English
Related papers

Related papers: Binsec/Rel: Efficient Relational Symbolic Executio…

200 papers

This paper tackles the problem of designing efficient binary-level verification for a subset of information flow properties encompassing constant-time and secret-erasure. These properties are crucial for cryptographic implementations, but…

Cryptography and Security · Computer Science 2022-09-05 Lesly-Ann Daniel , Sébastien Bardin , Tamara Rezk

Symbolic execution is a powerful technique for bug finding and program testing. It is successful in finding bugs in real-world code. The core reasoning techniques use constraint solving, path exploration, and search, which are also the same…

Software Engineering · Computer Science 2020-07-20 Sahil Verma , Roland H. C. Yap

Control flow in unstructured programs can be complex and dynamic, which makes static analysis difficult. Yet, automated reasoning about unstructured control flow is important when certifying properties of binary (machine) code in…

Programming Languages · Computer Science 2026-01-15 Andreas Lindner , Karl Palmskog , Scott Constable , Mads Dam , Roberto Guanciale , Hamed Nemati

Cryptographic libraries are a main target of timing side-channel attacks. A practical means to protect against these attacks is to adhere to the constant-time (CT) policy. However, it is hard to write constant-time code, and even…

Programming Languages · Computer Science 2025-10-15 Santiago Arranz-Olmos , Gilles Barthe , Lionel Blatter , Youcef Bouzid , Sören van der Wall , Zhiyuan Zhang

Timing side-channel attacks exploit variations in program execution time to recover sensitive information. Cryptographic implementations are especially vulnerable to these attacks, since even small timing differences in operations such as…

Cryptography and Security · Computer Science 2026-04-21 Nges Brian Njungle , Edwin P. Kayang , Mishel J. Paul , Michel A. Kinsy

Tackling binary program analysis problems has traditionally implied manually defining rules and heuristics, a tedious and time-consuming task for human analysts. In order to improve automation and scalability, we propose an alternative…

Cryptography and Security · Computer Science 2021-05-25 Shushan Arakelyan , Sima Arasteh , Christophe Hauser , Erik Kline , Aram Galstyan

This paper presents a system combining symbolic execution (KLEE) with a 4-agent multi-LLM architecture for detecting memory vulnerabilities in Rust unsafe code. A central challenge we address is the incomplete-code problem: CVE database…

Cryptography and Security · Computer Science 2026-05-04 Zeyad Abdelrazek , Young Lee

Fault injection attacks deliberately inject faults into a device via physical channels to disturb its regular execution. Adversaries can effectively deduce secrets by analyzing both the normal and faulty outputs, posing serious threats to…

Cryptography and Security · Computer Science 2026-04-07 Xi Yang , Taolue Chen , Yuqi Chen , Fu Song , Chundong Wang , Zhilin Wu

Mission-critical embedded software is critical to our society's infrastructure but can be subject to new security vulnerabilities as technology advances. When security issues arise, Reverse Engineers (REs) use Software Reverse Engineering…

Symbolic execution is an SMT-based software verification and testing technique. Symbolic execution requires tracking performed computations during software simulation to reason about branches in the software under test. The prevailing…

Software Engineering · Computer Science 2025-05-27 Sören Tempel , Tobias Brandt , Christoph Lüth , Christian Dietrich , Rolf Drechsler

We describe a technique for systematic testing of multi-threaded programs. We combine Quasi-Optimal Partial-Order Reduction, a state-of-the-art technique that tackles path explosion due to interleaving non-determinism, with symbolic…

Programming Languages · Computer Science 2020-07-23 Daniel Schemmel , Julian Büning , César Rodríguez , David Laprell , Klaus Wehrle

Trusted execution environments (TEEs) provide an environment for running workloads in the cloud without having to trust cloud service providers, by offering additional hardware-assisted security guarantees. However, main memory encryption…

Cryptography and Security · Computer Science 2023-09-25 Jan Wichelmann , Anna Pätschke , Luca Wilke , Thomas Eisenbarth

Clone detection is widely exploited for software vulnerability search. The approaches based on source code analysis cannot be applied to binary clone detection because the same source code can produce significantly different binaries. In…

Cryptography and Security · Computer Science 2022-11-11 Jian Gao , Yu Jiang , Zhe Liu , Xin Yang , Cong Wang , Xun Jiao , Zijiang Yang , Jiaguang Sun

Code verifiers play a critical role in post-verification for LLM-based code generation, yet existing supervised fine-tuning methods suffer from data scarcity, high failure rates, and poor inference efficiency. While reinforcement learning…

Artificial Intelligence · Computer Science 2026-02-02 Ji Shi , Peiming Guo , Meishan Zhang , Miao Zhang , Xuebo Liu , Min Zhang , Weili Guan

Binary code clone analysis is an important technique which has a wide range of applications in software engineering (e.g., plagiarism detection, bug detection). The main challenge of the topic lies in the semantics-equivalent code…

Software Engineering · Computer Science 2018-08-21 Yikun Hu , Yuanyuan Zhang , Juanru Li , Hui Wang , Bodong Li , Dawu Gu

In this paper, we present RT-Gang: a novel real-time gang scheduling framework that enforces a one-gang-at-a-time policy. We find that, in a multicore platform, co-scheduling multiple parallel real-time tasks would require highly…

Distributed, Parallel, and Cluster Computing · Computer Science 2019-03-19 Waqar Ali , Heechul Yun

Many types of formal verification establish properties about abstract high-level program representations, leaving a large gap to programs at runtime. Although gaps can sometimes be narrowed by techniques such as refinement, a verified…

Logic in Computer Science · Computer Science 2025-03-19 Karl Palmskog , Andreas Lindner , Scott Constable , Roberto Guanciale , Hamed Nemati

A timely software update is vital to combat the increasing security vulnerabilities. However, some software vendors may secretly patch their vulnerabilities without creating CVE entries or even describing the security issue in their change…

Cryptography and Security · Computer Science 2023-12-14 Xu He , Shu Wang , Pengbin Feng , Xinda Wang , Shiyu Sun , Qi Li , Kun Sun

Memory-safety issues and information leakage are known to be depressingly common. We consider the compositional static detection of these kinds of vulnerabilities in first-order C-like programs. Indeed the latter are relational hyper-safety…

Programming Languages · Computer Science 2023-08-22 Toby Murray , Pengbo Yan , Gidon Ernst

Retrieving binary code via natural language queries is a pivotal capability for downstream tasks in the software security domain, such as vulnerability detection and malware analysis. However, it is challenging to identify binary functions…

Software Engineering · Computer Science 2026-01-06 Guoqiang Chen , Lingyun Ying , Ziyang Song , Daguang Liu , Qiang Wang , Zhiqi Wang , Li Hu , Shaoyin Cheng , Weiming Zhang , Nenghai Yu
‹ Prev 1 2 3 10 Next ›