English
Related papers

Related papers: Detile: Fine-Grained Information Leak Detection in…

200 papers

Vulnerability detection is crucial for maintaining software security, and recent research has explored the use of Language Models (LMs) for this task. While LMs have shown promising results, their performance has been inconsistent across…

Cryptography and Security · Computer Science 2024-12-24 Syafiq Al Atiiq , Christian Gehrmann , Kevin Dahlén

Intel SGX (Software Guard Extension) is a promising TEE (trusted execution environment) technique that can protect programs running in user space from being maliciously accessed by the host operating system. Although it provides hardware…

Cryptography and Security · Computer Science 2022-08-24 Yang Chen , Jianfeng Jiang , Shoumeng Yan , Hui Xu

Reusing code can produce duplicate or near-duplicate code clones in code repositories. Current code clone detection techniques, like Program Dependence Graphs, rely on code structure and their dependencies to detect clones. These techniques…

Software Engineering · Computer Science 2020-06-26 Sandeep Kaur Kuttal , Akash Ghosh

This study critically examines the methodological rigor in credit card fraud detection research, revealing how fundamental evaluation flaws can overshadow algorithmic sophistication. Through deliberate experimentation with improper…

Machine Learning · Computer Science 2025-11-11 Khizar Hayat , Baptiste Magnier

Webshell attacks are becoming more common, requiring robust detection mechanisms to protect web applications. The dissertation clearly states two research directions: scanning web application source code and analyzing HTTP traffic to detect…

Cryptography and Security · Computer Science 2024-12-10 Ha L. Viet , On V. Phung , Hoa N. Nguyen

Modern web applications often resort to application development frameworks such as React, Vue.js, and Angular. While the frameworks facilitate the development of web applications with several useful components, they are inevitably…

Software Engineering · Computer Science 2023-08-17 Arooba Shahoor , Askar Yeltayuly Khamit , Jooyong Yi , Dongsun Kim

Software vulnerability detection is critical in software security because it identifies potential bugs in software systems, enabling immediate remediation and mitigation measures to be implemented before they may be exploited. Automatic…

Software Engineering · Computer Science 2023-06-21 Nima Shiri Harzevili , Alvine Boaye Belle , Junjie Wang , Song Wang , Zhen Ming , Jiang , Nachiappan Nagappan

In the digital era, accidental exposure of sensitive information such as API keys, tokens, and credentials is a growing security threat. While most prior work focuses on detecting secrets in source code, leakage in software issue reports…

Software Engineering · Computer Science 2026-04-17 Sadif Ahmed , Md Nafiu Rahman , Zahin Wahab , Gias Uddin , Rifat Shahriyar

Data science pipelines to train and evaluate models with machine learning may contain bugs just like any other code. Leakage between training and test data can lead to overestimating the model's accuracy during offline evaluations, possibly…

Software Engineering · Computer Science 2022-09-08 Chenyang Yang , Rachel A Brower-Sinning , Grace A. Lewis , Christian Kästner

Deep learning-based malware detection systems are vulnerable to adversarial EXEmples - carefully-crafted malicious programs that evade detection with minimal perturbation. As such, the community is dedicating effort to develop mechanisms to…

Cryptography and Security · Computer Science 2024-05-02 Daniel Gibert , Luca Demetrio , Giulio Zizzo , Quan Le , Jordi Planes , Battista Biggio

Recent discovery of security attacks in advanced processors, known as Spectre and Meltdown, has resulted in high public alertness about security of hardware. The root cause of these attacks is information leakage across "covert channels"…

Cryptography and Security · Computer Science 2018-12-13 Mohammad Rahmani Fadiheh , Dominik Stoffel , Clark Barrett , Subhasish Mitra , Wolfgang Kunz

Prompt injection threatens novel applications that emerge from adapting LLMs for various user tasks. The newly developed LLM-based software applications become more ubiquitous and diverse. However, the threat of prompt injection attacks…

Cryptography and Security · Computer Science 2025-06-25 Valerii Gakh , Hayretdin Bahsi

Memory corruption is a serious class of software vulnerabilities, which requires careful attention to be detected and removed from applications before getting exploited and harming the system users. Symbolic execution is a well-known method…

Cryptography and Security · Computer Science 2025-09-16 Sara Baradaran , Mahdi Heidari , Ali Kamali , Maryam Mouzarani

System prompts are widely used to guide the outputs of large language models (LLMs). These prompts often contain business logic and sensitive information, making their protection essential. However, adversarial and even regular user queries…

Cryptography and Security · Computer Science 2025-08-28 Zhifeng Jiang , Zhihua Jin , Guoliang He

CPU cache is a limited but crucial storage component in modern processors, whereas the cache timing side-channel may inadvertently leak information through the physically measurable timing variance. Speculative execution, an essential…

Cryptography and Security · Computer Science 2020-02-18 Shengjian Guo , Yueqi Chen , Peng Li , Yueqiang Cheng , Huibo Wang , Meng Wu , Zhiqiang Zuo

How much does a machine learning algorithm leak about its training data, and why? Membership inference attacks are used as an auditing tool to quantify this leakage. In this paper, we present a comprehensive \textit{hypothesis testing…

Machine Learning · Computer Science 2022-09-14 Jiayuan Ye , Aadyaa Maddi , Sasi Kumar Murakonda , Vincent Bindschaedler , Reza Shokri

Browser fingerprinting enables persistent cross-site user tracking via subtle techniques that often evade conventional defenses or cause website breakage when script-level blocking countermeasures are applied. Addressing these challenges…

Cryptography and Security · Computer Science 2025-09-15 Pouneh Nikkhah Bahrami , Dylan Cutler , Igor Bilogrevic

Memory forensics is a powerful technique commonly adopted to investigate compromised machines and to detect stealthy computer attacks that do not store data on non-volatile storage. To employ this technique effectively, the analyst has to…

Cryptography and Security · Computer Science 2025-07-29 Andrea Oliveri , Davide Balzarotti

Memory is essential for enabling large language models to support long-horizon reasoning, yet existing memory systems remain unreliable and difficult to debug. Tracing memory's dynamic evolution is crucial to understand how information is…

The explosive growth of mini-game platforms has led to widespread code plagiarism, where malicious users access popular games' source code and republish them with modifications. While existing static analysis tools can detect simple…

Cryptography and Security · Computer Science 2025-08-05 Zhihao Li , Chaozheng Wang , Zongjie Li , Xinyong Peng , Qun Xia , Haochuan Lu , Ting Xiong , Shuzheng Gao , Cuiyun Gao , Shuai Wang , Yuetang Deng , Huafeng Ma