Empirical analysis of 444 iOS apps using dynamic traffic interception found 282 leaking LLM API keys across ten providers, with only 28% remediation after three months.
In: 2025 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)
6 Pith papers cite this work. Polarity classification is still indexing.
years
2026 6representative citing papers
Honeyval evaluates LLM HTTP honeypots with AI attackers and shows they produce longer interactions, lower detection rates, and cost advantages over rule-based baselines.
Large-scale SSH honeypot deployment shows 99.23% of authenticated sessions are non-interactive, suggesting most attacks do not involve shell interaction.
AdvancedShelLM deploys a manager-worker multi-LLM architecture and stateful filesystem for SSH honeypots, reporting up to 99% unit-test pass rates and evidence that its outputs alter real attacker behavior in deployment.
Only 80 of 250 ATT&CK techniques (32%) allow plausible decoy placement by defenders, grouped into Sweep and Seek patterns, with the rest having no suitable defender asset in the attack path.
A multi-agent system with hybrid RAG and two new enforcement mechanisms shows strong results on semantic extraction phases of IT-Grundschutz but weak results on logical reasoning phases when evaluated against a BSI case study.
citing papers explorer
-
Probabilistic Agents in Deterministic Audits: Evaluating Multi-Agent Systems for Automated Audits Based on the German IT-Grundschutz
A multi-agent system with hybrid RAG and two new enforcement mechanisms shows strong results on semantic extraction phases of IT-Grundschutz but weak results on logical reasoning phases when evaluated against a BSI case study.