English
Related papers

Related papers: Identification of Bugs and Vulnerabilities in TLS …

200 papers

The use of TLS by malware poses new challenges to network threat detection because traditional pattern-matching techniques can no longer be applied to its messages. However, TLS also introduces a complex set of observable data features that…

Cryptography and Security · Computer Science 2016-07-07 Blake Anderson , Subharthi Paul , David McGrew

Its constant technological evolution characterizes the contemporary world, and every day the processes, once manual, become computerized. Data are stored in the cyberspace, and as a consequence, one must increase the concern with the…

Vulnerability Discovery with attack Injection security threats are increasing for the server software, when software is developed, the software tested for the functionality. Due to unawareness of software vulnerabilities most of the…

Networking and Internet Architecture · Computer Science 2014-02-12 G. Vijay Kumar , Ravikumar S. Raykundaliya , Dr. P. Naga Prasad

Software-defined networking (SDN) has become a fundamental technology for data centers and 5G networks. In an SDN network, routing and traffic management decisions are made by a centralized controller and communicated to switches via a…

Networking and Internet Architecture · Computer Science 2020-10-23 Michael Sjoholmsierchio , Britta Hale , Daniel Lukaszewski , Geoffrey G. Xie

Industrial control systems (ICS) are vital to modern infrastructure but increasingly vulnerable to cybersecurity threats, particularly through weaknesses in their communication protocols. This paper presents MALF (Multi-Agent LLM Fuzzing…

Cryptography and Security · Computer Science 2025-10-06 Bowei Ning , Xuejun Zong , Kan He

The Operating System (OS) kernel is foundational in modern computing, especially with the proliferation of diverse computing devices. However, its development also comes with vulnerabilities that can lead to severe security breaches. Kernel…

Cryptography and Security · Computer Science 2025-12-05 Jiacheng Xu , He Sun , Shihao Jiang , Qinying Wang , Mingming Zhang , Xiang Li , Kaiwen Shen , Peng Cheng , Jiming Chen , Charles Zhang , Shouling Ji

Large language models (LLMs) have revolutionized how we interact with machines. However, this technological advancement has been paralleled by the emergence of "Mallas," malicious services operating underground that exploit LLMs for…

Computation and Language · Computer Science 2024-08-12 Garrett Crumrine , Izzat Alsmadi , Jesus Guerrero , Yuvaraj Munian

In vulnerability detection, machine learning has been used as an effective static analysis technique, although it suffers from a significant rate of false positives. Contextually, in vulnerability discovery, fuzzing has been used as an…

Cryptography and Security · Computer Science 2025-05-05 Gianpietro Castiglione , Marcello Maugeri , Giampaolo Bella

Internet of Things (IoT) devices offer convenience through web interfaces, web VPNs, and other web-based services, all relying on the HTTP protocol. However, these externally exposed HTTP services resent significant security risks. Although…

Cryptography and Security · Computer Science 2024-11-20 Zhe Yang , Hao Peng , Yanling Jiang , Xingwei Li , Haohua Du , Shuhai Wang , Jianwei Liu

In an era of escalating cyber threats, malware poses significant risks to individuals and organizations, potentially leading to data breaches, system failures, and substantial financial losses. This study addresses the urgent need for…

Cryptography and Security · Computer Science 2025-01-28 Marzieh Esnaashari , Nima Moradi

Many protocol implementations are reactive systems, where the protocol process is in continuous interaction with other processes and the environment. If a bug can be exposed only in a certain state, a fuzzer needs to provide a specific…

Cryptography and Security · Computer Science 2023-06-06 Jinsheng Ba , Marcel Böhme , Zahra Mirzamomen , Abhik Roychoudhury

Softwarization and virtualization in 5G and beyond require rigorous testing against vulnerabilities and unintended emergent behaviors for critical infrastructure and network security assurance. Formal methods operates efficiently in…

Cryptography and Security · Computer Science 2023-07-13 Jingda Yang , Ying Wang

Network traffic inspection, including TLS traffic, in enterprise environments is widely practiced. Reasons for doing so are primarily related to improving enterprise security (e.g., malware detection) and meeting legal requirements. To…

Cryptography and Security · Computer Science 2018-09-25 Louis Waked , Mohammad Mannan , Amr Youssef

Fuzz testing (or fuzzing) is an effective technique used to find security vulnerabilities. It consists of feeding a software under test with malformed inputs, waiting for a weird system behaviour (often a crash of the system). Over the…

Cryptography and Security · Computer Science 2023-03-14 Marcello Maugeri , Cristian Daniele , Giampaolo Bella , Erik Poll

The increasing complexity of modern processors poses many challenges to existing hardware verification tools and methodologies for detecting security-critical bugs. Recent attacks on processors have shown the fatal consequences of…

Cryptography and Security · Computer Science 2022-01-26 Aakash Tyagi , Addison Crump , Ahmad-Reza Sadeghi , Garrett Persyn , Jeyavijayan Rajendran , Patrick Jauernig , Rahul Kande

Transport Layer Security (TLS) protocol is a cryptographic protocol designed to secure communication over the internet. The TLS protocol has become a fundamental in secure communication, most commonly used for securing web browsing…

Cryptography and Security · Computer Science 2024-09-30 Maciej Kalka , Marek Kirejczyk

Controllers for software-defined networks (SDNs) are centralised software components that enable advanced network functionalities, such as dynamic traffic engineering and network virtualisation. However, these functionalities increase the…

Software Engineering · Computer Science 2025-05-06 Raphaël Ollando , Seung Yeob Shin , Lionel C. Briand

Over 70% of security vulnerabilities in critical software systems today result from memory safety violations. To address this challenge, fuzzing and static analysis are widely used automated methods to discover such vulnerabilities. Fuzzing…

Cryptography and Security · Computer Science 2026-03-31 Keno Hassler , Philipp Görz , Stephan Lipp

The virtualization and softwarization of 5G and NextG are critical enablers of the shift to flexibility, but they also present a potential attack surface for threats. However, current security research in communication systems focuses on…

Cryptography and Security · Computer Science 2024-01-08 Jingda Yang , Ying Wang , Yanjun Pan , Tuyen X. Tran

Passive operating system fingerprinting reveals valuable information to the defenders of heterogeneous private networks; at the same time, attackers can use fingerprinting to reconnoiter networks, so defenders need obfuscation techniques to…

Cryptography and Security · Computer Science 2017-06-27 Blake Anderson , David McGrew