English
Related papers

Related papers: Static Analysis for Regular Expression Exponential…

200 papers

Regular expressions are a concise yet expressive language for expressing patterns. For instance, in networked software, they are used for input validation and intrusion detection. Yet some widely deployed regular expression matchers based…

Programming Languages · Computer Science 2013-01-08 James Kirrage , Asiri Rathnayake , Hayo Thielecke

In an algorithmic complexity attack, a malicious party takes advantage of the worst-case behavior of an algorithm to cause denial-of-service. A prominent algorithmic complexity attack is regular expression denial-of-service (ReDoS), in…

Cryptography and Security · Computer Science 2017-01-17 Valentin Wüstholz , Oswaldo Olivo , Marijn J. H. Heule , Isil Dillig

Regular Expression Denial of Service (ReDoS) is a vulnerability class that has become prominent in recent years. Attackers can weaponize such weaknesses as part of asymmetric cyberattacks that exploit the slow worst-case matching time of…

Cryptography and Security · Computer Science 2025-08-27 Masudul Hasan Masud Bhuiyan , Berk Çakar , Ethan H. Burmane , James C. Davis , Cristian-Alexandru Staicu

ReDoS is a well-known type of algorithmic complexity attack, where an adversary supplies maliciously crafted strings to a regular expression matching engine, aiming to exhaust computational resources of systems. Even quadratic-time behavior…

Data Structures and Algorithms · Computer Science 2026-05-11 Soh Kumabe , Yuya Uezato

Regular expression (regex) matching is fundamental in many applications, especially in web services. However, matching by backtracking -- preferred by most real-world implementations for its practical performance and backward compatibility…

Programming Languages · Computer Science 2024-02-02 Hiroya Fujinami , Ichiro Hasuo

This paper is devoted to finite state automata, regular expression matching, pattern recognition, and the exponential blow-up problem, which is the growing complexity of automata exponentially depending on regular expression length. This…

Formal Languages and Automata Theory · Computer Science 2023-08-22 Alexandra Bernadotte

We present a static analysis technique for detecting data races in Real-Time Operating System (RTOS) applications. These applications are often employed in safety-critical tasks and the presence of races may lead to erroneous behaviour with…

Programming Languages · Computer Science 2020-10-07 Rishi Tulsyan , Rekha Pai , Deepak D'Souza

We develop a formal perspective on how regular expression matching works in Java, a popular representative of the category of regex-directed matching engines. In particular, we define an automata model which captures all the aspects needed…

Formal Languages and Automata Theory · Computer Science 2014-05-23 Martin Berglund , Frank Drewes , Brink van der Merwe

Existing support for regular expressions in automated test generation or verification tools is lacking. Common aspects of regular expression engines found in mainstream programming languages, such as backreferences or greedy matching, are…

Programming Languages · Computer Science 2020-03-16 Blake Loring , Duncan Mitchell , Johannes Kinder

Large Reasoning Models (LRMs) have demonstrated promising performance in complex tasks. However, the resource-consuming reasoning processes may be exploited by attackers to maliciously occupy the resources of the servers, leading to a…

Cryptography and Security · Computer Science 2025-11-25 Zhenhao Zhu , Yue Liu , Zhiwei Xu , Yingwei Ma , Hongcheng Gao , Nuo Chen , Yanpei Guo , Wenjie Qu , Huiying Xu , Zifeng Kang , Xinzhong Zhu , Jiaheng Zhang

Symbolic execution is a program analysis technique commonly utilized to determine whether programs violate properties and, in case violations are found, to generate inputs that can trigger them. Used in the context of security properties…

Programming Languages · Computer Science 2023-01-20 Ignacio Tiraboschi , Tamara Rezk , Xavier Rival

Example-based guidance is widely used to improve mathematical reasoning at inference time, yet its effectiveness is highly unstable across problems and models-even when the guidance is correct and problem-relevant. We show that this…

Artificial Intelligence · Computer Science 2026-02-27 Weida Liang , Yiyou Sun , Shuyuan Nan , Chuang Li , Dawn Song , Kenji Kawaguchi

Regular expressions are used for diverse purposes, including input validation and firewalls. Unfortunately, they can also lead to a security vulnerability called ReDoS (Regular Expression Denial of Service), caused by a super-linear…

Software Engineering · Computer Science 2022-12-16 Sk Adnan Hassan , Zainab Aamir , Dongyoon Lee , James C. Davis , Francisco Servant

Regular expressions are pervasive in modern systems. Many real-world regular expressions are inefficient, sometimes to the extent that they are vulnerable to complexity-based attacks, and while much research has focused on detecting…

Programming Languages · Computer Science 2022-09-30 Jedidiah McClurg , Miles Claver , Jackson Garner , Jake Vossen , Jordan Schmerge , Mehmet E. Belviranli

Regular expressions with backreferences (regex, for short), as supported by most modern libraries for regular expression matching, have an NP-complete matching problem. We define a complexity parameter of regex, called active variable…

Formal Languages and Automata Theory · Computer Science 2024-02-09 Markus L. Schmid

Regular expressions constitute a fundamental notion in formal language theory and are frequently used in computer science to define search patterns. A classic algorithm for these problems constructs and simulates a non-deterministic finite…

Computational Complexity · Computer Science 2016-09-28 Arturs Backurs , Piotr Indyk

Modern regex languages have strayed far from well-understood traditional regular expressions: they include features that fundamentally transform the matching problem. In exchange for these features, modern regex engines at times suffer from…

Programming Languages · Computer Science 2024-07-24 Aurèle Barrière , Clément Pit-Claudel

Cyber-Physical Systems (CPSs), especially those involving autonomy, need guarantees of their safety. Runtime Enforcement (RE) is a lightweight method to formally ensure that some specified properties are satisfied over the executions of the…

Systems and Control · Electrical Eng. & Systems 2025-02-18 Han Su , Saumya Shankar , Srinivas Pinisetty , Partha S. Roop , Naijun Zhan

A {\it dynamic reasoning system} (DRS) is an adaptation of a conventional formal logical system that explicitly portrays reasoning as a temporal activity, with each extralogical input to the system and each inference rule application being…

Artificial Intelligence · Computer Science 2014-04-30 Daniel G. Schwartz

The architecture of a system captures important design decisions for the system. Over time, changes in a system's implementation may lead to violations of specific design decisions. This problem is common in industry and known as…

Software Engineering · Computer Science 2019-09-16 Diego Marmsoler , Ana Petrovska
‹ Prev 1 2 3 10 Next ›