English
Related papers

Related papers: Detile: Fine-Grained Information Leak Detection in…

200 papers

The severity of recent vulnerabilities discovered on modern CPUs, e.g., Spectre [1], highlights how information leakage can have devas-tating effects to the security of computer systems. At the same time, it suggests that confidentiality…

Cryptography and Security · Computer Science 2023-10-18 Lex Bailey , Jim Woodcock , Simon Foster , Roberto Metere

In an increasingly interconnected and data-driven world, the importance of robust security measures cannot be overstated. A knowledge graph constructed with information extracted from the system along with the desired security behavior can…

Cryptography and Security · Computer Science 2023-12-11 M. Xie , T. Rahat , W. Wang , Y. Tian

ARM Memory Tagging Extension (MTE) is a new hardware feature introduced in ARMv8.5-A architecture, aiming to detect memory corruption vulnerabilities. The low overhead of MTE makes it an attractive solution to mitigate memory corruption…

Cryptography and Security · Computer Science 2024-06-14 Juhee Kim , Jinbum Park , Sihyeon Roh , Jaeyoung Chung , Youngjoo Lee , Taesoo Kim , Byoungyoung Lee

Cache template attacks demonstrated automated leakage of user input in shared libraries. However, for large binaries, the runtime is prohibitively high. Other automated approaches focused on cryptographic implementations and media software…

Cryptography and Security · Computer Science 2022-08-05 Martin Schwarzl , Erik Kraft , Daniel Gruss

Intrusion detection into computer networks has become one of the most important issues in cybersecurity. Attackers keep on researching and coding to discover new vulnerabilities to penetrate information security system. In consequence…

Cryptography and Security · Computer Science 2020-12-17 Sergio Hidalgo-Espinoza , Kevin Chamorro-Cupueran , Oscar Chang-Tortolero

Deep learning (DL) techniques are on the rise in the software engineering research community. More and more approaches have been developed on top of DL models, also due to the unprecedented amount of software-related data that can be used…

Software Engineering · Computer Science 2021-03-23 Alejandro Mazuera-Rozo , Anamaria Mojica-Hanke , Mario Linares-Vásquez , Gabriele Bavota

The Spectre vulnerability in modern processors has been widely reported. The key insight in this vulnerability is that speculative execution in processors can be misused to access the secrets. Subsequently, even though the speculatively…

Cryptography and Security · Computer Science 2019-11-13 Guanhua Wang , Sudipta Chattopadhyay , Ivan Gotovchits , Tulika Mitra , Abhik Roychoudhury

The problem of data contamination is now almost inevitable during the development of large language models (LLMs), with the training data commonly integrating those evaluation benchmarks even unintentionally. This problem subsequently makes…

Computation and Language · Computer Science 2025-09-19 Ruijie Hou , Yueyang Jiao , Hanxu Hu , Yingming Li , Wai Lam , Huajian Zhang , Hongyuan Lu

The transient-execution attack Meltdown leaks sensitive information by transiently accessing inaccessible data during out-of-order execution. Although Meltdown is fixed in hardware for recent CPU generations, most currently-deployed CPUs…

Cryptography and Security · Computer Science 2023-10-09 Daniel Weber , Fabian Thomas , Lukas Gerlach , Ruiyi Zhang , Michael Schwarz

Web attacks are one of the major and most persistent forms of cyber threats, which bring huge costs and losses to web application-based businesses. Various detection methods, such as signature-based, machine learning-based, and deep…

Machine Learning · Computer Science 2024-10-11 Yonghang Zhou , Hongyi Zhu , Yidong Chai , Yuanchun Jiang , Yezheng Liu

Large Language Models (LLMs) have become integral to various software engineering tasks, including code generation, bug detection, and repair. To evaluate model performance in these domains, numerous bug benchmarks containing real-world…

Software Engineering · Computer Science 2025-04-01 Daniel Ramos , Claudia Mamede , Kush Jain , Paulo Canelas , Catarina Gamboa , Claire Le Goues

Software is prone to security vulnerabilities. Program analysis tools to detect them have limited effectiveness in practice due to their reliance on human labeled specifications. Large language models (or LLMs) have shown impressive code…

Cryptography and Security · Computer Science 2025-04-08 Ziyang Li , Saikat Dutta , Mayur Naik

Memory leak bugs are a major problem in C/C++ programs. They occur when memory objects are not deallocated.Developers need to manually deallocate these objects to prevent memory leaks. As such, several techniques have been proposed to…

Cryptography and Security · Computer Science 2024-08-12 Aniruddhan Murali , Mahmoud Alfadel , Meiyappan Nagappan , Meng Xu , Chengnian Sun

Reliable data is a cornerstone of modern organizational systems. A notable data integrity challenge stems from label bias, which refers to systematic errors in a label, a covariate that is central to a quantitative analysis, such that its…

Machine Learning · Computer Science 2025-07-15 Yunyi Li , Maria De-Arteaga , Maytal Saar-Tsechansky

With web applications becoming a preferred method of presenting graphical user interfaces to users, software vulnerabilities affecting web applications are becoming more and more prevalent and devastating. Some of these vulnerabilities,…

Cryptography and Security · Computer Science 2019-08-14 Michael Flanders

Heap layout manipulation is integral to exploiting heap-based memory corruption vulnerabilities. In this paper we present the first automatic approach to the problem, based on pseudo-random black-box search. Our approach searches for the…

Cryptography and Security · Computer Science 2018-09-05 Sean Heelan , Tom Melham , Daniel Kroening

Trusted execution environments (TEEs) offer hardware-assisted means to protect code and data. However, as shown in numerous results over the years, attackers can use side-channels to leak data access patterns and even single-step the code.…

Cryptography and Security · Computer Science 2025-09-24 Jan Wichelmann , Anja Rabich , Anna P"atschke , Thomas Eisenbarth

In recent years, code security has become increasingly important, especially with the rise of interconnected technologies. Detecting vulnerabilities early in the software development process has demonstrated numerous benefits. Consequently,…

Software Engineering · Computer Science 2024-07-22 José Gonçalves , Tiago Dias , Eva Maia , Isabel Praça

Modern processors use branch prediction and speculative execution to maximize performance. For example, if the destination of a branch depends on a memory value that is in the process of being read, CPUs will try guess the destination and…

Cryptography and Security · Computer Science 2018-01-08 Paul Kocher , Daniel Genkin , Daniel Gruss , Werner Haas , Mike Hamburg , Moritz Lipp , Stefan Mangard , Thomas Prescher , Michael Schwarz , Yuval Yarom

Threat detection in Natural Language Processing lacks consistent definitions and standardized benchmarks, and is often conflated with broader phenomena such as toxicity, hate speech, or offensive language. In this work, we introduce…

Computation and Language · Computer Science 2026-05-12 Davide Bruni , Carlo Bardazzi , Maurizio Tesconi