English
Related papers

Related papers: Finding Tizen security bugs through whole-system s…

200 papers

Large Language Models (LLMs) are one of the most promising developments in the field of artificial intelligence, and the software engineering community has readily noticed their potential role in the software development life-cycle.…

Software Engineering · Computer Science 2026-03-16 Greta Dolcetti , Vincenzo Arceri , Eleonora Iotti , Sergio Maffeis , Agostino Cortesi , Enea Zaffanella

Race conditions are a class of bugs in software where concurrent accesses to shared resources are not protected from each other. Consequences of race conditions include privilege escalation, denial of service, and memory corruption which…

Software Engineering · Computer Science 2024-04-02 Niels Dossche , Bert Abrath , Bart Coppens

Traditional reactive approach of blacklisting botnets fails to adapt to the rapidly evolving landscape of cyberattacks. An automated and proactive approach to detect and block botnet hosts will immensely benefit the industry. Behavioral…

Cryptography and Security · Computer Science 2021-08-31 Farhan Sadique , Shamik Sengupta

Despite various approaches being employed to detect vulnerabilities, the number of reported vulnerabilities shows an upward trend over the years. This suggests the problems are not caught before the code is released, which could be caused…

Cryptography and Security · Computer Science 2025-02-14 Karl Tamberg , Hayretdin Bahsi

We introduce SkipAnalyzer, a large language model (LLM)-powered tool for static code analysis. SkipAnalyzer has three components: 1) an LLM-based static bug detector that scans source code and reports specific types of bugs, 2) an LLM-based…

Software Engineering · Computer Science 2023-12-19 Mohammad Mahdi Mohajer , Reem Aleithan , Nima Shiri Harzevili , Moshi Wei , Alvine Boaye Belle , Hung Viet Pham , Song Wang

Static analysis is a powerful tool for detecting security vulnerabilities and other programming problems. Global taint tracking, in particular, can spot vulnerabilities arising from complicated data flow across multiple functions. However,…

Software Engineering · Computer Science 2023-01-26 Yiu Wai Chow , Max Schäfer , Michael Pradel

Zero-knowledge virtual machines (zkVMs) are increasingly deployed in decentralized applications and blockchain rollups since they enable verifiable off-chain computation. These VMs execute general-purpose programs, frequently written in…

Software Engineering · Computer Science 2025-09-16 Christoph Hochrainer , Valentin Wüstholz , Maria Christakis

The increasing complexity of modern processor and IP designs presents significant challenges in identifying and mitigating hardware flaws early in the IC design cycle. Traditional hardware fuzzing techniques, inspired by software testing,…

Cryptography and Security · Computer Science 2025-01-03 Raghul Saravanan , Sreenitha Kasarapu , Sai Manoj Pudukotai Dinakarrao

Static bug detection tools help developers detect problems in the code, including bad programming practices and potential defects. Recent efforts to integrate static bug detectors in modern software development workflows, such as in code…

Software Engineering · Computer Science 2024-01-24 Junjie Li , Jinqiu Yang

Patching severe security flaws in complex software remains a major challenge. While automated tools like fuzzers efficiently discover bugs, fixing deep-rooted low-level faults (e.g., use-after-free and memory corruption) still requires…

Software Engineering · Computer Science 2026-04-07 Maolin Sun , Yibiao Yang , Xuanlin Liu , Yuming Zhou , Baowen Xu

Linux containers are gaining increasing traction in both individual and industrial use, and as these containers get integrated into mission-critical systems, real-time detection of malicious cyber attacks becomes a critical operational…

Cryptography and Security · Computer Science 2017-01-05 Amr S. Abed , Charles Clancy , David S. Levy

In modern software development workflows, the open-source software supply chain contributes significantly to efficient and convenient engineering practices. With increasing system complexity, using open-source software as third-party…

Software Engineering · Computer Science 2025-11-18 Zihe Yan , Kai Luo , Haoyu Yang , Yang Yu , Zhuosheng Zhang , Guancheng Li

HPC systems use monitoring and operational data analytics to ensure efficiency, performance, and orderly operations. Application-specific insights are crucial for analyzing the increasing complexity and diversity of HPC workloads,…

Distributed, Parallel, and Cluster Computing · Computer Science 2025-08-27 Thomas Jakobsche , Fredrik Robertsén , Jessica R. Jones , Utz-Uwe Haus , Florina M. Ciorba

Accurate detection of third-party libraries (TPLs) is fundamental to Android security, supporting vulnerability tracking, malware detection, and supply chain auditing. Despite many proposed tools, their real-world effectiveness remains…

Cryptography and Security · Computer Science 2025-09-08 Jintao Gu , Haolang Lu , Guoshun Nan , Yihan Lin , Kun Wang , Yuchun Guo , Yigui Cao , Yang Liu

A fundamental problem in cybersecurity and computer science is determining whether a program is free of bugs and vulnerabilities. Fuzzing, a popular approach to discovering vulnerabilities in programs, has several advantages over…

Cryptography and Security · Computer Science 2026-01-27 Ian Hardgrove , John D. Hastings

Since the advent of parallel algorithms in the C++17 Standard Template Library (STL), the STL has become a viable framework for creating performance-portable applications. Given multiple existing implementations of the parallel algorithms,…

Distributed, Parallel, and Cluster Computing · Computer Science 2024-02-12 Ruben Laso , Diego Krupitza , Sascha Hunold

Context: In C, low-level errors, such as buffer overflow and use-after-free, are a major problem, as they cause security vulnerabilities and hard-to-find bugs. C lacks automatic checks, and programmers cannot apply defensive programming…

Programming Languages · Computer Science 2017-12-05 Manuel Rigger , Rene Mayrhofer , Roland Schatz , Matthias Grimmer , Hanspeter Mössenböck

Software vulnerabilities remain one of the most persistent threats to modern digital infrastructure. While static application security testing (SAST) tools have long served as the first line of defense, they suffer from high false-positive…

Static analysis tools are widely used to detect software bugs and vulnerabilities but often struggle with scalability and efficiency in complex codebases. Traditional approaches rely on manually crafted annotations -- labeling functions as…

Third-party libraries (TPLs) have become a significant part of the Android ecosystem. Developers can employ various TPLs to facilitate their app development. Unfortunately, the popularity of TPLs also brings new security issues. For…

Software Engineering · Computer Science 2021-08-05 Xian Zhan , Tianming Liu , Yepang Liu , Yang Liu , Li Li , Haoyu Wang , Xiapu Luo