Sandeep K. Shukla

Nanda Rani, Kimberly Milner, Minghao Shao et al.

Existing benchmarks for LLM-based offensive security agents use isolated, single-target setups with a known vulnerable service and fixed objective. They measure exploitation effectively, but miss how real Capture-the-Flag (CTF) participants triage unknown surfaces, prioritize targets, and allocate effort under uncertainty. Current evaluations therefore fail to assess strategic reasoning beyond exploitation alone. To address this, we introduce \textit{CTFExplorer}, a benchmark suite that shifts offensive security evaluation toward a multi-target setting, which tests how agents explore, prioritize, and chain attacks. CTFExplorer deploys 40 web-based vulnerable services within a single environment, where agents must autonomously discover, distinguish, and exploit targets without predefined guidance. We also present a reactive multi-agent setup as a reference agent framework and develop an agent-agnostic evaluation framework that records structured reasoning traces for fine-grained assessment. This enables behavioral evaluation beyond binary flag capture, such as how agents manage target selection, handle failed hypotheses, coordinate across multiple stages, and extract security intelligence.

Virendra Nishad, Bhaskar Mukhoty, Hilal AlQuabeh et al.

Deep neural networks have achieved remarkable success in a wide range of classification tasks. However, they remain highly susceptible to adversarial examples - inputs that are subtly perturbed to induce misclassification while appearing unchanged to humans. Among various attack strategies, Universal Adversarial Perturbations (UAPs) have emerged as a powerful tool for both stress testing model robustness and facilitating scalable adversarial training. Despite their effectiveness, most existing UAP methods neglect domain specific constraints that govern feature relationships. Violating such constraints, such as debt to income ratios in credit scoring or packet flow invariants in network communication, can render adversarial examples implausible or easily detectable, thereby limiting their real world applicability. In this work, we advance universal adversarial attacks to constrained feature spaces by formulating an augmented Lagrangian based min max optimization problem that enforces multiple, potentially complex constraints of varying importance. We propose Constrained Adversarial Perturbation (CAP), an efficient algorithm that solves this problem using a gradient based alternating optimization strategy. We evaluate CAP across diverse domains including finance, IT networks, and cyber physical systems, and demonstrate that it achieves higher attack success rates while significantly reducing runtime compared to existing baselines. Our approach also generalizes seamlessly to individual adversarial perturbations, where we observe similar strong performance gains. Finally, we introduce a principled procedure for learning feature constraints directly from data, enabling broad applicability across domains with structured input spaces.

Mayank Pandey, Rachit Agarwal, Sandeep K. Shukla et al.

The advancement in the healthcare sector is entering into a new era in the form of Health 4.0. The integration of innovative technologies like Cyber-Physical Systems (CPS), Big Data, Cloud Computing, Machine Learning, and Blockchain with Healthcare services has led to improved performance and efficiency through data-based learning and interconnection of systems. On the other hand, it has also increased complexities and has brought its own share of vulnerabilities due to the heavy influx, sharing, and storage of healthcare data. The protection of the same from cyber-attacks along with privacy preservation through authenticated access is one of the significant challenges for the healthcare sector. For this purpose, the use of blockchain-based networks can lead to a considerable reduction in the vulnerabilities of the healthcare systems and secure their data. This chapter explores blockchain's role in strengthening healthcare data security by answering the questions related to what data use, when we need, why we need, who needs, and how state-of-the-art techniques use blockchains to secure healthcare data. As a case study, we also explore and analyze the state-of-the-art implementations for blockchain in healthcare data security for the COVID-19 pandemic. In order to provide a path to future research directions, we identify and discuss the technical limitations and regulatory challenges associated with blockchain-based healthcare data security implementation.

Rachit Agarwal, Tanmay Thapliyal, Sandeep K. Shukla

Different types of malicious activities have been flagged in multiple permissionless blockchains such as bitcoin, Ethereum etc. While some malicious activities exploit vulnerabilities in the infrastructure of the blockchain, some target its users through social engineering techniques. To address these problems, we aim at automatically flagging blockchain accounts that originate such malicious exploitation of accounts of other participants. To that end, we identify a robust supervised machine learning (ML) algorithm that is resistant to any bias induced by an over representation of certain malicious activity in the available dataset, as well as is robust against adversarial attacks. We find that most of the malicious activities reported thus far, for example, in Ethereum blockchain ecosystem, behaves statistically similar. Further, the previously used ML algorithms for identifying malicious accounts show bias towards a particular malicious activity which is over-represented. In the sequel, we identify that Neural Networks (NN) holds up the best in the face of such bias inducing dataset at the same time being robust against certain adversarial attacks.

Aneet K. Dutta, Bhaskar Mukhoty, Sandeep K. Shukla

Regular and uninterrupted operation of critical infrastructures such as power, transport, communication etc. are essential for proper functioning of a country. Cyber-attacks causing disruption in critical infrastructure service in the past, are considered as a significant threat. With the advancement in technology and the progress of the critical infrastructures towards IP based communication, cyber-physical systems are lucrative targets of the attackers. In this paper, we propose a robust multivariate intrusion detection system called RAD for detecting attacks in the cyber-physical systems in O(d) space and time complexity, where d is the number parameters in the system state vector. The proposed Intrusion Detection System(IDS) is developed in an unsupervised learning setting without using labelled data denoting attacks. It allows a fraction of the training data to be corrupted by outliers or under attack, by subscribing to robust training procedure. The proposed IDS outperforms existing anomaly detection techniques in several real-world datasets and attack scenarios.

Rachit Agarwal, Shikhar Barve, Sandeep K. Shukla

The temporal nature of modeling accounts as nodes and transactions as directed edges in a directed graph -- for a blockchain, enables us to understand the behavior (malicious or benign) of the accounts. Predictive classification of accounts as malicious or benign could help users of the permissionless blockchain platforms to operate in a secure manner. Motivated by this, we introduce temporal features such as burst and attractiveness on top of several already used graph properties such as the node degree and clustering coefficient. Using identified features, we train various Machine Learning (ML) algorithms and identify the algorithm that performs the best in detecting which accounts are malicious. We then study the behavior of the accounts over different temporal granularities of the dataset before assigning them malicious tags. For Ethereum blockchain, we identify that for the entire dataset - the ExtraTreesClassifier performs the best among supervised ML algorithms. On the other hand, using cosine similarity on top of the results provided by unsupervised ML algorithms such as K-Means on the entire dataset, we were able to detect 554 more suspicious accounts. Further, using behavior change analysis for accounts, we identify 814 unique suspicious accounts across different temporal granularities.