English
Related papers

Related papers: FuSeBMC: A White-Box Fuzzer for Finding Security V…

200 papers

The security of modern JavaScript (JS) engines is critical since they provide the primary defense mechanism for executing untrusted code on the web. The recent integration of WebAssembly (Wasm) has transformed these engines into complex…

Cryptography and Security · Computer Science 2026-03-20 Lingming Zhang , Binbin Zhao , Puzhuo Liu , Qinge Xie , Peng Di , Jianhai Chen , Shouling Ji

This paper analyses and addresses the performance gap in the fuzzy vault-based \ac{BCS}. We identify unstable error correction capabilities, which are caused by variable feature set sizes and their influence on similarity thresholds, as a…

Computer Vision and Pattern Recognition · Computer Science 2025-06-30 Hans Geißner , Christian Rathgeb

Modern hardware systems, driven by demands for high performance and application-specific functionality, have grown increasingly complex, introducing large surfaces for bugs and security-critical vulnerabilities. Fuzzing has emerged as a…

Cryptography and Security · Computer Science 2025-12-29 Lichao Wu , Mohamadreza Rostami , Huimin Li , Nikhilesh Singh , Ahmad-Reza Sadeghi

The complexity of software in embedded systems has increased significantly over the last years so that software verification now plays an important role in ensuring the overall product quality. In this context, SAT-based bounded model…

Software Engineering · Computer Science 2009-11-20 Lucas Cordeiro , Bernd Fischer , Joao Marques-Silva

The eBPF technology in the Linux kernel has been widely adopted for different applications, such as networking, tracing, and security, thanks to the programmability it provides. By allowing user-supplied eBPF programs to be executed…

Cryptography and Security · Computer Science 2023-05-16 Hsin-Wei Hung , Ardalan Amiri Sani

Open source C code underpins society's computing infrastructure. Decades of work has helped harden C code against attackers, but C projects do not consist of only C code. C projects also contain build system code for automating development…

Software Engineering · Computer Science 2026-01-15 Brent Pappas , Paul Gazzillo

Objective: Machine learning (ML) models are increasingly used to generate electrical stimulation patterns in neuroprosthetic devices such as visual prostheses. While these models promise precise and personalized control, they also introduce…

Software Engineering · Computer Science 2025-12-08 Mara Downing , Matthew Peng , Jacob Granley , Michael Beyeler , Tevfik Bultan

Smart contracts are Turing-complete programs that are executed across a blockchain. Unlike traditional programs, once deployed, they cannot be modified. As smart contracts carry more value, they become more of an exciting target for…

Cryptography and Security · Computer Science 2021-03-11 Christof Ferreira Torres , Antonio Ken Iannillo , Arthur Gervais , Radu State

Program analysis and automated testing have recently become an essential part of SSDLC. Directed greybox fuzzing is one of the most popular automated testing methods that focuses on error detection in predefined code regions. However, it…

Cryptography and Security · Computer Science 2026-02-02 Darya Parygina , Timofey Mezhuev , Daniil Kuts

Directed greybox fuzzing (DGF) focuses on efficiently reaching specific program locations or triggering particular behaviors, making it essential for tasks like vulnerability detection and crash reproduction. However, existing methods often…

Cryptography and Security · Computer Science 2025-05-07 Hanxiang Xu , Yanjie Zhao , Haoyu Wang

Fuzzing is one of the most effective technique to identify potential software vulnerabilities. Most of the fuzzers aim to improve the code coverage, and there is lack of directedness (e.g., fuzz the specified path in a software). In this…

Cryptography and Security · Computer Science 2020-10-26 Xiaogang Zhu , Shigang Liu , Xian Li , Sheng Wen , Jun Zhang , Camtepe Seyit , Yang Xiang

Remote Procedure Call (RPC) is a communication protocol to support client-server interactions among services over a network. RPC is widely applied in industry for building large-scale distributed systems, such as Microservices. Modern RPC…

Software Engineering · Computer Science 2023-02-06 Man Zhang , Andrea Arcuri , Yonggang Li , Yang Liu , Kaiming Xue

Most software that runs on computers undergoes processing by compilers. Since compilers constitute the fundamental infrastructure of software development, their correctness is paramount. Over the years, researchers have invested in…

Software Engineering · Computer Science 2023-06-19 Haoyang Ma

Greybox fuzzing is one of the most useful and effective techniques for the bug detection in large scale application programs. It uses minimal amount of instrumentation. American Fuzzy Lop (AFL) is a popular coverage based evolutionary…

Artificial Intelligence · Computer Science 2018-06-12 Ketan Patil , Aditya Kanade

Fuzzing has proven to be a highly effective approach to uncover software bugs over the past decade. After AFL popularized the groundbreaking concept of lightweight coverage feedback, the field of fuzzing has seen a vast amount of scientific…

Vulnerabilities in open-source operating systems (OSs) pose substantial security risks to software systems, making their detection crucial. While fuzzing has been an effective vulnerability detection technique in various domains, OS fuzzing…

Operating Systems · Computer Science 2026-01-21 Kun Hu , Qicai Chen , Wenzhuo Zhang , Zilong Lu , Bihuan Chen , You Lu , Haowen Jiang , Bingkun Sun , Xin Peng , Wenyun Zhao

Automatic test-case generation techniques of symbolic execution and fuzzing are the most widely used methods to discover vulnerabilities in, both, academia and industry. However, both these methods suffer from fundamental drawbacks that…

Software Engineering · Computer Science 2018-03-14 Saahil Ognawala , Alexander Pretschner , Thomas Hutzelmann , Eirini Psallida , Ricardo Nales Amato

Rust is a promising programming language that focuses on concurrency, usability, and security. It is used in production code by major industry players and got recommended by government bodies. Rust provides strong security guarantees…

Cryptography and Security · Computer Science 2025-05-06 David Paaßen , Jens-Rene Giesen , Lucas Davi

SpecFuzz is the first tool that enables dynamic testing for speculative execution vulnerabilities (e.g., Spectre). The key is a novel concept of speculation exposure: The program is instrumented to simulate speculative execution in software…

Cryptography and Security · Computer Science 2020-03-11 Oleksii Oleksenko , Bohdan Trach , Mark Silberstein , Christof Fetzer

Microarchitectural attacks represent a challenging and persistent threat to modern processors, exploiting inherent design vulnerabilities in processors to leak sensitive information or compromise systems. Of particular concern is the…

Cryptography and Security · Computer Science 2024-10-31 Mohamadreza Rostami , Shaza Zeitouni , Rahul Kande , Chen Chen , Pouya Mahmoody , Jeyavijayan , Rajendran , Ahmad-Reza Sadeghi
‹ Prev 1 8 9 10 Next ›