English
Related papers

Related papers: BaseSAFE: Baseband SAnitized Fuzzing through Emula…

200 papers

With the rapid growth of IoT, secure and efficient mesh networking has become essential. Thread has emerged as a key protocol, widely used in smart-home and commercial systems, and serving as a core transport layer in the Matter standard.…

Cryptography and Security · Computer Science 2026-04-27 Ilja Siroš , Jakob Heirwegh , Dave Singelée , Bart Preneel

Telecom networks together with mobile phones must be rigorously tested for robustness against vulnerabilities in order to guarantee availability. RRC protocol is responsible for the management of radio resources and is among the most…

Cryptography and Security · Computer Science 2021-12-03 Srinath Potnuru , Prajwol Kumar Nakarmi

Recent research has shown that hardware fuzzers can effectively detect security vulnerabilities in modern processors. However, existing hardware fuzzers do not fuzz well the hard-to-reach design spaces. Consequently, these fuzzers cannot…

Cryptography and Security · Computer Science 2023-06-27 Chen Chen , Rahul Kande , Nathan Nguyen , Flemming Andersen , Aakash Tyagi , Ahmad-Reza Sadeghi , Jeyavijayan Rajendran

The rapid advancement of AI workloads and domain-specific architectures has led to increasingly diverse processor microarchitectures, whose design exploration requires fast and accurate performance validation. However, traditional workflows…

Hardware Architecture · Computer Science 2026-05-22 Chengzhen Meng , Xiuzhuang Chen , Bingcai Sui , Zhenyu Zhao , Tun Li , Hongjun Dai

Broken Access Control (BAC) remains one of the most critical and widespread vulnerabilities in web applications, allowing attackers to access unauthorized resources or perform privileged actions. Despite its severity, BAC is underexplored…

Cryptography and Security · Computer Science 2025-07-23 I Putu Arya Dharmaadi , Mohannad Alhanahnah , Van-Thuan Pham , Fadi Mohsen , Fatih Turkmen

Dynamic analysis and especially fuzzing are challenging tasks for embedded firmware running on modern low-end Microcontroller Units (MCUs) due to performance overheads from instruction emulation, the difficulty of emulating the vast space…

Cryptography and Security · Computer Science 2024-12-18 Florian Hofhammer , Qinying Wang , Atri Bhattacharyya , Majid Salehi , Bruno Crispo , Manuel Egele , Mathias Payer , Marcel Busch

Wireless chips and interfaces expose a substantial remote attack surface. As of today, most cellular baseband security research is performed on the Android ecosystem, leaving a huge gap on Apple devices. With iOS jailbreaks, last-generation…

Cryptography and Security · Computer Science 2026-04-28 Tobias Kröll , Stephan Kleber , Frank Kargl , Matthias Hollick , Jiska Classen

Fuzzing is an automated application vulnerability detection method. For genetic algorithm-based fuzzing, it can mutate the seed files provided by users to obtain a number of inputs, which are then used to test the objective application in…

Cryptography and Security · Computer Science 2019-06-04 Chenyang Lyu , Shouling Ji , Yuwei Li , Junfeng Zhou , Jianhai Chen , Jing Chen

Mobile devices rely on Trusted Execution Environments (TEEs) to execute security-critical code and protect sensitive assets. This security-critical code is modularized in components known as Trusted Applications (TAs). Vulnerabilities in…

Cryptography and Security · Computer Science 2026-01-29 Philipp Mao , Li Shi , Marcel Busch , Mathias Payer

BusyBox, an open-source software bundling over 300 essential Linux commands into a single executable, is ubiquitous in Linux-based embedded devices. Vulnerabilities in BusyBox can have far-reaching consequences, affecting a wide array of…

Software Engineering · Computer Science 2025-03-26 Asmita , Yaroslav Oliinyk , Michael Scott , Ryan Tsang , Chongzhou Fang , Houman Homayoun

False Base Station (FBS) attack has been a severe security problem for the cellular network since 2G era. During handover, the user equipment (UE) periodically receives state information from surrounding base stations (BSs) and uploads it…

Signal Processing · Electrical Eng. & Systems 2023-12-22 Xiangyu Li , Kaiwen Zheng , Sidong Guo , Xiaoli Ma

As an infrastructure for data persistence and analysis, Database Management Systems (DBMSs) are the cornerstones of modern enterprise software. To improve their correctness, the industry has been applying blackbox fuzzing for decades.…

Software Engineering · Computer Science 2021-03-02 Mingzhe Wang , Zhiyong Wu , Xinyi Xu , Jie Liang , Chijin Zhou , Huafeng Zhang , Yu Jiang

Urban imagery usually serves as forensic analysis and by design is available for incident mitigation. As more imagery collected, it is harder to narrow down to certain frames among thousands of video clips to a specific incident. A…

Computer Vision and Pattern Recognition · Computer Science 2019-09-13 Seyed Yahya Nikouei , Yu Chen , Alexander Aved , Erik Blasch , Timothy R. Faughnan

File-based encryption (FBE) schemes have been developed by software vendors to address security concerns related to data storage. While methods of encrypting data-at-rest may seem relatively straightforward, the main proponents of these…

Cryptography and Security · Computer Science 2021-11-25 David Galindo , Jia Liu , Chris McMahon Stone , Mihai Ordean

Fuzzing is an effective technique for discovering software vulnerabilities by generating random test inputs and executing them against the target program. However, fuzzing large and complex programs remains challenging due to difficulties…

Cryptography and Security · Computer Science 2024-06-10 Dongdong She , Adam Storek , Yuchong Xie , Seoyoung Kweon , Prashast Srivastava , Suman Jana

WebAssembly binaries are often compiled from memory-unsafe languages, such as C and C++. Because of WebAssembly's linear memory and missing protection features, e.g., stack canaries, source-level memory vulnerabilities are exploitable in…

Cryptography and Security · Computer Science 2021-11-01 Daniel Lehmann , Martin Toldam Torp , Michael Pradel

Mutation testing consists of generating test cases that detect faults injected into software (generating mutants) which its original test suite could not. By running such an augmented set of test cases, it may discover actual faults that…

Software Engineering · Computer Science 2024-06-05 Jaekwon Lee , Enrico Viganò , Fabrizio Pastore , Lionel Briand

In recent years, there has been an increasing interest in false base station detection systems. Most of these rely on software that users download into their mobile phones. The software either performs an analysis of radio environment…

Cryptography and Security · Computer Science 2021-02-18 Prajwol Kumar Nakarmi , Mehmet Akif Ersoy , Elif Ustundag Soykan , Karl Norrman

Fuzz testing is a fundamental technique employed to identify vulnerabilities within software systems. However, the process can be protracted and resource-intensive, especially when confronted with extensive codebases. In this work, I…

Software Engineering · Computer Science 2024-12-12 Saket Upadhyay

Binary-only fuzzing often struggles with achieving thorough code coverage and uncovering hidden vulnerabilities due to limited insight into a program's internal dataflows. Traditional grey-box fuzzers guide test case generation primarily…

Software Engineering · Computer Science 2025-09-08 Kai Feng , Jeremy Singer , Angelos K Marnerides