English
Related papers

Related papers: Finding Security Vulnerabilities in Network Protoc…

200 papers

Modern fuzzers scale to large, real-world software but often fail to exercise the program states developers consider most fragile or security-critical. Such states are typically deep in the execution space, gated by preconditions, or…

Cryptography and Security · Computer Science 2026-02-12 Viet Hoang Luu , Amirmohammad Pasdar , Wachiraphan Charoenwet , Toby Murray , Shaanan Cohney , Van-Thuan Pham

Large Language Models (LLMs) are widely used for code generation, but they face critical security risks when applied to practical production due to package hallucinations, in which LLMs recommend non-existent packages. These hallucinations…

Software Engineering · Computer Science 2025-10-07 Yukai Zhao , Menghan Wu , Xing Hu , Xin Xia

Due to their widespread use in industry, several techniques have been proposed in the literature to fuzz REST APIs. Existing fuzzers for REST APIs have been focusing on detecting crashes (e.g., 500 HTTP server error status code). However,…

Software Engineering · Computer Science 2026-04-02 Omur Sahin , Man Zhang , Andrea Arcuri

This paper presents the results of a series of penetration tests performed on the OpenStack Essex Cloud Management Software. Several different types of penetration tests were performed including network protocol and command line fuzzing,…

Cryptography and Security · Computer Science 2013-01-10 Ralph LaBarge , Thomas McGuire

Given the growing importance of smart contracts in various applications, ensuring their security and reliability is critical. Fuzzing, an effective vulnerability detection technique, has recently been widely applied to smart contracts.…

Software Engineering · Computer Science 2024-02-06 Shuohan Wu , Zihao Li , Luyi Yan , Weimin Chen , Muhui Jiang , Chenxu Wang , Xiapu Luo , Hao Zhou

As the complexity of logic designs increase, new avenues for testing digital hardware becomes necessary. Fuzz Testing (fuzzing) has recently received attention as a potential candidate for input vector generation on hardware designs. Using…

Hardware Architecture · Computer Science 2023-12-12 Ruochen Dai , Michael Lee , Patrick Hoey , Weimin Fu , Tuba Yavuz , Xiaolong Guo , Shuo Wang , Dean Sullivan , Orlando Arias

Telecom networks together with mobile phones must be rigorously tested for robustness against vulnerabilities in order to guarantee availability. RRC protocol is responsible for the management of radio resources and is among the most…

Cryptography and Security · Computer Science 2021-12-03 Srinath Potnuru , Prajwol Kumar Nakarmi

Semantic understanding of programs has attracted great attention in the community. Inspired by recent successes of large language models (LLMs) in natural language understanding, tremendous progress has been made by treating programming…

Machine Learning · Computer Science 2023-06-13 Jianyu Zhao , Yuyang Rong , Yiwen Guo , Yifeng He , Hao Chen

The Internet, as it stands today, is highly vulnerable to attacks. However, little has been done to understand and verify the formal security guarantees of proposed secure inter-domain routing protocols, such as Secure BGP (S-BGP). In this…

Logic in Computer Science · Computer Science 2017-01-11 Chen Chen , Limin Jia , Hao Xu , Cheng Luo , Wenchao Zhou , Boon Thau Loo

The Operating System (OS) kernel is foundational in modern computing, especially with the proliferation of diverse computing devices. However, its development also comes with vulnerabilities that can lead to severe security breaches. Kernel…

Cryptography and Security · Computer Science 2025-12-05 Jiacheng Xu , He Sun , Shihao Jiang , Qinying Wang , Mingming Zhang , Xiang Li , Kaiwen Shen , Peng Cheng , Jiming Chen , Charles Zhang , Shouling Ji

Networked Programmable Logic Controllers (PLCs) are proprietary industrial devices utilized in critical infrastructure that execute control logic applications in complex proprietary runtime environments that provide standardized access to…

The threat of attack faced by cyber-physical systems (CPSs), especially when they play a critical role in automating public infrastructure, has motivated research into a wide variety of attack defence mechanisms. Assessing their…

Cryptography and Security · Computer Science 2020-01-16 Yuqi Chen , Christopher M. Poskitt , Jun Sun , Sridhar Adepu , Fan Zhang

Storage systems are fundamental to modern computing infrastructures, yet ensuring their correctness remains challenging in practice. Despite decades of research on system testing, many storage-system failures (including durability,…

Software Engineering · Computer Science 2026-02-09 Ying Wang , Jiahui Chen , Dejun Jiang

We present Harvey, an industrial greybox fuzzer for smart contracts, which are programs managing accounts on a blockchain. Greybox fuzzing is a lightweight test-generation approach that effectively detects bugs and security vulnerabilities.…

Software Engineering · Computer Science 2019-05-17 Valentin Wüstholz , Maria Christakis

Industrial Control Protocols (ICPs) are critical to the reliability and stability of industrial infrastructure, yet their security is fundamentally compromised by a specification-blindness bottleneck. Modern fuzzers, constrained by…

Cryptography and Security · Computer Science 2026-05-07 Jiaying Meng , Xuewei Feng , Qi Li , Min Liu , Ke Xu

Fingerprinting of services and operating systems is an essential part of penetration tests. In order to successfully penetrate the computing system's security measurements, preexisting fingerprinting methods are described and the paradigm…

Cryptography and Security · Computer Science 2014-03-04 Michael Hanspach

Cache timing attacks allow third-party observers to retrieve sensitive information from program executions. But, is it possible to automatically check the vulnerability of a program against cache timing attacks and then, automatically…

Software Engineering · Computer Science 2018-07-23 Sudipta Chattopadhyay , Abhik Roychoudhury

Spectre attacks exploit speculative execution to leak sensitive information. In the last few years, a number of static side-channel detectors have been proposed to detect cache leakage in the presence of speculative execution. However,…

Cryptography and Security · Computer Science 2022-11-28 Ali Sahraee

Network configuration verification enables operators to ensure that the network will behave as intended, prior to deployment of their configurations. Although techniques ranging from graph algorithms to SMT solvers have been proposed,…

Networking and Internet Architecture · Computer Science 2019-11-07 Santhosh Prabhu , Kuan-Yen Chou , Ali Kheradmand , P. Brighten Godfrey , Matthew Caesar

Greybox fuzzing is a proven and effective testing method for the detection of security vulnerabilities and other bugs in modern software systems. Greybox fuzzing can also be used in combination with a sanitizer, such as AddressSanitizer…

Cryptography and Security · Computer Science 2022-09-07 Jinsheng Ba , Gregory J. Duck , Abhik Roychoudhury
‹ Prev 1 8 9 10 Next ›