Research · Page 34 | CaptchaLa Blog

research note

Can We End the Cat-and-Mouse Game? Simulating Self-Evolving Phishing Attacks with LLMs and Genetic Algorithms

Jul 29, 2025·11 min read·Seiji Sato, Tetsushi Ohki, Masakatsu Nishigaki

The paper asks whether phishing generation can be pushed beyond static, prompt-based output by treating attack design as an evolutionary process

researchphishingllm-securitygenetic-algorithmsocial-engineering

Read note → Source paper ↗

research note

LLM-Assisted Cheating Detection in Korean Language via Keystrokes

Jul 29, 2025·12 min read·Dong Hyun Roh, Rajesh Kumar, An Ngo

This paper tackles a practical but underexplored anti-cheating problem: detecting LLM-assisted writing in Korean from typing behavior rather than submitted text

researchkeystroke-dynamicsllm-cheating-detectionkorean-languageuser-independent-evaluation

Read note → Source paper ↗

research note

SynPAIN: A Synthetic Dataset of Pain and Non-Pain Facial Expressions

Jul 25, 2025·11 min read·Babak Taati, Muhammad Muzammil, Yasamin Zarghami et al.

SynPAIN tackles a very specific but important data problem in automated pain assessment: most public facial-pain datasets are small, skew younger, and underrepresent the older adults and demographi…

researchsynthetic-datapain-detectionfacial-expression-recognitionalgorithmic-bias

Read note → Source paper ↗

research note

Vec2Face+ for Face Dataset Generation

Jul 23, 2025·12 min read·Haiyu Wu, Jaskirat Singh, Sicong Tian et al.

Vec2Face+ is a synthetic face-dataset generation method aimed at face recognition training, with the central claim that the remaining gap between synthetic and real training data is not just about …

researchface-recognitionsynthetic-datadataset-generationidentity-consistency

Read note → Source paper ↗

research note

MFAz: Historical Access Based Multi-Factor Authorization

Jul 21, 2025·9 min read·Eyasu Getahun Chekole, Howard Halim, Jianying Zhou

MFAz tackles a gap that standard access control and MFA do not address: once a session is already established, an attacker who steals or reuses the session identifier can often bypass the original …

researchaccess-controlsession-hijackingmulti-factor-authorizationblockchain

Read note → Source paper ↗

research note

FacialMotionID: Identifying Users of Mixed Reality Headsets using Abstract Facial Motion Representations

Jul 15, 2025·10 min read·Adriano Castro, Simon Hanisch, Matin Fallahi et al.

This paper studies whether the abstract facial-motion streams produced by mixed-reality headsets are privacy-sensitive behavioral biometrics, even when no raw video is exposed

researchmixed-realityfacial-motionbehavioral-biometricsprivacy

Read note → Source paper ↗

research note

BlowPrint: Blow-Based Multi-Factor Biometrics for Smartphone User Authentication

Jul 5, 2025·10 min read·Howard Halim, Eyasu Getahun Chekole, Daniël Reijsbergen et al.

BlowPrint tackles a pretty specific but practical problem in smartphone authentication: can a behavioral signal that is contactless, quick to perform, and hard to spoof be paired with a standard ph…

researchbiometricssmartphone-authenticationbehavioral-biometricsmultifactor-authentication

Read note → Source paper ↗

research note

Fingerprinting SDKs for Mobile Apps and Where to Find Them: Understanding the Market for Device Fingerprinting

Jun 27, 2025·9 min read·Michael A. Specter, Mihai Christodorescu, Abbie Farr et al.

This paper addresses the pervasive practice of device fingerprinting in the mobile app ecosystem, focusing on the role of third-party SDKs embedded in Android apps

researchdevice-fingerprintingmobile-securitysdk-analysisstatic-taint-analysis

Read note → Source paper ↗

research note

SafeTriage: Facial Video De-identification for Privacy-Preserving Stroke Triage

Jun 19, 2025·11 min read·Tongan Cai, Haomiao Ni, Wenchao Ma et al.

SafeTriage tackles a very specific privacy bottleneck in clinical AI: how to share and reuse facial video from suspected stroke patients without exposing identity, while still preserving the subtle…

researchprivacy-preserving-aivideo-deidentificationstroke-triagefacial-video

Read note → Source paper ↗

research note

Defensive Adversarial CAPTCHA: A Semantics-Driven Framework for Natural Adversarial Example Generation

Jun 12, 2025·9 min read·Xia Du, Xiaoyuan Liu, Jizhe Zhou et al.

This paper addresses the growing vulnerability of traditional CAPTCHA systems to automated attacks leveraging deep neural networks (DNNs)

researchadversarial-captchadiffusion-modelsemantic-promptingblack-box-attack

Read note → Source paper ↗

research note

Physical Layer-Based Device Fingerprinting for Wireless Security: From Theory to Practice

Jun 11, 2025·7 min read·Junqing Zhang, Francesco Ardizzon, Mattia Piana et al.

This paper addresses the problem of secure device authentication in wireless communications, particularly for resource-constrained Internet of Things (IoT) devices where traditional cryptographic m…

researchphysical-layer-authenticationdevice-fingerprintingradio-frequency-fingerprintinginternet-of-things-security

Read note → Source paper ↗

research note

Superstudent intelligence in thermodynamics

Jun 11, 2025·7 min read·Rebecca Loubet, Pascal Zittlau, Marco Hoffmann et al.

This study reports a landmark evaluation of OpenAI's latest large language model, o3, on a challenging thermodynamics exam typically taken by university engineering students

researchlarge-language-modelthermodynamicsacademic-exam-evaluationzero-shot-learning

Read note → Source paper ↗