English
Related papers

Related papers: EVIL: Exploiting Software via Natural Language

200 papers

Writing software exploits is an important practice for offensive security analysts to investigate and prevent attacks. In particular, shellcodes are especially time-consuming and a technical challenge, as they are written in assembly…

Software Engineering · Computer Science 2022-03-09 Pietro Liguori , Erfan Al-Hossami , Domenico Cotroneo , Roberto Natella , Bojan Cukic , Samira Shaikh

As the Windows OS stands out as one of the most targeted systems, the PowerShell language has become a key tool for malicious actors and cybersecurity professionals (e.g., for penetration testing). This work explores an uncharted domain in…

Cryptography and Security · Computer Science 2024-04-22 Pietro Liguori , Christian Marescalco , Roberto Natella , Vittorio Orbinato , Luciano Pianese

We introduce EVIL (\textbf{EV}olving \textbf{I}nterpretable algorithms with \textbf{L}LMs), an approach that uses LLM-guided evolutionary search to discover simple, interpretable algorithms for dynamical systems inference. Rather than…

Machine Learning · Computer Science 2026-04-20 David Berghaus

Python is one of the most commonly used programming languages in industry and education. Its English keywords and built-in functions/modules allow it to come close to pseudo-code in terms of its readability and ease of writing. However,…

Computation and Language · Computer Science 2025-04-17 Joshua Otten , Antonios Anastasopoulos , Kevin Moran

The emulation of multi-step attacks attributed to advanced persistent threats is valuable for training defenders and evaluating defense tools. In this paper, we discuss the numerous challenges and desired attributes associated with such…

Cryptography and Security · Computer Science 2025-10-09 Suresh K. Damodaran , Paul D. Rowe

With an increasing number of malicious attacks, the number of people and organizations falling prey to social engineering attacks is proliferating. Despite considerable research in mitigation systems, attackers continually improve their…

Computation and Language · Computer Science 2019-08-20 Avisha Das , Rakesh Verma

The exploit or the Proof of Concept of the vulnerability plays an important role in developing superior vulnerability repair techniques, as it can be used as an oracle to verify the correctness of the patches generated by the tools.…

Although it has been demonstrated that Natural Language Processing (NLP) algorithms are vulnerable to deliberate attacks, the question of whether such weaknesses can lead to software security threats is under-explored. To bridge this gap,…

Computation and Language · Computer Science 2024-05-14 Xutan Peng , Yipeng Zhang , Jingfeng Yang , Mark Stevenson

With the continuous rise of malicious campaigns and the exploitation of new attack vectors, it is necessary to assess the efficacy of the defensive mechanisms used to detect them. To this end, the contribution of our work is twofold. First,…

Cryptography and Security · Computer Science 2021-05-04 Vasilios Koutsokostas , Constantinos Patsakis

We take the first step to address the task of automatically generating shellcodes, i.e., small pieces of code used as a payload in the exploitation of a software vulnerability, starting from natural language comments. We assemble and…

Software Engineering · Computer Science 2022-03-21 Pietro Liguori , Erfan Al-Hossami , Domenico Cotroneo , Roberto Natella , Bojan Cukic , Samira Shaikh

We address the problem of automatic decompilation, converting a program in low-level representation back to a higher-level human-readable programming language. The problem of decompilation is extremely important for security researchers.…

Programming Languages · Computer Science 2019-05-22 Omer Katz , Yuval Olshaker , Yoav Goldberg , Eran Yahav

In today's software world with its cornucopia of reusable software libraries, when a programmer is faced with a programming task that they suspect can be completed through the use of a library, they often look for code examples using a…

Software Engineering · Computer Science 2021-10-08 Geert Heyman , Rafael Huysegems , Pascal Justen , Tom Van Cutsem

Large Language Models (LLMs) have demonstrated remarkable capabilities in code-related tasks, raising concerns about their potential for automated exploit generation (AEG). This paper presents the first systematic study on LLMs'…

Cryptography and Security · Computer Science 2025-05-05 David Jin , Qian Fu , Yuekang Li

This work explores the use of self-generated natural language explanations as an intermediate step for code-to-code translation with language models. Across three types of explanations and 19 programming languages constructed from the…

Computation and Language · Computer Science 2023-11-14 Zilu Tang , Mayank Agarwal , Alex Shypula , Bailin Wang , Derry Wijaya , Jie Chen , Yoon Kim

AI-based code generators are an emerging solution for automatically writing programs starting from descriptions in natural language, by using deep neural networks (Neural Machine Translation, NMT). In particular, code generators have been…

Software Engineering · Computer Science 2023-04-14 Pietro Liguori , Cristina Improta , Roberto Natella , Bojan Cukic , Domenico Cotroneo

Proof-of-concept exploits help demonstrate software vulnerability beyond doubt and communicate attacks to non-experts. But exploits can be configuration-specific, for example when in Security APIs, where keys are set up specifically for the…

Cryptography and Security · Computer Science 2024-10-03 Robert Künnemann , Julian Biehl

The Software Naturalness hypothesis argues that programming languages can be understood through the same techniques used in natural language processing. We explore this hypothesis through the use of a pre-trained transformer-based language…

The application of Machine Learning techniques in code generation is now a common practice for most developers. Tools such as ChatGPT from OpenAI leverage the natural language processing capabilities of Large Language Models to generate…

Cryptography and Security · Computer Science 2026-04-14 Ricardo Bessa , Rui Claro , João Trindade , João Lourenço

Web applications continue to be a favorite target for hackers due to a combination of wide adoption and rapid deployment cycles, which often lead to the introduction of high impact vulnerabilities. Static analysis tools are important to…

Cryptography and Security · Computer Science 2022-01-19 Ibéria Medeiros , Nuno Neves , Miguel Correia

Neural machine translation (NMT) methods developed for natural language processing have been shown to be highly successful in automating translation from one natural language to another. Recently, these NMT methods have been adapted to the…

Computation and Language · Computer Science 2023-05-24 Dharma KC , Clayton T. Morrison
‹ Prev 1 2 3 10 Next ›