The ISC International Journal of Information Security

Abstract The emergence of quantum computing threatens the security of traditional
cryptographic primitives underpinning anonymous communication protocols
like mix networks (mixnets), necessitating quantum-resistant alternatives. This
paper introduces QuMixnet, a mixnet protocol designed to withstand quantum
attacks while ensuring robust anonymity and privacy. QuMixnet employs
post-quantum cryptographic primitives, utilizing CRYSTALS-Dilithium for
digital signatures to guarantee authenticity and CRYSTALS-Kyber for key
encapsulation to secure message encryption with symmetric ciphers (e.g.,
AES-GCM). Operating on a peer-to-peer (P2P) architecture, every node can
serve as a sender, receiver, or mix node, enhancing anonymity by obscuring
participant roles. Sender-determined routing ensures that only the sender knows
the full message path, with onion routing layered encryption across nodes. To
counter traffic analysis, QuMixnet implements message padding to a fixed size,
dummy messages for traffic covering, and batch processing with shuffling. A
security model, evaluated through formal security games, confirms resilience
of QuMixnet against adversaries with quantum capabilities, achieving strong
sender and receiver anonymity, communication anonymity, confidentiality, and
integrity. QuMixnet advances anonymous communication by offering a scalable,
quantum-safe solution that fortifies privacy against evolving threats.

Abstract Oblivious Transfer (OT) is one of the fundamental building blocks in cryptography that enables various privacy-preserving applications. Constructing efficient OT schemes has been an active research area. This paper presents three efficient two-round pairing-free k-out-of-n oblivious transfer protocols with standard security. Our constructions follow the minimal communication pattern: the receiver sends k messages to the sender, who responds with n+k messages, achieving the lowest data transmission among pairing-free k-out-of-n OT schemes. Furthermore, our protocols support adaptivity and enable the sender to encrypt the n messages offline, independent of the receiver’s variables, offering significant performance advantages in one-sender-multiple-receiver scenarios. We provide security proofs under the Computational Diffie-Hellman (CDH) and RSA assumptions, without relying on the Random Oracle Model. Our protocols combine minimal communication rounds, adaptivity, offline encryption capability, and provable security, making them well-suited for privacy-preserving applications requiring efficient oblivious transfer. 

Abstract In 2023, Zhang et al. introduced the lightweight block cipher family GFRX-b/k, offering various versions with different block (b) and key (k) lengths. Due to the similarity of the GFRX’s round function to that of the SIMON, the designers referenced the cryptanalysis conducted on the SIMON-32 and claimed that the GFRX-64/128, with higher than 19 and 13 rounds, is resistant to differential and linear cryptanalysis, respectively. In this paper, we examine the differential and linear cryptanalysis of GFRX-64/96 and GFRX-64/128. We first introduce baseline neural distinguishers for up to 7 rounds of the GFRX-64/96. Subsequently, we extend a 6-round neural distinguisher by adding 2 rounds to perform a key recovery attack, achieving an 8-round key rank analysis through a deep learning-based approach. Furthermore, we conduct an automated cryptanalysis of GFRX-64 using a SAT/SMT-based framework, identifying an 11-round differential distinguisher with a probability of 2−62, a 15-round linear distinguisher with a correlation of 2−30, and a 17-round linear hull with a correlation of 2−31.61. These results indicate that reducing the differential and linear cryptanalysis of the GFRX block cipher to the differential and linear cryptanalysis of the SIMON block cipher cannot yield accurate results or bounds. To the best of our knowledge, this work represents the first third-party cryptanalysis of the GFRX block cipher, offering new insights into its security. 

Abstract Selecting optimal cybersecurity countermeasures requires integration with mission-critical objectives beyond technical risk minimization. This paper presents a mission-centric framework for countermeasure selection in cybersecurity situation awareness systems by extending the RiskMAP methodology with agent-based and discrete-event simulation. The framework employs a multi-criteria decision-making approach based on the Confidentiality, Integrity, and Availability (CIA) triad, weighing mission objectives and mapping vulnerabilities and threats using MITRE ATT&CK and D3FEND taxonomies. Candidate countermeasures are evaluated considering risk reduction, implementation cost, operational impact, and mission alignment. We demonstrate the approach through a case study on a critical infrastructure organization’s network modeled in AnyLogic. Results show improved alignment between security posture and organizational priorities while maintaining effective risk reduction, outperforming traditional methods. This framework enables quantitative visualization and optimization of security investments relative to mission continuity. All simulation models, data, and scripts are openly available to support reproducibility.

Abstract As deep learning models are increasingly deployed in critical sectors such as healthcare, finance, and security, ensuring their protection against emerging threats has become crucial. Among these threats, side-channel attacks (SCAs) represent a particular challenge since they can extract sensitive information such as model architectures, parameters, and even user inputs without requiring direct access to the model. By leveraging the physical and micro-architectural properties of the hardware, attackers can compromise systems. This survey begins by classifying leakage sources and attacker objectives, then analyzes representative studies that demonstrate practical side-channel exploits against deep-learning hardware. It also reviews existing defenses aimed at mitigating these vulnerabilities and concludes by outlining key open research challenges and potential future directions.

Abstract Backdoor attacks pose a significant threat to deep learning systems by injecting hidden malicious behavior to the model while preserving high accuracy on clean data. Such attacks are particularly dangerous in scenarios where users rely on pre-trained models or outsource training to untrusted parties. In this work, we propose a practical defense strategy that assumes no knowledge of the backdoor trigger or the training process, relying on a small trusted clean dataset. Our method introduces a two-stage pipeline: First, we aggregate predictions from multiple potentially compromised models to train an intermediate Teacher-Aggregation (TA) model; then, we distill this knowledge into a compact light-weight student model. This multi-stage approach effectively alleviates backdoor effects while preserving clean accuracy. Experimental results on MNIST and CIFAR-10 demonstrate that our method significantly reduces the Attack Success Rate (ASR)—to approximately 0.1% on MNIST and 2.6% on CIFAR-10—outperforming baseline ensemble defenses. Furthermore, our lightweight student model is suitable for edge deployment, providing a generic and scalable defense that remains robust under minimal assumptions, making it well-suited for real-world applications in adversarial environments. Our code is available at: https://github.com/mr-pylin/backdoor-toolbox

Abstract Multi-Server Authentication and Key Agreement (MAKA) protocols in 5G networks play a pivotal role in securing communications due to their widespread applications in domains such as drones, cellular networks, and secure communications. We propose a novel and efficient protocol for multi-server authentication and key agreement in 5G networks, based on Elliptic Curve Cryptography (ECC). The proposed protocol is secure against attacks such as user and server impersonation, password guessing, insider attacks, tracking, session key disclosure, replay, denial-of-service, and man-in-the-middle attacks. Additionally, distinctive features such as user anonymity, avoidance of bilinear pairing, key confirmation, perfect forward secrecy, and the ability to perform authentication without an online registration server make the proposed scheme more efficient and secure, compared to previous schemes. Formal analysis using Proverif cryptographic protocol verifier, confirms the protocol’s confidentiality and authentication properties, while its computational and communication efficiency demonstrates relative superiority over comparable schemes. 

Abstract In the quantum computing era, classical encryption faces unprecedented vulnerabilities, while Quantum Key Distribution (QKD) alone remains insufficient for top-secret data transmission due to practical hardware flaws. In this paper, a novel dual-layered framework that integrates steganography with QKD is proposed to enhance security and concealment. The proposed protocol embeds encrypted messages within QKD keys during post-processing, leveraging existing infrastructure without requiring hardware modifications. The message is first compressed, encoded, and encrypted using a pre-shared QKD key via one-time-pad encryption. A block-based search mechanism then hides message bits within the sifted key while preserving statistical randomness. Crucially, this approach provides two-layer security: information-theoretic encryption via QKD and undetectable message existence. Evaluations confirm ultra-low failure probabilities of embedding (below 10−12 for 1000-bit messages) and minimal deviations in sifted key length (under 1% for typical blocks). The solution enables eavesdropper detection, maintaining full compatibility with standard QKD post-processing. By unifying steganographic stealth with QKD’s theoretical security, this work establishes a practical solution for transmitting top-secret data against evolving quantum threats.

Abstract The evolution of fifth-generation cellular networks (5G) brings unprecedented improvements in speed, latency, and scalability, but also introduces significant new security challenges. While earlier studies have primarily focused on performance benchmarking or examined isolated vulnerabilities, there remains a lack of comprehensive, reproducible security evaluations of 5G core networks. This paper presents a scenario-based simulation study of three distinct denial-of-service (DoS) attacks targeting critical components of the 5G control plane. Using open-source tools such as Open5GS and UERANSIM, we demonstrate: (1) large-scale registration flooding that overloads both the next-generation NodeB (gNB) and the Access and Mobility Management Function (AMF); (2) AMF resource exhaustion through massive NGSetupRequest messages; and (3) tampering with a security-related parameter in the User Equipment (UE) registration process to disrupt authentication. The evaluation quantifies the impacts of Central Processing Unit (CPU) and Random Access Memory (RAM) under these attacks, showing that even commodity hardware testbeds can reveal critical vulnerabilities. Moreover, analysis of the logs collected during the attacks confirms the successful execution of each attack scenario. The findings highlight how scenario-based simulations effectively explore various 5G attack surfaces and underscore the necessity for targeted defense mechanisms to enhance the resilience of next-generation mobile networks.

Abstract The rapid advancement of quantum computing poses a direct threat to classical public-key cryptographic systems at the core of Internet security protocols. Post-quantum cryptography (PQC) has therefore become central to ongoing standardisation and early deployment efforts. This paper presents a comparative analysis of PQC integration into TLS, SSH, and IPsec, examining cross-cutting challenges, protocol-specific trade-offs, and deployment considerations. Our findings show that PQC adoption introduces markedly uneven overheads across protocols: handshake latency may increase by up to 600% in TLS, by 29% in SSH, and by up to 300% in IPsec, while memory requirements in hybrid configurations can exceed 300 KB in resource-constrained environments. We further demonstrate that message fragmentation, certificate chain expansion, and cumulative rekeying costs emerge as protocol-dependent bottlenecks, underscoring that migration strategies must be tailored to the architecture and operational context of each protocol. Beyond performance, we identify interoperability gaps, downgrade vulnerabilities, and side-channel risks as critical obstacles to secure deployment. By combining empirical performance evidence with a structured review of challenges and deployment strategies, our study provides actionable insights for practitioners, informs ongoing standards development, and highlights research priorities essential to building a resilient, quantum-resistant Internet infrastructure. 

Abstract Deterministic Random Bit Generators (DRBGs) are essential for cryptographic security but remain vulnerable to covert kleptographic attacks that implant backdoors to leak sensitive information. Despite being known for two decades, as demonstrated by incidents such as the Snowden revelations and Dual-EC, these attacks persist in modern protocols, including TLS and post-quantum systems. This paper introduces a novel kleptographic backdoor for hash-based DRBGs, utilising a dual-phase design: secret information is split across two complementary phases, each requiring the other for recovery. This design significantly increases the overall complexity compared with conventional methods. To enhance indistinguishability, we integrate randomness derived from the discrete logarithm problem, ensuring statistical conformity. By leveraging ElGamal encryption to ensure compatibility with our approach, we develop a highly covert backdoor. Rigorous validation via the NIST Statistical Test Suite (STS) and neural network-based anomaly detection confirms the backdoor passes all NIST tests while evading machine learning detection, maintaining statistical integrity and structural consistency. 

Abstract The extensive use of malware targeting Windows systems, particularly through Portable Executable (PE) files, has prompted significant research into malware detection. Although many approaches have been proposed, the increasing complexity and evasiveness of modern malware continue to present substantial challenges, underscoring the need for further advancements in detection strategies. This paper introduces a static malware detection framework based on deep learning and a set of carefully engineered binary features extracted directly from raw PE files. In contrast to conventional methods that rely on metadata or dynamic analysis, our approach performs detailed parsing of file headers, section layouts, entropy levels, import/export tables, and embedded resources to form a comprehensive feature set. A deep neural network is trained on these features, with its architecture and hyperparameters fine-tuned using Bayesian optimisation. The model is evaluated on a balanced dataset of benign and malicious PE files, achieving high accuracy (98.83%) and an F1-score of 98.95%. Fully automated and independent of dynamic execution or commercial tools, the proposed solution is well-suited for deployment in real-world applications such as antivirus systems and intrusion detection platforms. 

Abstract Insider threats pose a significant cybersecurity risk, as authorised users can exploit legitimate access to compromise sensitive systems and data. This paper proposes an integrated behavioural anomaly detection approach to address three critical challenges in AI-driven insider threat detection: lack of interpretability, misleading evaluation metrics, and misalignment with operational taxonomies. Our approach employs a three-stage pipeline: (1) an LSTM autoencoder to detect temporal anomalies in login patterns, (2) DBSCAN clustering to identify suspicious file access and device usage during anomalous sessions, and (3) DBSCAN-based URL analysis to uncover exfiltration patterns. By analysing behaviour across time, location, and web activity, this framework builds actionable threat chains mapped to MITRE ATT&CK techniques including T1078, T1005, T1204.002, T1567.002. It bridges the gap between theoretical models and the daily work of a Security Operations Center (SOC). In the data exfiltration scenario on the CERT R6.2 insider threat dataset, the proposed approach achieved a recall of 83.3% and an accuracy of 91.7% in classifying malicious days. The framework also provides interpretable alerts and maintains operational efficiency. 

Abstract The potential of Attribute-Based Encryption (ABE) in the context of IoT has driven researchers to propose pairing-free ABE schemes that are suitable for resource-constrained devices. Unfortunately, many of these schemes turned out to be insecure. This fact reinforces the view of some researchers according to which instantiating an Identity-Based Encryption (IBE) in plain Decisional Diffie-Hellman (DDH) groups is impossible. In this paper, we provide a generic Ciphertext-Policy ABE (CP-ABE) scheme supporting secret AND-gate policy using Inner-Product Functional Encryption (IPFE). We also propose an instantiation of our generic CP-ABE scheme based on the DDH assumption. From our generic CP-ABE scheme, we derive an IBE scheme by introducing the concept of Clustered Identity-Based Encryption (CIBE). Our schemes show that it is possible to construct secure IBE and ABE schemes based on the classical DDH assumption. An implementation of our CIBE in Python using the Charm framework is available on GitHub. 

Abstract Autonomous vehicles must balance road-safety objectives with growing cybersecurity threats. In this paper, we present a reinforcement-learning framework that jointly optimizes driving performance and resilience to Denial-of-Service (DoS) attacks.The problem is formulated as a multi-objective Markov Decision Process that integrates a safety reward with a security reward, while the partial observability of attacks is captured via a Bayesian belief. A Proximal Policy Optimization (PPO) agent controls steering, throttle, and dedicated mitigation actions. The system is implemented in the CARLA simulator with camera and LiDAR inputs and evaluated on urban driving scenarios. Experimental results demonstrate that the agent sustains stable lane-keeping and target-speed performance, while substantially reducing collision-prone incidents and retaining more than 90 % of the nominal travel distance under attack scenarios. The framework outperforms the safety-only PPO baseline and a rule-based security countermeasure.

Abstract Federated learning enables collaborative model training without centralized data collection, but existing frameworks rely on a central server, introducing risks of single points of failure, adversarial manipulation, and privacy leakage. To address these challenges, we propose HashLearner, a secure decentralized learning framework that utilizes the HashGraph consensus protocol for model aggregation without trusted authorities. HashLearner introduces two key innovations: (i) a consensus-driven decentralized aggregation mechanism resilient to Byzantine adversaries, and (ii) a privacy-preserving shuffling strategy that mitigates gradient reconstruction and poisoning attacks. To handle heterogeneous data distributions, the framework further employs transfer learning–based personalization. The simulation results of HashLearner, tested on benchmark Kaggle datasets, demonstrate that the platform maintains high accuracy while significantly enhancing scalability, security, and privacy. These findings indicate that HashLearner provides a practical path toward scalable, privacy-preserving, and trustworthy decentralized federated learning. 

Abstract This study presents a resilient and efficient architecture for securely distributing secrets to the public across untrusted networks. The proposed method integrates Shamir’s Verifiable Secret Sharing with AES-GCM encryption to provide strong confidentiality and authentication guarantees. Each share is reinforced with cryptographic hash-based signatures and imperceptibly embedded within cover images using a neural steganographic framework based on an Attention U-Net enhanced with transformer mechanisms and Squeeze-and-Excitation blocks, allowing the system to place data in visually insensitive regions adaptively. The training process leverages a joint perceptual and structural loss function, ensuring high visual fidelity while preserving critical image features for robust message recovery. Experimental evaluations demonstrate superior performance in Peak Signal-to-Noise Ratio and Structural Similarity Index Measure, and a minimal Bit Error Rate across various distortions, including noise, blurring, and JPEG compression. Compared to existing methods, the framework provides enhanced protection against fraudulent participants or dealers, eliminates reliance on secure private channels, and enables the reuse of system components, offering a comprehensive solution for safe, verifiable secret sharing. 

Abstract Detecting security vulnerabilities in open-source software is a critical task that is highly regarded in the related research communities. Several approaches have been proposed in the literature for detecting vulnerable code and identifying classes of vulnerabilities. However, there is still room to improve the explanation of the root causes of detected vulnerabilities by locating vulnerable statements and discovering the paths that lead to the activation of the vulnerability. While frameworks like SliceLocator offer explanations by identifying vulnerable paths, they rely on rule-based sink identification that limits their generalisation. In this paper, we introduce VulPathFinder, an explainable vulnerability path discovery framework that enhances SliceLocator’s methodology by utilising a novel Graph Neural Network (GNN) model for detecting sink statements, rather than relying on predefined rules. The proposed GNN captures semantic and syntactic dependencies to find potential sink points (PSPs), which are candidate statements where vulnerable paths end. After detecting PSPs, program slicing can be used to extract potentially vulnerable paths, which are then ranked by feeding them back into the target graph-based detector. Ultimately, the most probable path is returned, explaining the root cause of the detected vulnerability. We demonstrate the effectiveness of the proposed approach by performing evaluations on a benchmark of the buffer overflow CWEs from the SARD dataset, providing explanations for the corresponding detected vulnerabilities. The results show that VulPathFinder outperforms both the original SliceLocator and GNNExplainer (as a general GNN explainability tool) in discovering vulnerability paths to identified PSPs. 

Abstract Linked Ineffective Fault Analysis (LIFA) is a novel fault analysis technique that operates without requiring input control and demonstrates resilience against noise compared to Statistical Ineffective Fault Analysis (SIFA), while maintaining similar attack assumptions. However, prior studies on LIFA have focused primarily on SPN block ciphers, leaving the security of the DES cipher one of the Feistel ciphers unexplored. Furthermore, the application of LIFA in the presence of multiple faults remains unaddressed. This paper bridges these gaps by applying LIFA to the widely utilized DES cipher, aiming to evaluate the effectiveness of this attack on Feistel-based structures. We effectively apply LIFA across various scenarios and demonstrate the feasibility of inducing multiple linked faults. Our results reveal that the nibble-based structure of DES allows for the establishment of two simultaneous links instead of one, significantly enhancing the efficacy of fault attacks on DES. To validate our approach, we conducted both simulations and real-world experiments using frequency glitch fault injection on an ATMEGA328p microcontroller. The results show that the proposed LIFA framework for the DES cipher achieves superior performance compared to existing methods such as SIFA, further advancing the state of cryptographic fault analysis.

Abstract Preserving data confidentiality is crucial in today’s digital world where data exchange is increasingly becoming digital. This paper presents a novel text steganography algorithm. Initially, the secret message is converted into a bit stream. This bit stream is then shuffled using a random sequence to enhance security. Finally, the data is converted into a specific ”time” (including date and hour), and this generated time is embedded within a suitable cover text. The results demonstrate that the proposed algorithm is robust against a variety of attacks, including retyping, OCR, printing and photocopying, compression, document feature modification, non-Unicode environment conversion, and semantic paraphrasing. The algorithm is language-independent and applicable to all languages. The scheme exhibits high transparency against visual and machine attacks and has a capacity of 18 bits per time. The embedding of information bits using a random sequence enhances the scheme’s resistance against detection attacks.

Abstract CHILOW is a family of tweakable block ciphers introduced at Eurocrypt 2025, prioritizing decryption speed over encryption speed. This is achieved through a low-latency non-linear layer of degree two within the round function and a minimal number of rounds. As a result, CHILOW presents an appealing target for attacks that exploit its algebraic properties. These characteristics, along with the strict query limitations imposed by the designers, motivate our investigation into CHILOW’s security against integral attacks leveraging the division property. We have identified several integral distinguishers, which vary in data complexity and the number of balanced output bits. Specifically, for CHILOW-(32+τ), we derived a 4-round distinguisher with 15 constant bits in the input, in which all the 32 output bits are balanced. However, the longest integral distinguisher that complies with query limitations extends up to 3 rounds. For CHILOW-40, integral distinguishers up to 5 rounds are detected; however, only those spanning three rounds meet the query constraints. Furthermore, we have explored the potential for extending these distinguishers to key-recovery attacks and analyzed their complexity. Using the 3-round distinguisher on CHILOW-(32+τ), we propose key recovery attack with a 32-bit advantage, data complexity of 240 chosen ciphertexts and time complexity of 240 decryptions, all within the query limits. Therefore, by performing an exhaustive search over the remaining key candidates, a single candidate for the master key can be recovered, resulting in an overall attack time complexity of 296 decryptions. Additionally, we present an integral key-recovery attack on the 6-round version of CHILOW-(32+τ) with a data complexity of 28 chosen ciphertexts and a time complexity of 2102.6 encryptions. This attack only obtains information from the tweaks of the last three rounds, and using this information to recover the master key will be the subject of future research.

Abstract Lateral movement, a sophisticated cyberattack strategy, enables adversaries to stealthily infiltrate networks following an initial breach. Detecting such maneuvers is exceptionally challenging, as they are designed to seamlessly blend with legitimate system operations and network traffic, rendering traditional signature-based defenses ineffective. Supervised machine learning approaches, while promising, are constrained by their dependence on pre-labeled datasets of known attack patterns. To overcome these limitations, this study introduces a novel hybrid deep learning framework that integrates a Variational Autoencoder (VAE) for robust feature extraction, coupled with a supervised classifier to identify lateral movement. Through meticulous feature engineering on the LMD dataset, the VAE is trained exclusively on normative system and network behavior, constructing a probabilistic representation of legitimate activity. Anomalies, detected via reconstruction error, signal potential malicious intrusions. Empirical evaluation demonstrates the framework’s superior performance, achieving a detection time of 00:00:02:54 and an AUC of 99.6983%, reflecting exceptional class separation and computational efficiency. This hybrid architecture delivers a scalable, high-accuracy solution, establishing the VAE as a pivotal tool for combating advanced persistent threats with unparalleled precision and operational viability. 

Abstract Image authenticity is a perennial issue with the evolution of advanced tampering techniques, particularly grid-aligned manipulations and spatial vulnerability-exploiting post-processing attacks. The paper presents a novel architecture for a neural network fusing Graph Neural Networks (GNNs), Convolutional Neural Networks (CNNs), and digital watermarking to detect tampering successfully and localise it. CNNs are trained on learning local spatial features, and an invisible low-dropout convolutional encoder places watermarks to ensure authenticity. GNNs address the inherent problem of modelling long-range structural relations for blind tampering pattern detection that is accurate. With a graph-based representation of image blocks, the framework learns complex spatial relations, which alleviates the rigid receptive field limitation. Extensive experiments on benchmark datasets confirm the framework’s superiority, achieving an F1-Score of 0.94 in tampering localisation, which significantly outperforms the 0.88 F1-Score of leading state-of-the-art methods. This approach creates a new standard for image integrity verification, offering an interpretable and scalable solution with far-reaching applications in digital content protection. 

Abstract Open Educational Resources (OER) have become a valuable tool for expanding access to quality education. However, managing intellectual property rights in OER environments remains a challenge, particularly in verifying content authenticity and protecting creators’ rights. To address this challenge, the study proposes a decentralised approach to copyright management for OER. Our solution processes OER textual content using defined windows and the Locality Sensitive Hashing (LSH) algorithm to detect exact and partial similarities efficiently. By integrating blockchain technology and the InterPlanetary File System (IPFS), we establish a transparent, decentralised platform for storing and managing resources. To assess its effectiveness, the proposed system was implemented and tested on a dataset of 2,600 OER articles. The evaluation demonstrated perfect performance, with 100 per cent precision and recall across both direct and paraphrased plagiarism detection test sets. The results indicate that this technological integration can serve as a robust foundation for enhancing transparency and protecting authors’ rights within the OER ecosystem. 

Abstract The increasing integration of modern network infrastructure into industrial control systems elevates the need for robust cyber intrusion detection for industrial protocols. Unsupervised anomaly detection is particularly effective for this task, as it identifies novel attacks by modeling normal behaviour rather than relying on limited attack data. While techniques like autoencoders, which use reconstruction error to flag deviations, can be effective, their application is often hindered by practical challenges, such as regulatory constraints and the large volumes of data that prohibit the centralised collection required for training. Federated learning offers a solution by distributing the training process to local clients and aggregating only the resulting model parameters, thus preserving data privacy and locality. This paper proposes an anomaly-based intrusion detection framework built on federated learning. Using the CIC-Modbus2023 dataset, which comprises raw Modbus traffic from a smart grid, we systematically extract and label network flows based on attack logs. We then train and evaluate several autoencoder variants—including standard, variational, and adversarial autoencoders—within this federated setting. Our results demonstrate strong performance in detecting malicious behaviour, highlighting the framework’s potential as a promising approach for mitigating threats against the Modbus protocol without centralised data access. The code is available at https://github.com/hamid-rd/FLBased-ICS-NIDS. 

Abstract Large Language Models (LLMs), trained on extensive datasets using advanced deeplearning architectures, have demonstrated remarkable performance across a wide range of language tasks, becoming a cornerstone of modern AI technologies. However, ensuring their trustworthiness remains a critical challenge, asreliability is essential not only for accurate performance but also for upholding ethical, cultural, and social values. Careful alignment of training data and culturally grounded evaluation criteria is vital for developing responsible AI systems. In this study, we introduce the EPT (Evaluation of Persian Trustworthiness) metric, a culturally informed benchmark specifically designed to assess the trustworthiness of LLMs across six key aspects: Truthfulness, Safety, Fairness, Robustness, privacy, and ethical alignment. We curated a labelled dataset and evaluated the performance of several leading models—including ChatGPT, Claude, DeepSeek, Gemini, Grok, LLaMA, Mistral, and Qwen—using both automated LLM-based and human assessments. Our results reveal significant deficiencies in the safety dimension, underscoring the urgent need for focused attention on this critical aspect of model behaviour. Furthermore, our findings offer valuable insights into the alignment of these models with Persian ethical-cultural values and highlight critical gaps and opportunities for advancing trustworthy and culturally responsible AI. The dataset is publicly available at: https://github.com/Rezamirbagheri110/EPT-Benchmark.

Abstract This study evaluates three encoding methods for automated differential cryptanalysis: (1) SMT formulations (using CVC), (2) standard CNF, and (3) size-optimised CNF (via Logic Friday). We assess these using four SAT/SMT solver types: single-core (CryptoMiniSat-v5, CaDiCaL), multicore (Treengeling), and massively parallel Mallob—novel to cryptanalysis. Encoding-solver combinations are tested on seven lightweight block ciphers representing distinct design philosophies: SPECK-32 and CHAM-64 (ARX structure), SIMON-32 (AND-RX structure), PRESENT, GIFT-128, and MIDORI-64 (4-bit S-box in SPN structure), and LBLOCK (Feistel structure). For each cipher, SAT/SMT instances targeting specific rounds and differential weights were generated, with wall-clock solving time, parallel efficiency, and modelling effort recorded. Our results establish criteria for optimal encoding-solver pairings that strike a balance between modelling simplicity and computational performance. Crucially, Mallob emerges as the state-of-the-art framework for large-scale automated differential cryptanalysis.

Abstract Intrusion Detection Systems (IDS) are vital for defending modern networks against emerging cyber threats, including zero-day attacks. In this article, we introduce GAT-AID (Graph Attention-based Anomaly and Intrusion Detection), an IDS architecture that integrates Graph Attention Networks (GATs), Multi-Layer Perceptron (MLP) classifiers, and Autoencoders. The proposed methodology represents network traffic as a graph, allowing GAT to extract complex node-wise associations across traffic flows. The embeddings generated are further processed through a dual-branch architecture, an MLP-based classifier for identifying known attack types, and an Autoencoder-based anomaly detector for flagging zero-day intrusions. The proposed GAT-AID methodology is evaluated on two widely used benchmark datasets, namely CICIDS2017 and UNSW-NB15. The experiment results demonstrate that it outperforms conventional IDS baselines, including SVM, Random Forest, CNN, and GCN models, achieving higher detection rates, improved robustness against unseen threats, and greater adaptability to evolving network environments. These findings suggest that GAT-AID is an effective and scalable solution for intelligent, real-time intrusion detection.