English
Related papers

Related papers: Automatic detection of access control vulnerabilit…

200 papers

Securing critical assets in a bus-based System-On-Chip (SoC) is imperative to mitigate potential vulnerabilities and prevent unauthorized access, ensuring the integrity, availability, and confidentiality of the system. Ensuring security…

Cryptography and Security · Computer Science 2023-08-15 Sudipta Paria , Aritra Dasgupta , Swarup Bhunia

Since its inception, Rowhammer exploits have rapidly evolved into increasingly sophisticated threats compromising data integrity and the control flow integrity of victim processes. Nevertheless, it remains a challenge for an attacker to…

Cryptography and Security · Computer Science 2025-05-06 Andrew Adiletta , M. Caner Tol , Kemal Derya , Berk Sunar , Saad Islam

The increasing use of Internet of Things (IoT) devices has led to a rise in security related concerns regarding IoT Networks. The surveillance cameras in IoT networks are vulnerable to security threats such as brute force and zero-day…

Cryptography and Security · Computer Science 2025-09-09 Umair Amjid , M. Umar Khan , S. A. Manan Kirmani

Large language model (LLM) agents are widely deployed in real-world applications, where they leverage tools to retrieve and manipulate external data for complex tasks. However, when interacting with untrusted data sources (e.g., fetching…

Cryptography and Security · Computer Science 2025-08-22 Hengyu An , Jinghuai Zhang , Tianyu Du , Chunyi Zhou , Qingming Li , Tao Lin , Shouling Ji

Web applications continue to be a favorite target for hackers due to a combination of wide adoption and rapid deployment cycles, which often lead to the introduction of high impact vulnerabilities. Static analysis tools are important to…

Cryptography and Security · Computer Science 2022-01-19 Ibéria Medeiros , Nuno Neves , Miguel Correia

Modern machine learning (ML) systems demand substantial training data, often resorting to external sources. Nevertheless, this practice renders them vulnerable to backdoor poisoning attacks. Prior backdoor defense strategies have primarily…

Machine Learning · Computer Science 2024-03-19 Soumyadeep Pal , Yuguang Yao , Ren Wang , Bingquan Shen , Sijia Liu

Android is a widely used operating system that employs a permission-based access control model. The Android Permissions System (APS) is responsible for mediating application resource requests. APS is a critical component of the Android…

Cryptography and Security · Computer Science 2022-08-24 Amirhosein Sayyadabdi , Behrouz Tork Ladani , Bahman Zamani

Broken Access Control (BAC) remains one of the most critical and widespread vulnerabilities in web applications, allowing attackers to access unauthorized resources or perform privileged actions. Despite its severity, BAC is underexplored…

Cryptography and Security · Computer Science 2025-07-23 I Putu Arya Dharmaadi , Mohannad Alhanahnah , Van-Thuan Pham , Fadi Mohsen , Fatih Turkmen

Intentional threats are a major risk factor related to vulnerabilities in critical infrastructure assets, and an accurate risk assessment is necessary to analyze threats, assess vulnerabilities, and evaluate potential impacts on assets and…

Cryptography and Security · Computer Science 2025-11-18 Herman Errico

Model Extraction attacks exploit the target model's prediction API to create a surrogate model in order to steal or reconnoiter the functionality of the target model in the black-box setting. Several recent studies have shown that a…

Machine Learning · Computer Science 2022-02-25 Amir Mahdi Sadeghzadeh , Amir Mohammad Sobhanian , Faezeh Dehghan , Rasool Jalili

Low-code development frameworks for IoT platforms offer a simple drag-and-drop mechanism to create applications for the billions of existing IoT devices without the need for extensive programming knowledge. The security of such software is…

Cryptography and Security · Computer Science 2025-02-14 Simon Schneider , Komal Kashish , Katja Tuma , Riccardo Scandariato

Deep anomaly detection on sequential data has garnered significant attention due to the wide application scenarios. However, deep learning-based models face a critical security threat - their vulnerability to backdoor attacks. In this…

Machine Learning · Computer Science 2024-02-19 He Cheng , Shuhan Yuan

Endpoint Detection and Response (EDR) solutions embrace the method of attack provenance graph to discover unknown threats through system event correlation. However, this method still faces some unsolved problems in the fields of…

Cryptography and Security · Computer Science 2026-02-18 Peilun Wu , Nan Sun , Nour Moustafa , Youyang Qu , Ming Ding

We present a new type of attack in which source code is maliciously encoded so that it appears different to a compiler and to the human eye. This attack exploits subtleties in text-encoding standards such as Unicode to produce source code…

Cryptography and Security · Computer Science 2023-03-09 Nicholas Boucher , Ross Anderson

In today's digital age, our dependence on IoT (Internet of Things) and IIoT (Industrial IoT) systems has grown immensely, which facilitates sensitive activities such as banking transactions and personal, enterprise data, and legal document…

Cryptography and Security · Computer Science 2024-03-21 Md. Ashraf Uddin , Sunil Aryal , Mohamed Reda Bouadjenek , Muna Al-Hawawreh , Md. Alamin Talukder

Property Directed Reachability (PDR) is a powerful algorithm for formal verification of hardware and software systems, but its performance is highly sensitive to parameter configurations. Manual parameter tuning is time-consuming and…

Hardware Architecture · Computer Science 2026-04-01 Guangyu Hu , Chen Chen , Xiaofeng Zhou , Jiaxi Zhang , Wei Zhang , Hongce Zhang

Tool-Based Agent Systems (TBAS) allow Language Models (LMs) to use external tools for tasks beyond their standalone capabilities, such as searching websites, booking flights, or making financial transactions. However, these tools greatly…

Cryptography and Security · Computer Science 2025-02-17 Peter Yong Zhong , Siyuan Chen , Ruiqi Wang , McKenna McCall , Ben L. Titzer , Heather Miller , Phillip B. Gibbons

In every enterprise database, administrators must define an access control policy that specifies which users have access to which tables. Access control straddles two worlds: policy (organization-level principles that define who should have…

Databases · Computer Science 2025-05-23 Pranav Subramaniam , Sanjay Krishnan

Presentation Attack Detection (PAD) systems are usually designed independently of the fingerprint verification system. While this can be acceptable for use cases where specific user templates are not predetermined, it represents a missed…

Computer Vision and Pattern Recognition · Computer Science 2025-04-16 Marco Micheletto , Giulia Orrù , Luca Ghiani , Gian Luca Marcialis

Vulnerability Discovery with attack Injection security threats are increasing for the server software, when software is developed, the software tested for the functionality. Due to unawareness of software vulnerabilities most of the…

Networking and Internet Architecture · Computer Science 2014-02-12 G. Vijay Kumar , Ravikumar S. Raykundaliya , Dr. P. Naga Prasad