English
Related papers

Related papers: TheHuzz: Instruction Fuzzing of Processors Using G…

200 papers

The Operating System (OS) kernel is foundational in modern computing, especially with the proliferation of diverse computing devices. However, its development also comes with vulnerabilities that can lead to severe security breaches. Kernel…

Cryptography and Security · Computer Science 2025-12-05 Jiacheng Xu , He Sun , Shihao Jiang , Qinying Wang , Mingming Zhang , Xiang Li , Kaiwen Shen , Peng Cheng , Jiming Chen , Charles Zhang , Shouling Ji

NIST is standardizing Post Quantum Cryptography (PQC) algorithms that are resilient to the computational capability of quantum computers. Past works show malicious subversion with cryptographic software (algorithm subversion attacks) that…

Cryptography and Security · Computer Science 2022-03-15 Animesh Basak Chowdhury , Anushree Mahapatra , Deepraj Soni , Ramesh Karri

With its unique advantages such as decentralization and immutability, blockchain technology has been widely used in various fields in recent years. The smart contract running on the blockchain is also playing an increasingly important role…

Cryptography and Security · Computer Science 2021-06-22 Mengjie Ding , Peiru Li , Shanshan Li , He Zhang

Deep learning (DL) libraries, widely used in AI applications, often contain vulnerabilities like buffer overflows and use-after-free errors. Traditional fuzzing struggles with the complexity and API diversity of DL libraries such as…

Software Engineering · Computer Science 2025-01-09 Kunpeng Zhang , Shuai Wang , Jitao Han , Xiaogang Zhu , Xian Li , Shaohua Wang , Sheng Wen

Fuzzing has proven to be very effective for discovering certain classes of software flaws, but less effective in helping developers process these discoveries. Conventional crash-based fuzzers lack enough information about failures to…

Cryptography and Security · Computer Science 2024-11-04 Allison Naaktgeboren , Sean Noble Anderson , Andrew Tolmach , Greg Sullivan

Fuzzing is a technique widely used in vulnerability detection. The process usually involves writing effective fuzz driver programs, which, when done manually, can be extremely labor intensive. Previous attempts at automation leave much to…

Software Engineering · Computer Science 2021-03-02 Mingrui Zhang , Jianzhong Liu , Fuchen Ma , Huafeng Zhang , Yu Jiang

Network-facing applications are commonly exposed to all kinds of attacks, especially when connected to the internet. As a result, web servers like Nginx or client applications such as curl make every effort to secure and harden their code…

Cryptography and Security · Computer Science 2024-09-04 Nils Bars , Moritz Schloegel , Nico Schiller , Lukas Bernhard , Thorsten Holz

Fuzzing is the process of finding security vulnerabilities in input-processing code by repeatedly testing the code with modified inputs. In this paper, we formalize fuzzing as a reinforcement learning problem using the concept of Markov…

Artificial Intelligence · Computer Science 2018-01-16 Konstantin Böttinger , Patrice Godefroid , Rishabh Singh

Exponential growth in embedded systems is driving the research imperative to develop fuzzers to automate firmware testing to uncover software bugs and security vulnerabilities. But, employing fuzzing techniques in this context present a…

Cryptography and Security · Computer Science 2023-01-18 Guy Farrelly , Michael Chesser , Damith C. Ranasinghe

Tool-augmented LLM agents increasingly rely on multi-step, multi-tool workflows to complete real tasks. This design expands the attack surface, because data produced by one tool can be persisted and later reused as input to another tool,…

Software Engineering · Computer Science 2026-03-16 Jiangrong Wu , Zitong Yao , Yuhong Nan , Zibin Zheng

The Language Server Protocol (LSP) has revolutionized the integration of code intelligence in modern software development. There are approximately 300 LSP server implementations for various languages and 50 editors offering LSP integration.…

Software Engineering · Computer Science 2026-01-29 Hengcheng Zhu , Songqiang Chen , Valerio Terragni , Lili Wei , Yepang Liu , Jiarong Wu , Shing-Chi Cheung

Emulation-based fuzzers enable testing binaries without source code, and facilitate testing embedded applications where automated execution on the target hardware architecture is difficult and slow. The instrumentation techniques added to…

Cryptography and Security · Computer Science 2023-06-22 Michael Chesser , Surya Nepal , Damith C. Ranasinghe

Vulnerabilities related to option combinations pose a significant challenge in software security testing due to their vast search space. Previous research primarily addressed this challenge through mutation or filtering techniques, which…

Cryptography and Security · Computer Science 2024-09-04 Dawei Wang , Geng Zhou , Li Chen , Dan Li , Yukai Miao

Bugs in operating system kernels can affect billions of devices and users all over the world. As a result, a large body of research has been focused on kernel fuzzing, i.e., automatically generating syscall (system call) sequences to detect…

Cryptography and Security · Computer Science 2025-03-17 Chenyuan Yang , Zijie Zhao , Lingming Zhang

Fuzzing has proven to be a highly effective approach to uncover software bugs over the past decade. After AFL popularized the groundbreaking concept of lightweight coverage feedback, the field of fuzzing has seen a vast amount of scientific…

A fuzzer provides randomly generated inputs to a targeted software to expose erroneous behavior. To efficiently detect defects, generated inputs should conform to the structure of the input format and thus, grammars can be used to generate…

Software Engineering · Computer Science 2020-08-05 Martin Eberlein , Yannic Noller , Thomas Vogel , Lars Grunske

As deductive verifiers mature, their potential user base is growing from the initial core developers to other users. To convince external users of the suitability of verifiers, these tools must run reliably out of the box, give meaningful…

Software Engineering · Computer Science 2026-04-22 Wander Nauta , Marcus Gerhold , Marieke Huisman

As machine learning gains prominence in various sectors of society for automated decision-making, concerns have risen regarding potential vulnerabilities in machine learning (ML) frameworks. Nevertheless, testing these frameworks is a…

Software Engineering · Computer Science 2023-07-13 Zhao Liu , Quanchen Zou , Tian Yu , Xuan Wang , Guozhu Meng , Kai Chen , Deyue Zhang

Smart contracts are Turing-complete programs that are executed across a blockchain. Unlike traditional programs, once deployed, they cannot be modified. As smart contracts carry more value, they become more of an exciting target for…

Cryptography and Security · Computer Science 2021-03-11 Christof Ferreira Torres , Antonio Ken Iannillo , Arthur Gervais , Radu State

Coverage-guided fuzz testing has received significant attention from the research community, with a strong focus on binary applications, greatly disregarding other targets, such as web applications. The importance of the World Wide Web in…

Cryptography and Security · Computer Science 2024-07-02 Sebastian Neef , Lorenz Kleissner , Jean-Pierre Seifert