Security and Privacy – Communications of the ACM

News Nov 20 2024

Cybersecurity vendors are using AI-enabled products to keep a leg up on hackers and "threat actors" who have also added AI to their arsenals.

Mark Halper

Opinion Nov 19 2024

Notice and Choice Cannot Stand Alone

If bolstered by appropriate laws, standards, and easy-to-use interfaces, the notice and choice concept could be a useful tool in our future privacy toolbox.

Research and Advances Nov 14 2024

Belt and Braces: When Federated Learning Meets Differential Privacy

An overview of differential privacy-enabled federated learning with a focus on utility optimization techniques.

Practice Nov 4 2024

Confidential Computing or Cryptographic Computing?

Trade-offs between secure computation via cryptography and hardware enclaves.

Raluca Ada Popa

BLOG@CACM Nov 4 2024

The Gift That Keeps on Giving to Apple and Google

Technical arguments for keeping or upending the current Apple and Google mobile app store systems.

Saurabh Bagchi

people holding dollar signs stand in line before a giant mobile phone, illustration

BLOG@CACM Oct 31 2024

‘Cheat Engines’ and Copyright in Video Games in the EU

The Court of Justice of the EU finds it permissible to observe, study, and test a program to reveal the ideas and principles underlying its operation and reproduce the results of its execution.

Eleni Tzoulia

gear icon in prohibited banner, illustration

BLOG@CACM Oct 28 2024

Strengthening Security with Attack Surface Management

The ASM approach is built upon a network infrastructure graph developed by engineers for investigative purposes.

Alex Vakulov

Research Highlights Oct 25 2024

Pitfalls in Machine Learning for Computer Security

Generic pitfalls related to machine learning affect all security domains and can affect the entire machine learning workflow, weakening assumptions, conclusions, and lessons learned.

Research Highlights Oct 25 2024

Technical Perspective: Machine Learning in Computer Security is Difficult to Fix

The study points out some common issues hindering the design of ML models for computer security and how to overcome them.

Battista Biggio

Research and Advances Oct 24 2024

Human-Centered Cybersecurity Revisited: From Enemies to Partners

It is time to reconsider how we deal with the human factor in cybersecurity.

News Oct 22 2024

When LLMs Learn to Lie

LLMs represent an emerging battleground for misuse and abuse that aims to sway public opinion and mislead the masses.

Samuel Greengard

News Oct 18 2024

Dark Patterned Voices Manipulate Users

The vocal cues of voice user interfaces can be subtly manipulated to influence users' opinions.

R. Colin Johnson

laptop computer with megaphone, illustration

Opinion Oct 15 2024

The Future of Misuse Detection

A sequence of interrelated SRI projects are representative examples of the body of earlier work in the field of misuse detection.

Peter G. Neumann and Ulf Lindqvist

finger pointing to a warning alert on a display screen, illustration

Research and Advances Sep 26 2024

mCaptcha: Replacing Captchas with Rate Limiters to Improve Security and Accessibility

An overview of mCaptcha, a variable-difficulty-based proof-of-work captcha system that addresses the security, usability, and privacy issues with other captchas.

Aravinth Manivannan, Sibi Chakkaravarthy Sethuraman, and Devi Priya Vimala Sudhakaran

skeleton hands holding a panel with text: 'I'm not a robot,' illustration

Practice Sep 25 2024

Elevating Security with Arm CCA

RME introduces a new kind of confidential compute environment called a realm.

Charles Garcia-Tobin and Mark Knight

News Sep 13 2024

Defeating Bluetooth Trackers

A firmware change to Bluetooth chip sets makes the unwelcome tracking of a device by stalkers, hackers, and others impractical.

R. Colin Johnson

circuit board hardware with fingerprint, illustration

BLOG@CACM Sep 6 2024

Fort Knox Your Data: A Guide to Access Controls

Regular audits and continuous monitoring are critical for identifying and addressing potential security vulnerabilities.

Alex Vakulov

U.S. Gold Bullion Depository Fort Knox Kentucky

Opinion Sep 4 2024

The Global Digital Compact

There is a critical need for better software design, development, test, and propagation processes.

Vinton G. Cerf

BLOG@CACM Sep 3 2024

Cybersecurity in Industrial IoT: Protecting Critical Infrastructure

Today's IIoT environments demand sophisticated, multi-layered security strategies.

Alex Williams

News Aug 30 2024

How CrowdStrike Stopped Everything

The CrowdStrike global IT outage put millions of systems and their data out of reach.

David Geer

News Aug 29 2024

Partnering to Protect the Power

As the informational needs of the power grid become more complex and the connected “smart grid” expands, so too do the cybersecurity needs of grid operators.

Gregory Goth

Research Highlights Aug 28 2024

A Security Model for Web-Based Communication

We propose an algorithmic security model based on the widely deployed technologies DNSSEC and Web PKI to cover the dimensions of identification, resolution, and transaction.

Pouyan Fotouhi Tehrani, Eric Osterweil, Thomas C. Schmidt, and Matthias Wählisch

Research Highlights Aug 28 2024

Technical Perspective: Revealing the Cracks in AA Services

"A Security Model for Web-Based Communication," by Pouyan Fotouhi Tehrani et al., presents a new study of alerting authorities and their cybersafety measures.

Hamed Haddadi

Research and Advances Aug 16 2024

The Vulnerability-Adaptive Protection Paradigm

Resiliency solutions for autonomous machines make trade-offs between resiliency and cost.

Shape the Future of Computing

ACM encourages its members to take a direct hand in shaping the future of the association. There are more ways than ever to get involved.

Get Involved

Communications of the ACM (CACM) is now a fully Open Access publication.

By opening CACM to the world, we hope to increase engagement among the broader computer science community and encourage non-members to discover the rich resources ACM has to offer.

Learn More