CAMLIS 2019

DAY ONE

Bio: Aleatha Parker-Wood

Aleatha Parker-Wood is the Machine Learning and Algorithmic Privacy lead at Humu, a company dedicated to making work better for everyone everywhere. Prior to Humu, she was a Sr. Principal Research Engineer and manager in the Center for Advanced Machine Learning at Symantec, where her team did original research and contributed machine learning to numerous Symantec products including SEP 14, Email Security.cloud, Norton Core, phishing page detection, and more.

She holds multiple security-related patents, and serves on the steering committee for ScAINet, the SeCurity AI Networking conference. She received her Ph.D. in Computer Science from the University of California, Santa Cruz.

Aleatha Parker-Wood

Machine Learning and Algorithmic Privacy Lead, Humu

  • Speaker:Javad Rafiei Asl

    Author(s):Javad Rafiei Asl; Sidhant Narula; Mohammad Ghasemigol; Eduardo Blanco ; Daniel Takabi

    A Framework for Adaptive Multi-Turn Jailbreak Attacks on Large Language Models

    Abstract: This paper introduces HarmNet, a modular framework designed to systematically construct, refine, and execute multi-turn jailbreak queries against LLMs, demonstrating significantly higher attack success rates compared to prior methods.

    Presentation > | Video >

  • Speaker: Tamás Vörös

    Author(s): Tamás Vörös; Adarsh Kyadige

    This work proposes LLM salting, a lightweight defense mechanism that rotates the internal refusal direction of LLMs, rendering previously effective jailbreak prompts (like GCG) ineffective without degrading model utility.

    Presentation > | Video >

  • Speaker: Amelia Kawasaki

    Author(s): Amelia Kawasaki; Kasimir Schulz; Leo Ring

    Abstract: This paper unveils ShadowLogic, a method for injecting hidden backdoors into white-box LLMs by modifying theircomputational graphs. These backdoors are activated by a secret trigger phrase, allowing the model to generate uncensored responses and exposing a new class of graph-level vulnerabilities.

    Presentation > | Video >

  • Speaker: Jake Thomas

    Author(s): Jake Thomas; Damian Ruck; Gabriel Downer; Sean Craven

    Abstract: This research presents Text2VLM, a novel pipeline that adapts text-only datasets into multimodal formats to evaluate the resilience of Visual Language Models (VLMs) against typographic prompt injection attacks. It highlights the increased susceptibility of VLMs when visual inputs are introduced.

    Presentation > | Video >

  • Speaker: Tim Dudman

    Author(s): Tim Dudman

    Abstract: This work proposes Topological Extensions for Reinforcement Learning Agents (TERLA) to provide generalizability for cyber defense agents in networks of differing topology and size without the need for retraining. It evaluates performance in realistic simulation environments.

    Presentation > | Video >

  • Speaker: Ashley Song

    Author(s): Ashley Song; Hsin Chen; Shawn Davis; Dhruv Nandakumar

    Abstract: This study evaluates Test-Time Compute for improving the accuracy and consistency of real-world cybersecurity agentic systems, specifically a container vulnerability analysis agent and a server alert triage agent.

    Presentation > | Video >

  • Speaker: Benji Lilley

    Author(s): Benji Lilley; Brian Mitchell; Spiros Mancoridis

    Abstract: This paper introduces Relational Inference GraphRAG (RIG-RAG), an LLM-assisted pipeline that transforms cloud configuration data into a security-enriched knowledge graph to support natural-language reasoning about deployed infrastructure. This enhances agentic capabilities for cloud security operations.

    Presentation > | Video >

DAY TWO

Keynote: On Evaluating Adversarial Robustness

Video >

Several hundred papers have been written over the last few years proposing defenses to adversarial examples (test-time evasion attacks on machine learning classifiers). In this setting, a defense is a model that is not easily fooled by such adversarial examples. Unfortunately, most proposed defenses to adversarial examples are quickly broken.

This talk examines the ways in which defenses to adversarial examples have been broken in the past, and what lessons we can learn from these breaks. Begin with a discussion of common evaluation pitfalls when performing the initial analysis, it then turns to recommendations for how we can perform more thorough defense evaluations.

Nicholas Carlini

Research Scientist, Google

  • Speaker: Mohammad Saidur Rahman

    Author(s): Mohammad Saidur Rahman; Scott Coull; Qi Yu; Matthew Wright

    Abstract: This study proposes MADAR, a Continual Learning (CL) framework for malware classification, which addresses catastrophic forgetting by incorporating diversity-aware replay. It demonstrates improved detection accuracy for both Windows and Android malware datasets.

    Presentation > | Video >

  • Speaker: Supriti Vijay

    Author(s): Supriti Vijay; Aman Priyanshu

    Abstract: This paper presents a multi-turn retrieval architecture for automating vulnerable code discovery, where models iteratively generate and refine search queries. It introduces a reinforcement learning environment and dataset for training such strategies.

    Presentation > | Video >

  • Speaker: Christopher Honaker

    Author(s): Christopher Honaker

    Abstract: This research examines social interactions in open-source code repositories using a biased BERTopic model to identify emerging cybersecurity threats (e.g., the XZ Utils backdoor) by prioritizing negative sentiment and cybersecurity keywords.

    Presentation > | Video >

  • Speaker: Edward Raff

    Author(s): Edward Raff; Karen Kukla; Michel Benaroch; Joseph Comprix

    Abstract: This work explores Adversarial Machine Learning (AML) attacks on financial reporting, demonstrating how bad actors can manipulate financial statements to inflate earnings and reduce fraud scores simultaneously, highlighting a critical information security vulnerability in financial systems.

    Presentation > | Video >

  • Speaker: Sadegh Momeni

    Author(s): Sadegh Momeni; Ge Zhang; Birkett Huber ; Hamza Harkous; Sam Lipton; Benoit Seguin; Yanis Pavlidis

    Abstract: This paper proposes a two-stage hybrid framework for ML-based threat detection in enterprise security, combining loose YARA rules with an ML classifier and leveraging synthetic data generation (Simula) and active learning to achieve a self-sustained, low-overhead solution for SOCs.

  • Speaker: Steven Leung

    Author(s): Steven Leung

    Abstract: This study provides the first large-scale empirical evaluation of Risk-Based Authentication (RBA) effectiveness in production two-factor authentication (2FA) systems against real-world opportunistic, targeted, and advanced attacks. It demonstrates how heuristic and anomaly detection methods improve security while maintaining user experience.

    Presentation > | Video >

  • Speaker: Daniel Jones

    Author(s): Daniel Jones; Giorgio Severi; Martin Pouliot; Gary Lopez; Joris de Gruyter; Santiago Zanella-Beguelin; Justin Song; Blake Bullwinkel; Pamela Cortez; Amanda Minnich

    Presentation > | Video >

  • Speaker: Nina Chikanov

    Author(s): Nina Chikanov

    Presentation > | Video >

  • Speaker: Caelin Kaplan

    Author(s): Alexander Warnecke; Caelin Kaplan

    Presentation > | Video >

  • Speaker: Gary Lopez Munoz

    Author(s): Gary Lopez Munoz; Mauricio Velazco; Manuel MelŽndez

    Presentation > | Video >

  • Speaker: Sanket Badhe

    Author(s): Sanket Badhe

    presentation > | Video >

  • Speaker: Arjun Krishna

    Author(s):  Arjun Krishna, Erick Galinkin, Leon Derczynski, Jeffrey Martin

    Presentation > | Video >

  • Speaker: Subhabrata Majumdar

    Author(s): Subhabrata Majumdar; Brian Pendleton; Abhishek Gupta

    Presentation > | Video >