English
Related papers

Related papers: TestREx: a Framework for Repeatable Exploits

200 papers

The ability to analyze network threats is very important in security research. Traditional approaches, involving sandboxing technology are limited to simulating a single host, missing local network attacks. This issue is addressed by…

Cryptography and Security · Computer Science 2020-07-17 Francisc Moldovan , Ciprian Oprisa

In this work, we propose a testbed environment to capture the attack strategies of an adversary carrying out a cyber-attack on an enterprise network. The testbed contains nodes with known security vulnerabilities which can be exploited by…

Cryptography and Security · Computer Science 2023-07-07 Ayush Kumar , David K. Yau

Data theft and leakage, caused by external adversaries and insiders, demonstrate the need for protecting user data. Trusted Execution Environments (TEEs) offer a promising solution by creating secure environments that protect data and code…

Cryptography and Security · Computer Science 2024-11-05 Kosei Akama , Yoshimichi Nakatsuka , Korry Luke , Masaaki Sato , Keisuke Uehara

We present AuthREST, an open-source security testing tool targeting broken authentication, one of the most prevalent API security risks in the wild. AuthREST automatically tests web APIs for credential stuffing, password brute forcing, and…

Cryptography and Security · Computer Science 2025-09-15 Davide Corradini , Mariano Ceccato , Mohammad Ghafari

Over the last two decades, the danger of sharing resources between programs has been repeatedly highlighted. Multiple side-channel attacks, which seek to exploit shared components for leaking information, have been devised, mostly targeting…

Cryptography and Security · Computer Science 2022-01-28 Daniel Genkin , William Kosasih , Fangfei Liu , Anna Trikalinou , Thomas Unterluggauer , Yuval Yarom

We present a framework by which websites can coordinate to make it difficult for users to set similar passwords at these websites, in an effort to break the culture of password reuse on the web today. Though the design of such a framework…

Cryptography and Security · Computer Science 2021-03-05 Ke Coby Wang , Michael K. Reiter

Dynamic analysis, through rehosting, is an important capability for security assessment in embedded systems software. Existing rehosting techniques aim to provide high-fidelity execution by accurately emulating hardware and peripheral…

Benchmarking is crucial for testing and validating any system, even more so in real-time systems. Typical real-time applications adhere to well-understood abstractions: they exhibit a periodic behavior, operate on a well-defined working…

Software Engineering · Computer Science 2022-08-02 Mattia Nicolella , Shahin Roozkhosh , Denis Hoornaert , Andrea Bastoni , Renato Mancuso

Application services often support mobile and web applications with REST interfaces, implemented using a set of distributed components that interact with each other. This approach allows services to have high availability and performance at…

Distributed, Parallel, and Cluster Computing · Computer Science 2023-03-27 Sara Simoes , Ana Ribeiro , Carla Ferreira , Nuno Preguica

Thanks to the advance of technology, all kinds of applications are becoming more complete and capable of performing complex tasks that save much of our time. But to perform these tasks, applications require that some personal information…

Cryptography and Security · Computer Science 2020-07-15 Guilherme Girotto , Avelino Francisco Zorzo

Web applications require access to the file-system for many different tasks. When analyzing the security of a web application, secu- rity analysts should thus consider the impact that file-system operations have on the security of the whole…

Cryptography and Security · Computer Science 2017-05-11 Federico De Meo , Luca Viganò

New ideas in distributed systems (algorithms or protocols) are commonly tested by simulation, because experimenting with a prototype deployed on a realistic platform is cumbersome. However, a prototype not only measures performance but also…

Distributed, Parallel, and Cluster Computing · Computer Science 2018-03-14 Grzegorz Milka , Krzysztof Rzadca

Web applications play a crucial role in our daily lives, making it essential to employ testing methods that ensure their quality. Typically, Web testing automation frameworks rely on locators to interact with the graphical user interface,…

Software Engineering · Computer Science 2025-06-02 Dario Olianas , Diego Clerissi , Maurizio Leotta , Filippo Ricca

The exploit or the Proof of Concept of the vulnerability plays an important role in developing superior vulnerability repair techniques, as it can be used as an oracle to verify the correctness of the patches generated by the tools.…

The prevalence of software systems has become an integral part of modern-day living. Software usage has increased significantly, leading to its growth in both size and complexity. Consequently, software development is becoming a more…

Software Engineering · Computer Science 2023-06-07 Tiago Dias , Arthur Batista , Eva Maia , Isabel Praça

Software vulnerability detection is critical in software en- gineering as security flaws arise from complex interactions across code structure, repository context, and runtime conditions. Existing meth- ods are limited by local code views,…

Software Engineering · Computer Science 2026-03-17 Renwei Meng , Haoyi Wu , Jingming Wang , Haoyan Bai

Test and evaluation is a necessary process for ensuring that engineered systems perform as intended under a variety of conditions, both expected and unexpected. In this work, we consider the unique challenges of developing a unifying test…

Systems and Control · Electrical Eng. & Systems 2022-01-21 Erin Lanus , Ivan Hernandez , Adam Dachowicz , Laura Freeman , Melanie Grande , Andrew Lang , Jitesh H. Panchal , Anthony Patrick , Scott Welch

Recently, reproducibility has become a cornerstone in the security and privacy research community, including artifact evaluations and even a new symposium topic. However, Web measurements lack tools that can be reused across many…

Cryptography and Security · Computer Science 2025-06-05 Florian Hantke , Peter Snyder , Hamed Haddadi , Ben Stock

With the increasing number of internet-based resources and applications, the amount of attacks faced by companies has increased significantly in the past years. Likewise, the techniques to test security and emulate attacks need to be…

Cryptography and Security · Computer Science 2023-11-23 Daniel Dalalana Bertoglio , Arthur Gil , Juan Acosta , Julia Godoy , Roben Castagna Lunardi , Avelino Francisco Zorzo

While there have been approaches for integrating security policies into operating systems (OSs) for more than two decades, applications often use objects of higher abstraction requiring individual security policies with application-specific…

Cryptography and Security · Computer Science 2021-05-06 Marius Schlegel