0.62–0.72 using high-speed schlieren visualization, unsteady pressure transducers, and Particle Image Velocimetry (PIV). Two distinct self-sustained periodical oscillation modes were identified. The first mode is a low-frequency oscillation analogous to classical turbulent buffet. The second modes are higher-frequency phenomena linked to oscillations of the laminar separation bubble. A key finding is a novel periodical oscillation regime, which accompanies the first/second mode, and represents laminar-turbulent transition point detaches from the normal shock wave, generating a new shock wave. The results show that the domiN/At mode and its characteristics depend strongly on the airfoil geometry, Mach number, and angle of attack, indicating a more complex transonic buffet behaviour in the presence of extensive laminar flow. Full article

Visual secret sharing (VSS) schemes can enhance the security of image transmission over networks. Conventional VSS schemes often generate meaningless shares, which can raise suspicion among potential attackers. To address this issue, this paper proposes a novel VSS scheme that integrates information hiding techniques with quick response (QR) codes to generate meaningful shares. The first $n-1$ shares are encoded as standard QR codes, while the n-th share is embedded into a grayscale carrier image using a reversible information hiding method, ensuring the carrier remains visually meaningful. During transmission, the $n-1$ QR codes and the hidden image are distributed. At the receiver end, the hidden n-th share is extracted losslessly from the carrier image using the $n-1$ QR codes, and the original secret image is perfectly reconstructed by bitwise XORing all n shares. Experimental results demonstrate the feasibility, security, and visual quality of the proposed scheme. Full article

Multi-branch deep neural networks like AASIST3 achieve state-of-the-art comparable performance in audio anti-spoofing, yet their internal decision dynamics remain opaque compared to traditional input-level saliency methods. While existing interpretability efforts largely focus on visualizing input artifacts, the way individual architectural branches cooperate or compete under different spoofing attacks is not well characterized. This paper develops a framework for interpreting AASIST3 at the component level. Intermediate activations from fourteen branches and global attention modules are modeled with covariance operators whose leading eigenvalues form low-dimensional spectral signatures. These signatures train a CatBoost meta-classifier to generate TreeSHAP-based branch attributions, which we convert into normalized contribution shares and confidence scores ($C_b$) to quantify the model’s operational strategy. By analyzing 13 spoofing attacks from the ASVspoof 2019 benchmark, we identify four operational archetypes—ranging from “Effective Specialization” (e.g., A09, Equal Error Rate (EER) 0.04%, $C=1.56$) to “Ineffective Consensus” (e.g., A08, EER 3.14%, $C=0.33$). Crucially, our analysis exposes a “Flawed Specialization” mode where the model places high confidence in an incorrect branch, leading to severe performance degradation for attacks A17 and A18 (EER 14.26% and 28.63%, respectively). These quantitative findings link internal architectural strategy directly to empirical reliability, highlighting specific structural dependencies that standard performance metrics overlook. Full article

Cross-site scripting (XSS) attacks are among the threats facing web security, resulting from the diversity and complexity of HTML formats. Research has shown that some text processing-based methods are limited in their ability to detect this type of attack. This article proposes an approach aimed at improving the detection of this type of attack, taking into account the limitations of certain techniques. It combines the effectiveness of deep learning represented by convolutional neural networks (CNN) and the accuracy of classification methods represented by support vector machines (SVM). It takes advantage of the ability of CNNs to effectively detect complex visual patterns in the face of injection variations and the SVM’s powerful classification capability, as XSS attacks often use obfuscation or encryption techniques that are difficult to be detected with textual methods alone. This work relies on a dataset that focuses specifically on XSS attacks, which is available on Kaggle and contains 13,686 sentences in script form, including benign and malicious cases associated with these attacks. Benign data represents 6313 cases, while malicious data represents 7373 cases. The model was trained on 80% of this data, while the remaining 20% was allocated for test. Computer vision techniques were used to analyze the visual patterns in the images and extract distinctive features, moving from a textual representation to a visual one where each character is converted into its ASCII encoding, then into grayscale pixels. In order to visually distinguish the characteristics of normal and malicious code strings and the differences in their visual representation, a CNN model was used in the analysis. The convolution and subsampling (pooling) layers extract significant patterns at different levels of abstraction, while the final output is converted into a feature vector that can be exploited by a classification algorithm such as an Optimized SVM. The experimental results showed excellent performance for the model, with an accuracy of (99.7%), and this model is capable of generalizing effectively without the risk of overfitting or loss of performance. This significantly enhances the security of web applications by providing robust protection against complex XSS threats. Full article

The inherent semantic symmetry and cross-modal alignment between textual prompts and generated images have fueled the success of text-to-image (T2I) generation. However, this strong correlation also introduces security vulnerabilities, specifically prompt stealing attacks, where valuable prompts are reverse-engineered from images. In this paper, we address the challenge of information asymmetry in black-box attack scenarios and propose PromptTrace, a fine-grained prompt stealing framework via Contrastive Language-Image Pre-training (CLIP)-guidedbeam search. Unlike existing methods that rely on single-stage generation, PromptTrace structurally decomposes prompt reconstruction into subject generation, modifier extraction, and iterative search optimization to effectively restore the visual–textual correspondence. By leveraging a CLIP-guided beam search strategy, our method progressively optimizes candidate prompts based on image–text similarity feedback, ensuring the stolen prompt achieves high fidelity in both semantic intent and stylistic representation. Extensive evaluations across multiple datasets and T2I models demonstrate that PromptTrace outperforms existing methods, highlighting the feasibility of exploiting cross-modal symmetry for attacks and underscoring the urgent need for defense mechanisms in the T2I ecosystem. Full article

Text-to-image (T2I) generation, a core component of generative artificial intelligence(AI), is increasingly important for creative industries and human–computer interaction. Despite impressive progress in realism and diversity, diffusion models still exhibit critical security blind spots particularly in the Transformer key-value mapping mechanism that underpins cross-modal alignment. Existing backdoor attacks often rely on large-scale data poisoning or extensive fine-tuning, leading to low efficiency and limited stealth. To address these challenges, we propose two efficient backdoor attack methods AttnBackdoor and SemBackdoor grounded in the Transformer’s key-value storage principle. AttnBackdoor injects precise mappings between trigger prompts and target instances by fine-tuning the key-value projection matrices in U-Net cross-attention layers (≈5% of parameters). SemBackdoor establishes semantic-level mappings by editing the text encoder’s MLP projection matrix (≈0.3% of parameters). Both approaches achieve high attack success rates (>90%), with SemBackdoor reaching 98.6% and AttnBackdoor 97.2%. They also reduce parameter updates and training time by 1–2 orders of magnitude compared to prior work while preserving benign generation quality. Our findings reveal dual vulnerabilities at visual and semantic levels and provide a foundation for developing next generation defenses for secure generative AI. Full article

Phishing attacks continue to evolve and exploit fundamental human impulses, such as trust and the need for a rapid response, as well as emotional triggers. This makes the human mind both a valuable asset and a significant vulnerability. The proliferation of zero-day vulnerabilities has been identified as a significant exacerbating factor in this threat landscape. To address these evolving challenges, we introduce CrossPhire: a multimodal deep learning framework with an end-to-end architecture that captures semantic and visual cues from multiple data modalities, while also providing methodological insights for anti-phishing multimodal learning. First, we demonstrate that markup-free semantic text encoding captures linguistic deception patterns more effectively than DOM-based approaches, achieving 96–97% accuracy using textual content alone and providing the strongest single-modality signal through sentence transformers applied to HTML text stripped of structural markup. Second, through controlled comparison of fusion strategies, we show that simple concatenation outperforms a sophisticated gating mechanism so-called Mixture-of-Experts by 0.5–10% when modalities provide complementary, non-redundant security evidence. We validate these insights through rigorous experimentation on five datasets, achieving competitive same-dataset performance (97.96–100%) while demonstrating promising cross-dataset generalization (85–96% accuracy under distribution shift). Additionally, we contribute Phish360, a rigorously curated multimodal benchmark with 10,748 samples addressing quality issues in existing datasets (96.63% unique phishing HTML vs. 16–61% in prior benchmarks), and provide LIME-based explainability tools that decompose predictions into modality-specific contributions. The rapid inference time (0.08 s) and high accuracy results position CrossPhire as a promising solution in the fight against phishing attacks. Full article

Data exfiltration poses a major cybersecurity challenge because it involves the unauthorized transfer of sensitive information. Intrusion Detection Systems (IDSs) are vital security controls in identifying such attacks; however, their effectiveness in cloud computing environments remains limited, particularly against covert channels such as Internet Control Message Protocol (ICMP) and Domain Name System (DNS) tunneling. This study compares two widely used IDSs, Snort and Suricata, in a controlled cloud computing environment. The assessment focuses on their ability to detect data exfiltration techniques implemented via ICMP and DNS tunneling, using DNSCat2 and Iodine. We evaluate detection performance using standard classification metrics, including Recall, Precision, Accuracy, and F1-Score. Our experiments were conducted on Amazon Web Services (AWS) Elastic Compute Cloud (EC2) instances, where IDS instances monitored simulated exfiltration traffic generated by DNSCat2, Iodine, and Metasploit. Network traffic was mirrored via AWS Virtual Private Cloud (VPC) Traffic Mirroring, with the ELK Stack integrated for centralized logging and visual analysis. The findings indicate that Suricata outperformed Snort in detecting DNS-based exfiltration, underscoring the advantages of multi-threaded architectures for managing high-volume cloud traffic. For DNS tunneling, Suricata achieved 100% detection (recall) for both DNSCat2 and Iodine, whereas Snort achieved 85.7% and 66.7%, respectively. Neither IDS detected ICMP tunneling using Metasploit, with both recording 0% recall. It is worth noting that both IDSs failed to detect ICMP tunneling under default configurations, highlighting the limitations of signature-based detection in isolation. These results emphasize the need to combine signature-based and behavior-based analytics, supported by centralized logging frameworks, to strengthen cloud-based intrusion detection and enhance forensic visibility. Full article

With the rapid advancements in technology, there has been a noticeable increase in phishing attacks that exploit users by impersonating trusted entities. The primary attack vectors include fraudulent websites and carefully crafted emails. Early detection of such threats enables the more effective blocking of malicious sites and timely user warnings. One of the key elements in phishing detection is identifying the entity being impersonated. In this article, we conduct a comparative analysis of methods for detecting phishing websites that rely on website screenshots and recognizing their impersonation targets. The two main research objectives include binary phishing detection to identify malicious intent and multiclass classification of impersonated targets to enable specific incident response and brand protection. Three approaches are compared: two state-of-the-art methods, Phishpedia and VisualPhishNet, and a third, proposed in this work, which uses perceptual hash similarity as a baseline. To ensure consistent evaluation conditions, a dedicated framework was developed for the study and shared with the community via GitHub. The obtained results indicate that Phishpedia and the Baseline method were the most effective in terms of detection performance, outperforming VisualPhishNet. Specifically, the proposed Baseline method achieved an F1 score of 0.95 on the Phishpedia dataset for binary classification, while Phishpedia maintained a high Identification Rate (>0.9) across all tested datasets. In contrast, VisualPhishNet struggled with dataset variability, achieving an F1 score of only 0.17 on the same benchmark. Moreover, as our proposed Baseline method demonstrated superior stability and binary classification performance, it should be considered as a robust candidate for preliminary filtering in hybrid systems. Full article

Multimodal Large Language Models (MLLMs) have demonstrated remarkable capabilities across vision–language tasks, yet their safety alignment remains vulnerable to adversarial manipulation. Existing jailbreak attacks typically optimize adversarial perturbations using negative log-likelihood loss alone, which often leads to overfitting on target affirmative tokens and fails to elicit substantive harmful content. We propose Attention-Enhancement and Targeted Entropy Regularization for Adversarial Optimization (AERO), a novel jailbreak framework addressing these limitations through two complementary mechanisms. First, an attention enhancement loss strategically redirects cross-modal attention toward perturbed visual tokens, distracting safety-aligned features from scrutinizing malicious queries. Second, a targeted entropy regularization scheme maximizes output diversity over non-refusal tokens during initial generation, creating a permissive context that improves cross-query generalization and enables responses that genuinely address malicious requests. Extensive experiments on multiple state-of-the-art MLLMs demonstrate that AERO significantly outperforms existing methods, achieving Attack Success Rates (ASRs) of 65.8–70.7% on MM-SafetyBench and 71.0–84.5% on HarmBench. Our approach surpasses the strongest baselines by margins of up to 16.2% in success rate while consistently generating higher-quality harmful content. Full article

Cache-based side-channel attacks, specifically Flush+Reload and Prime+Probe, pose a critical threat to the confidentiality of AES-encrypted systems, particularly in shared resource environments such as Smart Agriculture IoT. While deep learning has shown promise in detecting these attacks, existing approaches based on Convolutional Neural Networks struggle with robustness when distinguishing between multiple attack vectors. In this paper, we propose a Transformer-based detection framework that leverages self-attention mechanisms to capture global temporal dependencies in cache timing traces. To overcome data scarcity issues, we constructed a comprehensive and balanced dataset comprising 10,000 timing traces. Experimental results demonstrate that while the baseline CNN model suffers a significant performance drop to 66.73% in mixed attack scenarios, our proposed Transformer model maintains a high classification accuracy of 94.00%. This performance gap represents a 27.27% absolute improvement, proving the proposed method effectively distinguishes between different attack types and benign system noise. We further integrate these findings into a visualization interface to facilitate real-time security monitoring. Full article

Quantum watermarking is a technique that embeds specific information into a quantum carrier for the purpose of digital copyright protection. In this paper, we propose a novel color image watermarking algorithm that integrates quantum discrete wavelet transform with Sinusoidal–Tent mapping and baker mapping. Initially, chaotic sequences are generated using Sinusoidal–Tent mapping to determine the channels suitable for watermark embedding. Subsequently, a one-level quantum Haar wavelet transform is applied to the selected channel to decompose the image. The watermarked image is then scrambled via discrete baker mapping, and the scrambled image is embedded into the High-High subbands. The invisibility of the watermark is evaluated by calculating the peak signal-to-noise ratio, Structural similarity index measure, and Learned Perceptual Image Patch Similarity, with comparisons made against the color histogram. The robustness of the proposed algorithm is assessed through the calculation of Normalized Cross-Correlation. In the simulation results, PSNR is close to 63, SSIM is close to 1, LPIPS is close to 0.001, and NCC is close to 0.97. This indicates that the proposed watermarking algorithm exhibits excellent visual quality and a robust capability to withstand various attacks. Additionally, through ablation study, the contribution of each technique to overall performance was systematically evaluated. Full article

A mycological assessment evaluates the technical condition of a building by identifying damage from biological corrosion, which is particularly susceptible to fungal growth and insect attack. Such assessments are crucial for brick and wooden monuments. Accurate mycological assessments provide essential documentation for builders, designers, and cost estimators, indicating both locations of damage and the risks associated with weakened structures. The proper selection of testing locations during tender documentation preparation for historic buildings is critical, as it significantly impacts renovation and modernization costs. This article reviews building defects and testing protocols used in mycological expert opinions for buildings constructed between 1899 and 1900. It lists additional tests necessary during modernization and details costs resulting from incorrect assessments. The findings offer valuable guidance for specialists evaluating mycological hazards. The research revealed that 48% of structural elements in the examined buildings were incorrectly assessed solely through visual inspection, with the majority of errors occurring in lintels and cornices. Repairing these elements proved to be significantly more costly than the initial testing, with lintel repair exceeding excavation costs by over 60 times and cornice repairs by more than 130 times. Full article

Research on deep neural network (DNN)-based multi-dimensional data visualization has thoroughly explored cross-modal hash retrieval (CMHR) systems, yet their vulnerability to malicious adversarial examples remains evident. Recent work improves the robustness of CMHR networks by augmenting training datasets with adversarial examples. Prior approaches typically formulate the generation of cross-modal adversarial examples as an optimization problem solved through iterative methods. Although effective, such techniques often suffer from slow generation speed, limiting research efficiency. To address this, we propose a generative-based method that enables rapid synthesis of adversarial examples via a carefully designed adversarial generator network. Specifically, we introduce Cross-Gen, a parallel cross-modal framework that constructs semantic triplet data by interacting with the target model through query-based feedback. The generator is optimized using a tailored objective comprising adversarial loss, reconstruction loss, and quantization loss. The experimental results show that Cross-Gen generates adversarial examples significantly faster than iterative methods while achieving competitive attack performance. Full article