English
Related papers

Related papers: IFDS Taint Analysis with Access Paths

200 papers

Broadly defined as the Internet of Things (IoT), the growth of commodity devices that integrate physical processes with digital connectivity has had profound effects on society--smart homes, personal monitoring devices, enhanced…

Cryptography and Security · Computer Science 2018-02-26 Z. Berkay Celik , Leonardo Babun , Amit K. Sikder , Hidayet Aksu , Gang Tan , Patrick McDaniel , A. Selcuk Uluagac

The growing number of Internet users and the prevalence of web applications make it necessary to deal with very complex software and applications in the network. This results in an increasing number of new vulnerabilities in the systems,…

Networking and Internet Architecture · Computer Science 2021-08-18 Mahdi Soltani , Mahdi Jafari Siavoshani , Amir Hossein Jahangir

In the process industry, condition monitoring systems with automated fault diagnosis methods assist human experts and thereby improve maintenance efficiency, process sustainability, and workplace safety. Improving the automated fault…

Artificial Intelligence · Computer Science 2022-10-21 Karl Löwenmark , Cees Taal , Stephan Schnabel , Marcus Liwicki , Fredrik Sandin

Most intrusion detection systems still identify attacks only after significant damage has occurred, detecting late-stage tactics rather than early indicators of compromise. This paper introduces a temporal analysis framework and taxonomy…

Cryptography and Security · Computer Science 2025-11-07 Tatiana S. Parlanti , Carlos A. Catania

Generic taint analysis is a pivotal technique in software security. However, it suffers from staggeringly high overhead. In this paper, we explore the hypothesis whether just-in-time (JIT) generation of fast paths for tracking taint can…

Cryptography and Security · Computer Science 2020-07-23 John Galea , Daniel Kroening

Internet has played a vital role in this modern world, the possibilities and opportunities offered are limitless. Despite all the hype, Internet services are liable to intrusion attack that could tamper the confidentiality and integrity of…

Cryptography and Security · Computer Science 2009-06-23 M. A. Faizal , M. Mohd Zaki , S. Shahrin , Y. Robiah , S. Siti Rahayu , B. Nazrulazhar

The diversity of web configuration interfaces for IoT devices has exacerbated issues such as inadequate permission controls and insecure interfaces, resulting in various vulnerabilities. Owing to the varying interface configurations across…

Cryptography and Security · Computer Science 2025-04-02 Jiahui Xiang , Lirong Fu , Tong Ye , Peiyu Liu , Huan Le , Liming Zhu , Wenhai Wang

The rapid expansion of varied network systems, including the Internet of Things (IoT) and Industrial Internet of Things (IIoT), has led to an increasing range of cyber threats. Ensuring robust protection against these threats necessitates…

Cryptography and Security · Computer Science 2024-03-19 Md. Ashraf Uddin , Sunil Aryal , Mohamed Reda Bouadjenek , Muna Al-Hawawreh , Md. Alamin Talukder

The PQDSS standardization process requires cryptographic primitives to be free from vulnerabilities, including timing and cache side-channels. Resistance to timing leakage is therefore an essential property, and achieving this typically…

Dynamic taint analysis (DTA) has been widely used in various security-relevant scenarios that need to track the runtime information flow of programs. Dynamic binary instrumentation (DBI) is a prevalent technique in achieving effective…

Cryptography and Security · Computer Science 2021-11-09 Xiao Kan , Cong Sun , Shen Liu , Yongzhe Huang , Gang Tan , Siqi Ma , Yumei Zhang

Program analysis tools often produce large volumes of candidate vulnerability reports that require costly manual review, creating a practical challenge: how can security analysts prioritize the reports most likely to be true…

Cryptography and Security · Computer Science 2025-10-24 Ronghao Ni , Aidan Z. H. Yang , Min-Chien Hsu , Nuno Sabino , Limin Jia , Ruben Martins , Darion Cassel , Kevin Cheang

Context: Static Application Security Testing Tools (SASTTs) identify software vulnerabilities to support the security and reliability of software applications. Interestingly, several studies have suggested that alternative solutions may be…

Software Engineering · Computer Science 2024-03-15 Matteo Esposito , Valentina Falaschi , Davide Falessi

Sophisticated traffic analytics, such as the encrypted traffic analytics and unknown malware detection, emphasizes the need for advanced methods to analyze the network traffic. Traditional methods of using fixed patterns, signature…

Networking and Internet Architecture · Computer Science 2022-08-17 Kun Qiu , Harry Chang , Ying Wang , Xiahui Yu , Wenjun Zhu , Yingqi Liu , Jianwei Ma , Weigang Li , Xiaobo Liu , Shuo Dai

Static analysis tools come in many forms andconfigurations, allowing them to handle various tasks in a (secure) development process: code style linting, bug/vulnerability detection, verification, etc., and adapt to the specific requirements…

Previous work has shown that taint analyses are only useful if correctly customized to the context in which they are used. Existing domain-specific languages (DSLs) allow such customization through the definition of deny-listing data-flow…

Programming Languages · Computer Science 2022-04-08 Goran Piskachev , Johannes Späth , Ingo Budde , Eric Bodden

Software is prone to security vulnerabilities. Program analysis tools to detect them have limited effectiveness in practice due to their reliance on human labeled specifications. Large language models (or LLMs) have shown impressive code…

Cryptography and Security · Computer Science 2025-04-08 Ziyang Li , Saikat Dutta , Mayur Naik

Intrusion Detection System (IDS) is one of the security measures being used as an additional defence mechanism to prevent the security breaches on web. It has been well known methodology for detecting network-based attacks but still…

Cryptography and Security · Computer Science 2018-08-14 Nancy Agarwal , Syed Zeeshan Hussain

Dataflow tracking with Dynamic Taint Analysis (DTA) is an important method in systems security with many applications, including exploit analysis, guided fuzzing, and side-channel information leak detection. However, DTA is fundamentally…

Cryptography and Security · Computer Science 2021-02-25 Gabriel Ryan , Abhishek Shah , Dongdong She , Koustubha Bhat , Suman Jana

Taint-style vulnerabilities comprise a majority of fuzzer discovered program faults. These vulnerabilities usually manifest as memory access violations caused by tainted program input. Although fuzzers have helped uncover a majority of…

Cryptography and Security · Computer Science 2017-06-02 Bhargava Shastry , Federico Maggi , Fabian Yamaguchi , Konrad Rieck , Jean-Pierre Seifert

The Android mining sandbox approach consists in running dynamic analysis tools on a benign version of an Android app and recording every call to sensitive APIs. Later, one can use this information to (a) prevent calls to other sensitive…