English
Related papers

Related papers: Towards Generic Deobfuscation of Windows API Calls

200 papers

Eliminating vulnerabilities from low-level code is vital for securing software. Static analysis is a promising approach for discovering vulnerabilities since it can provide developers early feedback on the code they write. But, it presents…

Cryptography and Security · Computer Science 2016-04-07 Bhargava Shastry , Fabian Yamaguchi , Konrad Rieck , Jean-Pierre Seifert

Recently researchers have proposed using deep learning-based systems for malware detection. Unfortunately, all deep learning classification systems are vulnerable to adversarial attacks. Previous work has studied adversarial attacks against…

Cryptography and Security · Computer Science 2017-12-19 Jack W. Stokes , De Wang , Mady Marinescu , Marc Marino , Brian Bussone

Protecting sensitive program content is a critical issue in various situations, ranging from legitimate use cases to unethical contexts. Obfuscation is one of the most used techniques to ensure such protection. Consequently, attackers must…

Cryptography and Security · Computer Science 2025-04-03 Roxane Cohen , Robin David , Florian Yger , Fabrice Rossi

Application Programming Interfaces (APIs) are crucial to software development, enabling integration of existing systems with new applications by reusing tried and tested code, saving development time and increasing software safety. In…

Software Engineering · Computer Science 2026-04-10 Ponnampalam Pirapuraj , Tamal Mondal , Sharanya Gupta , Akash Lal , Somak Aditya , Jyothi Vedurada

Mass assignment is one of the most prominent vulnerabilities in RESTful APIs. This vulnerability originates from a misconfiguration in common web frameworks, such that naming convention and automatic binding can be exploited by an attacker…

Cryptography and Security · Computer Science 2023-01-04 Davide Corradini , Michele Pasqua , Mariano Ceccato

By their very nature, malware samples employ a variety of techniques to conceal their malicious behavior and hide it from analysis tools. To mitigate the problem, a large number of different evasion techniques have been documented over the…

Cryptography and Security · Computer Science 2021-12-22 Lorenzo Maffia , Dario Nisi , Platon Kotzias , Giovanni Lagorio , Simone Aonzo , Davide Balzarotti

Lack of experience, inadequate documentation, and sub-optimal API design frequently cause developers to make mistakes when re-using third-party implementations. Such API misuses can result in unintended behavior, performance losses, or…

Software Engineering · Computer Science 2021-07-13 Sebastian Nielebock , Robert Heumüller , Kevin Michael Schott , Frank Ortmeier

Malicious software is an integral part of cybercrime defense. Due to the growing number of malicious attacks and their target sources, detecting and preventing the attack becomes more challenging due to the assault's changing behavior. The…

Cryptography and Security · Computer Science 2023-08-10 Mohammad Aziz , Ali Saeed Alfoudi

Traffic analysis attacks remain a significant problem for online security. Communication between nodes can be observed by network level attackers as it inherently takes place in the open. Despite online services increasingly using encrypted…

Cryptography and Security · Computer Science 2025-07-04 Jeppe Fredsgaard Blaabjerg , Aslan Askarov

Modern software relies on libraries and uses them via application programming interfaces (APIs). Correct API usage as well as many software engineering tasks are enabled when APIs have formal specifications. In this work, we analyze the…

Software Engineering · Computer Science 2019-05-17 John L. Singleton , Gary T. Leavens , Hridesh Rajan , David R. Cok

Static analysis tools are frequently used to detect potential vulnerabilities in software systems. However, an inevitable problem of these tools is their large number of warnings with a high false positive rate, which consumes time and…

Software Engineering · Computer Science 2022-09-28 Kien-Tuan Ngo , Dinh-Truong Do , Thu-Trang Nguyen , Hieu Dinh Vo

Artificial intelligence (AI) systems are increasingly adopted as tool-using agents that can plan, observe their environment, and take actions over extended time periods. This evolution challenges current evaluation practices where the AI…

Cryptography and Security · Computer Science 2026-03-17 Simone Aonzo , Merve Sahin , Aurélien Francillon , Daniele Perito

Identifying the tasks a given piece of malware was designed to perform (e.g. logging keystrokes, recording video, establishing remote access, etc.) is a difficult and time-consuming operation that is largely human-driven in practice. In…

Cryptography and Security · Computer Science 2015-07-08 Eric Nunes , Casey Buto , Paulo Shakarian , Christian Lebiere , Stefano Bennati , Robert Thomson , Holger Jaenisch

Programmers often add meaningful information about program semantics when naming program entities such as variables, functions, and macros. However, static analysis tools typically discount this information when they look for bugs in a…

Programming Languages · Computer Science 2020-09-22 Roger Scott , Joseph Ranieri , Lucja Kot , Vineeth Kashyap

There has been a rise in the use of Machine Learning as a Service (MLaaS) Vision APIs as they offer multiple services including pre-built models and algorithms, which otherwise take a huge amount of resources if built from scratch. As these…

Computer Vision and Pattern Recognition · Computer Science 2021-05-21 Jaydeep Borkar , Pin-Yu Chen

Computation offloading (often to external computing resources over a network) has become a necessity for modern applications. At the same time, the proliferation of machine learning techniques has empowered malicious actors to use such…

Cryptography and Security · Computer Science 2023-05-16 Md Washik Al Azad , Shifat Sarwar , Sifat Ut Taki , Spyridon Mastorakis

Malware authors are continuously evolving their code base to include counter-analysis methods that can significantly hinder their detection and blocking. While the execution of malware in a sandboxed environment may provide a lot of…

Cryptography and Security · Computer Science 2022-04-11 Vasilis Vouvoutsis , Fran Casino , Constantinos Patsakis

Mobile advertising dominates app monetization but introduces risks ranging from intrusive user experience to malware delivery. Existing detection methods rely either on static analysis, which misses runtime behaviors, or on heuristic UI…

Cryptography and Security · Computer Science 2026-03-24 Yizhe Zhao , Yongjian Fu , Zihao Feng , Hao Pan , Yongheng Deng , Yaoxue Zhang , Ju Ren

Automated Program Repair (APR) techniques typically rely on a given test-suite to guide the repair process. Apart from the need to provide test oracles, this makes the produced patches prone to test data over-fitting. In this work, instead…

Software Engineering · Computer Science 2023-08-02 Yuntong Zhang , Andreea Costea , Ridwan Shariffdeen , Davin McCall , Abhik Roychoudhury

The Cyber world is plagued with ever-evolving malware that readily infiltrates all defense mechanisms, operates viciously unbeknownst to the user and surreptitiously exfiltrate sensitive data. Understanding the inner workings of such…

Cryptography and Security · Computer Science 2018-11-06 Amir Afianian , Salman Niksefat , Babak Sadeghiyan , David Baptiste