H. Birkan Yilmaz

Ali Karakoc, H. Birkan Yilmaz

SQL injection (SQLi) attacks are still one of the serious attacks ranked in the Open Worldwide Application Security Project (OWASP) Top 10 threats. Today, with advances in Artificial Intelligence (AI), especially in Large Language Models (LLMs), an opportunity has been created for automating adversarial attack tests to measure the defense mechanisms. In this paper, we aim to create a comprehensive evaluation of use cases that utilize LLMs for adversarial SQL injection generation. We introduce two novel LLM-based systems, Retrieval Augmented Generation for Adversarial SQLi (RADAGAS) and Reflective Chain-of-Thought SQLi (RefleXQLi), and compare them with existing baselines against 10 Web Application Firewalls (WAFs) and one execution-based MySQL validator. To perform a comprehensive test, we used six rule-based open-source WAFs (ModSecurity PL1--3, Coraza PL1--3), 2 AI/ML-based WAFs (WAF Brain, CNN-WAF), and 2 commercial WAFs (AWS WAF and Cloudflare WAF). For the LLM models, we used GPT-4o, Claude 3.7 Sonnet, and DeepSeek R1. Our tests consist of 240 experiments that generate 240,000 payloads and perform 2.2 million tests against WAFs. Our comprehensive evaluation reveals that RADAGAS-GPT4o outperforms other baseline models with a 22.73\% bypass rate. The proposed RADAGAS variants are highly successful on AI/ML-based WAFs (92.49\% on WAF-Brain by RADAGAS-DeepSeek, 80.48\% on CNN-WAF by RADAGAS-Claude), but struggle to bypass rule-based WAFs (0--5.70\% on ModSecurity and Coraza). In addition to these findings, another observation is that creating less diverse payloads achieves more bypasses, however they show poor results if the initially chosen payload is not successful. We observe that our findings provide a comprehensive view on using LLM-based approaches in security testing.

Dağhan Erdönmez, H. Birkan Yilmaz

Transmitter localization in vessel-like molecular communication channels is a fundamental problem with potential applications in healthcare. Existing analytical solutions either assume knowledge of emission time or require multiple closely spaced receivers, which limits their applicability in realistic scenarios. In this letter, we propose a simple closed-form approximation that exploits the temporal variance of the received molecular signal to estimate the distance between the transmitter and the receiver without emission time information. The method is derived from a Gaussian approximation of the received signal near its peak and gives an explicit variance-distance relation. Simulation results in physically relevant capillary vessel scale show that the proposed method achieves distance prediction with error on the order of 1%.

Ali Sonmez, Erencem Ozbey, Efe Feyzi Mantaroglu et al.

Transmitter localization in Molecular Communication via Diffusion is a critical topic with many applications. However, accurate localization of multiple transmitters is a challenging problem due to the stochastic nature of diffusion and overlapping molecule distributions at the receiver surface. To address these issues, we introduce clustering-based centroid correction methods that enhance robustness against density variations, and outliers. In addition, we propose two clusteringguided Residual Neural Networks, namely AngleNN for direction refinement and SizeNN for cluster size estimation. Experimental results show that both approaches provide significant improvements with reducing localization error between 69% (2-Tx) and 43% (4-Tx) compared to the K-means.

Erencem Ozbey, H. Birkan Yilmaz, Chan-Byoung Chae

Inter-symbol interference (ISI) with heteroscedastic, or state-dependent, noise is a defining feature of molecular communication via diffusion (MCvD). However, such noise variance dependency across ISI states has not been systematically considered in prior detector designs. This letter introduces two decoding mechanisms, Belief-Adaptive Maximum A Posteriori (BA-MAP) and Soft BA-MAP, that explicitly incorporate state-dependent means and variances of the molecular count channel. The BA-MAP method derives per-symbol adaptive MAP thresholds based on the receiver's current state beliefs, whereas the Soft BA-MAP approach computes mixture log-likelihood ratios by weighting all possible ISI states. Simulation and information-theoretic analyses confirm that the proposed detectors outperform conventional equalization and fixed-threshold methods, achieving up to 100% throughput improvement under realistic MCvD settings.